def list_dtable_related_users(workspace, dtable):
""" Return all users who can view this dtable.
1. owner
2. shared users
3. groups users
"""
user_list = list()
owner = workspace.owner
# 1. shared users
shared_queryset = DTableShare.objects.list_by_dtable(dtable)
user_list.extend(
[dtable_share.to_user for dtable_share in shared_queryset])
if '@seafile_group' not in owner:
# 2. owner
if owner not in user_list:
user_list.append(owner)
else:
# 3. groups users
group_id = int(owner.split('@')[0])
members = ccnet_api.get_group_members(group_id)
for member in members:
if member.user_name not in user_list:
user_list.append(member.user_name)
return user_list
def get(self, request, group_id, format=None):
"""
Get all group members.
"""
try:
avatar_size = int(request.GET.get('avatar_size',
AVATAR_DEFAULT_SIZE))
except ValueError:
avatar_size = AVATAR_DEFAULT_SIZE
try:
# only group member can get info of all group members
if not is_group_member(group_id, request.user.username):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
members = ccnet_api.get_group_members(group_id)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
group_members = []
is_admin = request.GET.get('is_admin', 'false')
for m in members:
# only return group admins
if is_admin == 'true' and not m.is_staff:
continue
member_info = get_group_member_info(request, group_id, m.user_name, avatar_size)
group_members.append(member_info)
return Response(group_members)
def get_related_users_by_repo(repo_id, org_id=None):
""" Return all users who can view this library.
1. repo owner
2. users repo has been shared to
3. members of groups repo has been shared to
"""
users = []
if org_id:
repo_owner = seafile_api.get_org_repo_owner(repo_id)
user_shared_to = seafile_api.list_org_repo_shared_to(org_id,
repo_owner, repo_id)
else:
repo_owner = seafile_api.get_repo_owner(repo_id)
user_shared_to = seafile_api.list_repo_shared_to(
repo_owner, repo_id)
# 1. repo owner
users.append(repo_owner)
# 2. users repo has been shared to
for user in user_shared_to:
users.append(user.user)
# 3. members of groups repo has been shared to
groups = get_shared_groups_by_repo(repo_id, org_id)
for group in groups:
members = ccnet_api.get_group_members(group.id)
for member in members:
if member.user_name not in users:
users.append(member.user_name)
return users
def show_members(group_id):
print("group %s (%d):" %
(ccnet_api.get_group(group_id).group_name, group_id))
gusers = ccnet_api.get_group_members(group_id)
for guser in gusers:
print("%s" % (guser.user_name))
print("")
def get_related_users_by_repo(repo_id, org_id=None):
""" Return all users who can view this library.
1. repo owner
2. users repo has been shared to
3. members of groups repo has been shared to
"""
users = []
# 1. users repo has been shared to
if org_id and org_id > 0:
users.extend(seafile_api.org_get_shared_users_by_repo(org_id, repo_id))
owner = seafile_api.get_org_repo_owner(repo_id)
else:
users.extend(seafile_api.get_shared_users_by_repo(repo_id))
owner = seafile_api.get_repo_owner(repo_id)
# 2. repo owner
if owner not in users:
users.append(owner)
# 3. members of groups repo has been shared to
groups = get_shared_groups_by_repo(repo_id, org_id)
for group in groups:
members = ccnet_api.get_group_members(group.id)
for member in members:
if member.user_name not in users:
users.append(member.user_name)
return users
def get_related_users_by_repo(repo_id, org_id=None):
""" Return all users who can view this library.
1. repo owner
2. users repo has been shared to
3. members of groups repo has been shared to
"""
users = []
if org_id:
repo_owner = seafile_api.get_org_repo_owner(repo_id)
user_shared_to = seafile_api.list_org_repo_shared_to(org_id,
repo_owner, repo_id)
else:
repo_owner = seafile_api.get_repo_owner(repo_id)
user_shared_to = seafile_api.list_repo_shared_to(
repo_owner, repo_id)
# 1. repo owner
users.append(repo_owner)
# 2. users repo has been shared to
for user in user_shared_to:
users.append(user.user)
# 3. members of groups repo has been shared to
groups = get_shared_groups_by_repo(repo_id, org_id)
for group in groups:
members = ccnet_api.get_group_members(group.id)
for member in members:
if member.user_name not in users:
users.append(member.user_name)
return users
def test_can_not_delete_if_not_admin(self):
ccnet_api.group_add_member(self.group_id, self.user_name,
self.admin_name)
# make sure member in group
members = ccnet_api.get_group_members(self.group_id)
assert len(members) == 2
self.login_as(self.user)
url = reverse('api-v2.1-admin-group-member',
args=[self.group_id, self.admin_name])
resp = self.client.delete(url)
self.assertEqual(403, resp.status_code)
# make sure member is not deleted
members = ccnet_api.get_group_members(self.group_id)
assert len(members) == 2
def test_can_not_delete_if_not_admin(self):
ccnet_api.group_add_member(self.group_id, self.user_name,
self.admin_name)
# make sure member in group
members = ccnet_api.get_group_members(self.group_id)
assert len(members) == 2
self.login_as(self.user)
url = reverse('api-v2.1-admin-group-member',
args=[self.group_id, self.admin_name])
resp = self.client.delete(url)
self.assertEqual(403, resp.status_code)
# make sure member is not deleted
members = ccnet_api.get_group_members(self.group_id)
assert len(members) == 2
def get_group_admins(group_id):
members = ccnet_api.get_group_members(group_id)
admin_members = [m for m in members if m.is_staff]
admins = []
for u in admin_members:
admins.append(u.user_name)
return admins
def get(self, request, group_id):
"""List child groups and members in an address book group."""
group_id = int(group_id)
group = ccnet_api.get_group(group_id)
if not group:
error_msg = 'Group %d not found.' % group_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
avatar_size = int(
request.GET.get('avatar_size', AVATAR_DEFAULT_SIZE))
except ValueError:
avatar_size = AVATAR_DEFAULT_SIZE
try:
return_ancestors = to_python_boolean(
request.GET.get('return_ancestors', 'f'))
except ValueError:
return_ancestors = False
ret_dict = address_book_group_to_dict(group)
ret_groups = []
ret_members = []
groups = ccnet_api.get_child_groups(group_id)
for group in groups:
ret_groups.append(address_book_group_to_dict(group))
try:
members = ccnet_api.get_group_members(group_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
for m in members:
member_info = self._get_address_book_group_memeber_info(
request, m, avatar_size)
if member_info['role'] == 'Owner':
continue
ret_members.append(member_info)
ret_dict['groups'] = ret_groups
ret_dict['members'] = ret_members
if return_ancestors:
# get ancestor groups and remove last group which is self
ancestor_groups = ccnet_api.get_ancestor_groups(group_id)[:-1]
ret_dict['ancestor_groups'] = [
address_book_group_to_dict(grp) for grp in ancestor_groups
]
else:
ret_dict['ancestor_groups'] = []
return Response(ret_dict)
def get(self, request, group_id):
"""List child groups and members in an address book group."""
group_id = int(group_id)
group = ccnet_api.get_group(group_id)
if not group:
error_msg = 'Group %d not found.' % group_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
avatar_size = int(request.GET.get('avatar_size',
AVATAR_DEFAULT_SIZE))
except ValueError:
avatar_size = AVATAR_DEFAULT_SIZE
try:
return_ancestors = to_python_boolean(request.GET.get(
'return_ancestors', 'f'))
except ValueError:
return_ancestors = False
ret_dict = address_book_group_to_dict(group)
ret_groups = []
ret_members = []
groups = ccnet_api.get_child_groups(group_id)
for group in groups:
ret_groups.append(address_book_group_to_dict(group))
try:
members = ccnet_api.get_group_members(group_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
for m in members:
member_info = self._get_address_book_group_memeber_info(request,
m, avatar_size)
ret_members.append(member_info)
ret_dict['groups'] = ret_groups
ret_dict['members'] = ret_members
if return_ancestors:
# get ancestor groups and remove last group which is self
ancestor_groups = ccnet_api.get_ancestor_groups(group_id)[:-1]
ret_dict['ancestor_groups'] = [address_book_group_to_dict(grp)
for grp in ancestor_groups]
else:
ret_dict['ancestor_groups'] = []
return Response(ret_dict)
def add_share_repo_to_group_msg_cb(sender, **kwargs):
"""Notify group member when others share repos to group.
"""
from_user = kwargs.get('from_user', None)
group_id = kwargs.get('group_id', None)
repo = kwargs.get('repo', None)
assert from_user and group_id and repo is not None, 'Arguments error'
members = ccnet_api.get_group_members(int(group_id))
for member in members:
to_user = member.user_name
if to_user == from_user:
continue
detail = repo_share_to_group_msg_to_json(from_user, repo.id, group_id)
UserNotification.objects.add_repo_share_to_group_msg(to_user, detail)
def add_share_repo_to_group_msg_cb(sender, **kwargs):
"""Notify group member when others share repos to group.
"""
from_user = kwargs.get('from_user', None)
group_id = kwargs.get('group_id', None)
repo = kwargs.get('repo', None)
assert from_user and group_id and repo is not None, 'Arguments error'
members = ccnet_api.get_group_members(int(group_id))
for member in members:
to_user = member.user_name
if to_user == from_user:
continue
detail = repo_share_to_group_msg_to_json(from_user, repo.id, group_id)
UserNotification.objects.add_repo_share_to_group_msg(to_user, detail)
def get(self, request, group_id, format=None):
"""
Get all group members.
"""
try:
avatar_size = int(
request.GET.get('avatar_size', AVATAR_DEFAULT_SIZE))
except ValueError:
avatar_size = AVATAR_DEFAULT_SIZE
try:
page = int(request.GET.get('page', '1'))
per_page = int(request.GET.get('per_page', '100'))
except ValueError:
page = 1
per_page = 100
start = (page - 1) * per_page
limit = per_page
try:
# only group member can get info of all group members
if not is_group_member(group_id, request.user.username):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
members = ccnet_api.get_group_members(group_id, start, limit)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
group_members = []
is_admin = request.GET.get('is_admin', 'false')
for m in members:
# only return group admins
if is_admin == 'true' and not m.is_staff:
continue
member_info = get_group_member_info(request, group_id, m.user_name,
avatar_size)
group_members.append(member_info)
return Response(group_members)
def show_share_info(user, show_groupmembers=False):
shared_repos = seafile_api.get_share_out_repo_list(user, -1, -1)
shared_repos += seafile_api.get_group_repos_by_owner(user)
shown_repos = set()
if show_groupmembers:
groups = {}
for repo in shared_repos:
if repo.repo_id in shown_repos:
continue
shown_repos.add(repo.repo_id)
if repo.is_virtual:
print("Folder %s of Repo %s, shared to:" %
(repo.origin_path, repo.origin_repo_id))
else:
print("Repo %s (%s), shared to:" % (repo.repo_id, repo.name))
sgroups = seafile_api.list_repo_shared_group(user, repo.repo_id)
print("groups:")
for sgroup in sgroups:
print("%s (%d), %s" % (ccnet_api.get_group(
sgroup.group_id).group_name, sgroup.group_id, sgroup.perm))
if show_groupmembers:
groups[sgroup.group_id] = sgroup
susers = seafile_api.list_repo_shared_to(user, repo.repo_id)
print("users:")
for suser in susers:
print("%s, %s" % (suser.user, suser.perm))
print("\n")
if show_groupmembers:
print("\ngroup memberships:")
for group in groups.values():
print("group %s (%d):" % (ccnet_api.get_group(
group.group_id).group_name, group.group_id))
gusers = ccnet_api.get_group_members(group.group_id)
for guser in gusers:
print("%s" % (guser.user_name))
print("")
def get(self, request, group_id, format=None):
""" List all group members
Permission checking:
1. only admin can perform this action.
"""
if not request.user.admin_permissions.can_manage_group():
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
group_id = int(group_id)
group = ccnet_api.get_group(group_id)
if not group:
error_msg = 'Group %d not found.' % group_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
avatar_size = int(
request.GET.get('avatar_size', AVATAR_DEFAULT_SIZE))
except ValueError:
avatar_size = AVATAR_DEFAULT_SIZE
try:
members = ccnet_api.get_group_members(group_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
group_members_info = []
for m in members:
member_info = get_group_member_info(request, group_id, m.user_name,
avatar_size)
group_members_info.append(member_info)
group_members = {
'group_id': group_id,
'group_name': group.group_name,
'members': group_members_info
}
return Response(group_members)
def get(self, request, group_id, format=None):
""" List all group members
Permission checking:
1. only admin can perform this action.
"""
group_id = int(group_id)
group = ccnet_api.get_group(group_id)
if not group:
error_msg = 'Group %d not found.' % group_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
avatar_size = int(request.GET.get('avatar_size',
AVATAR_DEFAULT_SIZE))
except ValueError:
avatar_size = AVATAR_DEFAULT_SIZE
try:
members = ccnet_api.get_group_members(group_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
group_members_info = []
for m in members:
member_info = get_group_member_info(request, group_id, m.user_name, avatar_size)
group_members_info.append(member_info)
group_members = {
'group_id': group_id,
'group_name': group.group_name,
'members': group_members_info
}
return Response(group_members)
def get(self, request, group_id, format=None):
""" List all group members
Permission checking:
1. only admin can perform this action.
"""
if not request.user.admin_permissions.can_manage_group():
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
group_id = int(group_id)
group = ccnet_api.get_group(group_id)
if not group:
error_msg = 'Group %d not found.' % group_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
avatar_size = int(
request.GET.get('avatar_size', AVATAR_DEFAULT_SIZE))
except ValueError:
avatar_size = AVATAR_DEFAULT_SIZE
try:
page = int(request.GET.get('page', '1'))
per_page = int(request.GET.get('per_page', '100'))
except ValueError:
page = 1
per_page = 100
start = (page - 1) * per_page
limit = per_page + 1
try:
members = ccnet_api.get_group_members(group_id, start, limit)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if len(members) > per_page:
members = members[:per_page]
has_next_page = True
else:
has_next_page = False
group_members_info = []
for m in members:
member_info = get_group_member_info(request, group_id, m.user_name,
avatar_size)
group_members_info.append(member_info)
group_members = {
'group_id': group_id,
'group_name': group.group_name,
'members': group_members_info,
'page_info': {
'has_next_page': has_next_page,
'current_page': page
}
}
return Response(group_members)
def get(self, request):
"""get all workspaces
"""
username = request.user.username
org_id = -1
if is_org_context(request):
org_id = request.user.org.org_id
if org_id and org_id > 0:
groups = ccnet_api.get_org_groups_by_user(org_id, username)
else:
groups = ccnet_api.get_groups(username, return_ancestors=True)
owner_list = list()
owner_list.append(username)
for group in groups:
group_user = '******' % group.id
owner_list.append(group_user)
try:
# workspaces
workspace_queryset = Workspaces.objects.filter(
owner__in=owner_list)
workspaces = list(workspace_queryset)
# user workspace
if not workspace_queryset.filter(owner=username).exists():
workspace = create_repo_and_workspace(username, org_id)
workspaces.append(workspace)
# dtables
table_queryset = DTables.objects.filter(workspace__in=workspaces,
deleted=False)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error.'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
try:
starred_dtable_uuids = set(
UserStarredDTables.objects.get_dtable_uuids_by_email(username))
except Exception as e:
starred_dtable_uuids = set()
logger.warning(e)
workspace_list = list()
for workspace in workspaces:
# resource check
repo_id = workspace.repo_id
repo = seafile_api.get_repo(repo_id)
if not repo:
logger.warning('Library %s not found.' % repo_id)
continue
res = workspace.to_dict()
tables = table_queryset.filter(workspace=workspace)
res["table_list"] = [table.to_dict() for table in tables]
for t in res['table_list']:
t['starred'] = t['uuid'].hex in starred_dtable_uuids
owner = workspace.owner
if '@seafile_group' in owner:
group_id = owner.split('@')[0]
group_members = ccnet_api.get_group_members(int(group_id))
group_admins = [
m.user_name for m in group_members if m.is_staff
]
group_owner = [
g.creator_name for g in groups if g.id == int(group_id)
][0]
res["owner_name"] = group_id_to_name(group_id)
res["owner_type"] = "Group"
res["group_id"] = group_id
res["group_owner"] = group_owner
res["group_admins"] = group_admins
else:
res["owner_name"] = email2nickname(owner)
res["owner_type"] = "Personal"
workspace_list.append(res)
if DTABLE_EVENTS_ENABLED:
timestamp = datetime.utcnow().strftime('%Y-%m-%d 00:00:00')
message = {
'username': username,
'timestamp': timestamp,
'org_id': org_id
}
try:
events_redis_connection.publish('user-activity-statistic',
json.dumps(message))
except Exception as e:
logger.error("Failed to publish message: %s " % e)
return Response({"workspace_list": workspace_list},
status=status.HTTP_200_OK)
