def sys_repo_delete(request, repo_id): """Delete a repo. """ next_page = request.META.get('HTTP_REFERER', None) if not next_page: next_page = HASH_URLS['SYS_REPO_ADMIN'] if get_system_default_repo_id() == repo_id: messages.error(request, _('System library can not be deleted.')) return HttpResponseRedirect(next_page) repo = seafile_api.get_repo(repo_id) if repo: # Handle the case that repo is `None`. repo_name = repo.name else: repo_name = '' repo_owner = get_repo_owner(request, repo_id) try: org_id = seafile_api.get_org_id_by_repo_id(repo_id) usernames = get_related_users_by_repo(repo_id, org_id if org_id and org_id > 0 else None) except Exception as e: logger.error(e) org_id = -1 usernames = [] seafile_api.remove_repo(repo_id) repo_deleted.send(sender=None, org_id=org_id, operator=request.user.username, usernames=usernames, repo_owner=repo_owner, repo_id=repo_id, repo_name=repo_name) messages.success(request, _('Successfully deleted.')) return HttpResponseRedirect(next_page)
def put(self, request, repo_id, format=None): """ update a library status, transfer a library, rename a library Permission checking: 1. only admin can perform this action. """ # argument check new_status = request.data.get('status', None) if new_status: if new_status not in ('normal', 'read-only'): error_msg = 'status invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) new_repo_name = request.data.get('name', None) if new_repo_name: if not is_valid_dirent_name(new_repo_name): error_msg = 'name invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) new_owner = request.data.get('owner', None) if new_owner: if not is_valid_email(new_owner): error_msg = 'owner invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # resource check repo = seafile_api.get_repo(repo_id) if not repo: error_msg = 'Library %s not found.' % repo_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) if new_status: try: seafile_api.set_repo_status(repo_id, normalize_repo_status_str(new_status)) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) if new_repo_name: try: res = seafile_api.edit_repo(repo_id, new_repo_name, '', None) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) if res == -1: e = 'Admin rename failed: ID of library is %s, edit_repo api called failed.' % \ repo_id logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) if new_owner: try: new_owner_obj = User.objects.get(email=new_owner) except User.DoesNotExist: error_msg = 'User %s not found.' % new_owner return api_error(status.HTTP_404_NOT_FOUND, error_msg) if not new_owner_obj.permissions.can_add_repo(): error_msg = _('Transfer failed: role of %s is %s, can not add library.') % \ (new_owner, new_owner_obj.role) return api_error(status.HTTP_403_FORBIDDEN, error_msg) if MULTI_TENANCY: try: if seafile_api.get_org_id_by_repo_id(repo_id) > 0: error_msg = 'Can not transfer organization library.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) if ccnet_api.get_orgs_by_user(new_owner): error_msg = 'Can not transfer library to organization user %s' % new_owner return api_error(status.HTTP_403_FORBIDDEN, error_msg) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) repo_owner = seafile_api.get_repo_owner(repo_id) if new_owner == repo_owner: error_msg = _("Library can not be transferred to owner.") return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # get repo shared to user/group list shared_users = seafile_api.list_repo_shared_to( repo_owner, repo_id) shared_groups = seafile_api.list_repo_shared_group_by_user( repo_owner, repo_id) # get all pub repos pub_repos = [] if not request.cloud_mode: pub_repos = seafile_api.list_inner_pub_repos_by_owner(repo_owner) # transfer repo seafile_api.set_repo_owner(repo_id, new_owner) # reshare repo to user for shared_user in shared_users: shared_username = shared_user.user if new_owner == shared_username: continue seafile_api.share_repo(repo_id, new_owner, shared_username, shared_user.perm) # reshare repo to group for shared_group in shared_groups: shared_group_id = shared_group.group_id if not is_group_member(shared_group_id, new_owner): continue seafile_api.set_group_repo(repo_id, shared_group_id, new_owner, shared_group.perm) # reshare repo to links try: UploadLinkShare.objects.filter(username=repo_owner, repo_id=repo_id).update(username=new_owner) FileShare.objects.filter(username=repo_owner, repo_id=repo_id).update(username=new_owner) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # check if current repo is pub-repo # if YES, reshare current repo to public for pub_repo in pub_repos: if repo_id != pub_repo.id: continue seafile_api.add_inner_pub_repo(repo_id, pub_repo.permission) break # send admin operation log signal admin_op_detail = { "id": repo_id, "name": repo.name, "from": repo_owner, "to": new_owner, } admin_operation.send(sender=None, admin_name=request.user.username, operation=REPO_TRANSFER, detail=admin_op_detail) repo = seafile_api.get_repo(repo_id) repo_info = get_repo_info(repo) return Response(repo_info)
def delete(self, request, repo_id, format=None): """ delete a library Permission checking: 1. only admin can perform this action. """ if get_system_default_repo_id() == repo_id: error_msg = _('System library can not be deleted.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) repo = seafile_api.get_repo(repo_id) if not repo: # for case of `seafile-data` has been damaged # no `repo object` will be returned from seafile api # delete the database record anyway try: seafile_api.remove_repo(repo_id) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) return Response({'success': True}) repo_name = repo.name repo_owner = seafile_api.get_repo_owner(repo_id) if not repo_owner: repo_owner = seafile_api.get_org_repo_owner(repo_id) try: seafile_api.remove_repo(repo_id) try: org_id = seafile_api.get_org_id_by_repo_id(repo_id) related_usernames = get_related_users_by_repo(repo_id, org_id if org_id and org_id > 0 else None) except Exception as e: logger.error(e) org_id = -1 related_usernames = [] # send signal for seafevents repo_deleted.send(sender=None, org_id=-1, operator=request.user.username, usernames=related_usernames, repo_owner=repo_owner, repo_id=repo_id, repo_name=repo.name) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # send admin operation log signal admin_op_detail = { "id": repo_id, "name": repo_name, "owner": repo_owner, } admin_operation.send(sender=None, admin_name=request.user.username, operation=REPO_DELETE, detail=admin_op_detail) return Response({'success': True})
def is_org_repo(org_id, repo_id): return True if seafile_api.get_org_id_by_repo_id( repo_id) == org_id else False
def get(self, request): """ Get all file access logs. Permission checking: 1. only admin can perform this action. """ if not request.user.admin_permissions.can_view_user_log(): return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') try: current_page = int(request.GET.get('page', '1')) per_page = int(request.GET.get('per_page', '100')) except ValueError: current_page = 1 per_page = 100 user_selected = request.GET.get('email', None) if user_selected and not is_valid_email(user_selected): error_msg = 'email %s invalid.' % user_selected return api_error(status.HTTP_400_BAD_REQUEST, error_msg) repo_id_selected = request.GET.get('repo_id', None) if repo_id_selected and not is_valid_repo_id_format(repo_id_selected): error_msg = 'repo_id %s invalid.' % repo_id_selected return api_error(status.HTTP_400_BAD_REQUEST, error_msg) start = per_page * (current_page - 1) limit = per_page + 1 if user_selected: org_id = -1 orgs = ccnet_api.get_orgs_by_user(user_selected) if orgs: org_id = orgs[0].org_id elif repo_id_selected: org_id = seafile_api.get_org_id_by_repo_id(repo_id_selected) else: org_id = 0 # org_id = 0, show all file audit events = get_file_audit_events(user_selected, org_id, repo_id_selected, start, limit) or [] if len(events) > per_page: events = events[:per_page] has_next_page = True else: has_next_page = False # Use dict to reduce memcache fetch cost in large for-loop. nickname_dict = {} contact_email_dict = {} repo_dict = {} user_email_set = set() repo_id_set = set() for event in events: user_email_set.add(event.user) repo_id_set.add(event.repo_id) for e in user_email_set: if e not in nickname_dict: nickname_dict[e] = email2nickname(e) if e not in contact_email_dict: contact_email_dict[e] = email2contact_email(e) for e in repo_id_set: if e not in repo_dict: repo_dict[e] = seafile_api.get_repo(e) events_info = [] for ev in events: data = {} user_email = ev.user data['email'] = user_email data['name'] = nickname_dict.get(user_email, '') data['contact_email'] = contact_email_dict.get(user_email, '') data['ip'] = ev.ip data['event_type'], data[ 'device'] = generate_file_audit_event_type(ev) data['time'] = utc_datetime_to_isoformat_timestr(ev.timestamp) repo_id = ev.repo_id data['repo_id'] = repo_id repo = repo_dict.get(repo_id, None) data['repo_name'] = repo.name if repo else '' if ev.file_path.endswith('/'): data[ 'file_or_dir_name'] = '/' if ev.file_path == '/' else os.path.basename( ev.file_path.rstrip('/')) else: data['file_or_dir_name'] = os.path.basename(ev.file_path) events_info.append(data) resp = { 'file_access_log_list': events_info, 'has_next_page': has_next_page, } return Response(resp)
def put(self, request, repo_id, format=None): """ transfer a library, rename a library Permission checking: 1. only admin can perform this action. """ repo = seafile_api.get_repo(repo_id) if not repo: error_msg = 'Library %s not found.' % repo_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) new_repo_name = request.data.get('name', None) if new_repo_name: try: res = seafile_api.edit_repo(repo_id, new_repo_name, '', None) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) if res == -1: e = 'Admin rename failed: ID of library is %s, edit_repo api called failed.' % \ repo_id logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) new_owner = request.data.get('owner', None) if new_owner: try: new_owner_obj = User.objects.get(email=new_owner) except User.DoesNotExist: error_msg = 'User %s not found.' % new_owner return api_error(status.HTTP_404_NOT_FOUND, error_msg) if not new_owner_obj.permissions.can_add_repo(): error_msg = _(u'Transfer failed: role of %s is %s, can not add library.') % \ (new_owner, new_owner_obj.role) return api_error(status.HTTP_403_FORBIDDEN, error_msg) if MULTI_TENANCY: try: if seafile_api.get_org_id_by_repo_id(repo_id) > 0: error_msg = 'Can not transfer organization library.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) if ccnet_api.get_orgs_by_user(new_owner): error_msg = 'Can not transfer library to organization user %s' % new_owner return api_error(status.HTTP_403_FORBIDDEN, error_msg) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) repo_owner = seafile_api.get_repo_owner(repo_id) if new_owner == repo_owner: error_msg = _(u"Library can not be transferred to owner.") return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # get repo shared to user/group list shared_users = seafile_api.list_repo_shared_to( repo_owner, repo_id) shared_groups = seafile_api.list_repo_shared_group_by_user( repo_owner, repo_id) # get all pub repos pub_repos = [] if not request.cloud_mode: pub_repos = seafile_api.list_inner_pub_repos_by_owner(repo_owner) # transfer repo seafile_api.set_repo_owner(repo_id, new_owner) # reshare repo to user for shared_user in shared_users: shared_username = shared_user.user if new_owner == shared_username: continue seafile_api.share_repo(repo_id, new_owner, shared_username, shared_user.perm) # reshare repo to group for shared_group in shared_groups: shared_group_id = shared_group.group_id if not is_group_member(shared_group_id, new_owner): continue seafile_api.set_group_repo(repo_id, shared_group_id, new_owner, shared_group.perm) # reshare repo to links try: UploadLinkShare.objects.filter(username=repo_owner, repo_id=repo_id).update(username=new_owner) FileShare.objects.filter(username=repo_owner, repo_id=repo_id).update(username=new_owner) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # check if current repo is pub-repo # if YES, reshare current repo to public for pub_repo in pub_repos: if repo_id != pub_repo.id: continue seafile_api.add_inner_pub_repo(repo_id, pub_repo.permission) break # send admin operation log signal admin_op_detail = { "id": repo_id, "name": repo.name, "from": repo_owner, "to": new_owner, } admin_operation.send(sender=None, admin_name=request.user.username, operation=REPO_TRANSFER, detail=admin_op_detail) repo = seafile_api.get_repo(repo_id) repo_info = get_repo_info(repo) return Response(repo_info)
def delete(self, request, repo_id, format=None): """ delete a library Permission checking: 1. only admin can perform this action. """ if get_system_default_repo_id() == repo_id: error_msg = _('System library can not be deleted.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) repo = seafile_api.get_repo(repo_id) if not repo: # for case of `seafile-data` has been damaged # no `repo object` will be returned from seafile api # delete the database record anyway try: seafile_api.remove_repo(repo_id) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) return Response({'success': True}) repo_name = repo.name repo_owner = seafile_api.get_repo_owner(repo_id) if not repo_owner: repo_owner = seafile_api.get_org_repo_owner(repo_id) try: seafile_api.remove_repo(repo_id) try: org_id = seafile_api.get_org_id_by_repo_id(repo_id) related_usernames = get_related_users_by_repo(repo_id, org_id if org_id > 0 else None) except Exception as e: logger.error(e) org_id = -1 related_usernames = [] # send signal for seafevents repo_deleted.send(sender=None, org_id=-1, operator=request.user.username, usernames=related_usernames, repo_owner=repo_owner, repo_id=repo_id, repo_name=repo.name) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) # send admin operation log signal admin_op_detail = { "id": repo_id, "name": repo_name, "owner": repo_owner, } admin_operation.send(sender=None, admin_name=request.user.username, operation=REPO_DELETE, detail=admin_op_detail) return Response({'success': True})