def test_modify_repo_group_share_permission(self): # user share repo to tmp user self.share_repo_to_group_with_rw_permission() shared_groups = seafile_api.list_repo_shared_group( self.user_name, self.repo_id) for e in shared_groups: if e.group_id == self.group_id: permission = e.perm break assert permission == 'rw' self.login_as(self.admin) modified_perm = 'r' data = 'repo_id=%s&share_type=%s&permission=%s&share_to=%s' % \ (self.repo_id, 'group', modified_perm, self.group_id) resp = self.client.put(self.url, data, 'application/x-www-form-urlencoded') self.assertEqual(200, resp.status_code) shared_groups = seafile_api.list_repo_shared_group( self.user_name, self.repo_id) for e in shared_groups: if e.group_id == self.group_id: permission = e.perm break assert permission == modified_perm
def test_delete_repo_group_share_admin_permission(self): self.share_repo_to_group_with_admin_permission() shared_groups = seafile_api.list_repo_shared_group( self.user_name, self.repo_id) for e in shared_groups: if e.group_id == self.group_id: permission = e.perm break assert permission == 'rw' self.login_as(self.admin) resp = self.client.get(self.url + self.para + '&share_type=group') json_resp = json.loads(resp.content) self.assertEqual(200, resp.status_code) assert json_resp[0]['repo_id'] == self.repo_id assert json_resp[0]['path'] == '/' assert json_resp[0]['share_type'] == 'group' assert json_resp[0]['group_id'] == self.group_id assert json_resp[0]['permission'] == 'rw' assert json_resp[0]['is_admin'] == True data = 'repo_id=%s&share_type=%s&share_to=%s' % \ (self.repo_id, 'group', self.group_id) resp = self.client.delete(self.url, data, 'application/x-www-form-urlencoded') self.assertEqual(200, resp.status_code)
def list_group_shared_items(self, request, repo_id, path): username = request.user.username if path == '/': share_items = seafile_api.list_repo_shared_group(username, repo_id) else: share_items = seafile_api.get_shared_groups_for_subdir( repo_id, path, username) ret = [] for item in share_items: ret.append({ "share_type": "group", "group_info": { "id": item.group_id, "name": seaserv.get_group(item.group_id).group_name, }, "permission": item.perm, }) return ret
def list_group_shared_items(self, request, repo_id, path): username = request.user.username if path == '/': share_items = seafile_api.list_repo_shared_group(username, repo_id) else: share_items = seafile_api.get_shared_groups_for_subdir(repo_id, path, username) ret = [] for item in share_items: ret.append({ "share_type": "group", "group_info": { "id": item.group_id, "name": seaserv.get_group(item.group_id).group_name, }, "permission": item.perm, }) return ret
def show_share_info(user, show_groupmembers=False): shared_repos = seafile_api.get_share_out_repo_list(user, -1, -1) shared_repos += seafile_api.get_group_repos_by_owner(user) shown_repos = set() if show_groupmembers: groups = {} for repo in shared_repos: if repo.repo_id in shown_repos: continue shown_repos.add(repo.repo_id) if repo.is_virtual: print("Folder %s of Repo %s, shared to:" % (repo.origin_path, repo.origin_repo_id)) else: print("Repo %s (%s), shared to:" % (repo.repo_id, repo.name)) sgroups = seafile_api.list_repo_shared_group(user, repo.repo_id) print("groups:") for sgroup in sgroups: print("%s (%d), %s" % (ccnet_api.get_group( sgroup.group_id).group_name, sgroup.group_id, sgroup.perm)) if show_groupmembers: groups[sgroup.group_id] = sgroup susers = seafile_api.list_repo_shared_to(user, repo.repo_id) print("users:") for suser in susers: print("%s, %s" % (suser.user, suser.perm)) print("\n") if show_groupmembers: print("\ngroup memberships:") for group in groups.values(): print("group %s (%d):" % (ccnet_api.get_group( group.group_id).group_name, group.group_id)) gusers = ccnet_api.get_group_members(group.group_id) for guser in gusers: print("%s" % (guser.user_name)) print("")
def test_delete_repo_group_share_permission(self): self.share_repo_to_group_with_rw_permission() shared_groups = seafile_api.list_repo_shared_group( self.user_name, self.repo_id) for e in shared_groups: if e.group_id == self.group_id: permission = e.perm break assert permission == 'rw' self.login_as(self.admin) data = 'repo_id=%s&share_type=%s&share_to=%s' % \ (self.repo_id, 'user', self.tmp_user_email) resp = self.client.delete(self.url, data, 'application/x-www-form-urlencoded') self.assertEqual(200, resp.status_code)
def delete(self, request, repo_id, format=None): username = request.user.username repo = seafile_api.get_repo(repo_id) if not repo: return api_error(status.HTTP_404_NOT_FOUND, 'Library %s not found.' % repo_id) path = request.GET.get('p', '/') if seafile_api.get_dir_id_by_path(repo.id, path) is None: return api_error(status.HTTP_404_NOT_FOUND, 'Folder %s not found.' % path) if username != self.get_repo_owner(request, repo_id): return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') shared_to_user, shared_to_group = self.handle_shared_to_args(request) if path == '/': shared_repo = repo else: try: sub_repo = self.get_sub_repo_by_path(request, repo, path) if sub_repo: shared_repo = sub_repo else: return api_error(status.HTTP_404_NOT_FOUND, 'Sub-library not found.') except SearpcError as e: logger.error(e) return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, 'Failed to get sub-library.') if shared_to_user: shared_to = request.GET.get('username') if shared_to is None or not is_valid_username(shared_to): return api_error(status.HTTP_400_BAD_REQUEST, 'Email %s invalid.' % share_to) try: User.objects.get(email=shared_to) except User.DoesNotExist: return api_error(status.HTTP_400_BAD_REQUEST, 'Invalid user, should be registered') if is_org_context(request): org_id = request.user.org.org_id seaserv.seafserv_threaded_rpc.org_remove_share( org_id, shared_repo.id, username, shared_to) else: seaserv.remove_share(shared_repo.id, username, shared_to) permission = seafile_api.check_permission_by_path( repo.id, path, shared_to) send_perm_audit_msg('delete-repo-perm', username, shared_to, repo_id, path, permission) if shared_to_group: group_id = request.GET.get('group_id') try: group_id = int(group_id) except ValueError: return api_error(status.HTTP_400_BAD_REQUEST, 'group_id %s invalid' % group_id) # hacky way to get group repo permission permission = '' for e in seafile_api.list_repo_shared_group( username, shared_repo.id): if e.group_id == group_id: permission = e.perm break if is_org_context(request): org_id = request.user.org.org_id seaserv.del_org_group_repo(shared_repo.id, org_id, group_id) else: seafile_api.unset_group_repo(shared_repo.id, group_id, username) send_perm_audit_msg('delete-repo-perm', username, group_id, repo_id, path, permission) return HttpResponse(json.dumps({'success': True}), status=200, content_type=json_content_type)
def delete(self, request, repo_id, format=None): username = request.user.username repo = seafile_api.get_repo(repo_id) if not repo: return api_error(status.HTTP_404_NOT_FOUND, 'Library %s not found.' % repo_id) path = request.GET.get('p', '/') if seafile_api.get_dir_id_by_path(repo.id, path) is None: return api_error(status.HTTP_404_NOT_FOUND, 'Folder %s not found.' % path) if username != self.get_repo_owner(request, repo_id): return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') shared_to_user, shared_to_group = self.handle_shared_to_args(request) if path == '/': shared_repo = repo else: try: sub_repo = self.get_sub_repo_by_path(request, repo, path) if sub_repo: shared_repo = sub_repo else: return api_error(status.HTTP_404_NOT_FOUND, 'Sub-library not found.') except SearpcError as e: logger.error(e) return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, 'Failed to get sub-library.') if shared_to_user: shared_to = request.GET.get('username') if shared_to is None or not is_valid_username(shared_to): return api_error(status.HTTP_400_BAD_REQUEST, 'Email %s invalid.' % shared_to) try: User.objects.get(email=shared_to) except User.DoesNotExist: return api_error(status.HTTP_400_BAD_REQUEST, 'Invalid user, should be registered') if is_org_context(request): org_id = request.user.org.org_id seaserv.seafserv_threaded_rpc.org_remove_share( org_id, shared_repo.id, username, shared_to) else: seaserv.remove_share(shared_repo.id, username, shared_to) permission = seafile_api.check_permission_by_path(repo.id, path, shared_to) send_perm_audit_msg('delete-repo-perm', username, shared_to, repo_id, path, permission) if shared_to_group: group_id = request.GET.get('group_id') try: group_id = int(group_id) except ValueError: return api_error(status.HTTP_400_BAD_REQUEST, 'group_id %s invalid' % group_id) # hacky way to get group repo permission permission = '' for e in seafile_api.list_repo_shared_group(username, shared_repo.id): if e.group_id == group_id: permission = e.perm break if is_org_context(request): org_id = request.user.org.org_id seaserv.del_org_group_repo(shared_repo.id, org_id, group_id) else: seafile_api.unset_group_repo(shared_repo.id, group_id, username) send_perm_audit_msg('delete-repo-perm', username, group_id, repo_id, path, permission) return HttpResponse(json.dumps({'success': True}), status=200, content_type=json_content_type)
def delete(self, request, repo_id, format=None): username = request.user.username repo = seafile_api.get_repo(repo_id) if not repo: return api_error(status.HTTP_404_NOT_FOUND, 'Library %s not found.' % repo_id) path = request.GET.get('p', '/') if seafile_api.get_dir_id_by_path(repo.id, path) is None: return api_error(status.HTTP_404_NOT_FOUND, 'Folder %s not found.' % path) # check permission shared_to_user, shared_to_group = self.handle_shared_to_args(request) if shared_to_user: shared_to = request.GET.get('username') if shared_to is None or not is_valid_username(shared_to): return api_error(status.HTTP_400_BAD_REQUEST, 'Email %s invalid.' % shared_to) if username != self.get_repo_owner(request, repo_id) and \ ExtraSharePermission.objects.get_user_permission(repo_id, username) != PERMISSION_ADMIN: return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') else: if username != self.get_repo_owner(request, repo_id): return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') if shared_to_user: # if user not found, permission will be None permission = seafile_api.check_permission_by_path( repo_id, '/', shared_to) if is_org_context(request): username = seafile_api.get_org_repo_owner(repo_id) org_id = request.user.org.org_id if path == '/': seaserv.seafserv_threaded_rpc.org_remove_share( org_id, repo_id, username, shared_to) else: seafile_api.org_unshare_subdir_for_user( org_id, repo_id, path, username, shared_to) else: username = seafile_api.get_repo_owner(repo_id) if path == '/': seaserv.remove_share(repo_id, username, shared_to) else: seafile_api.unshare_subdir_for_user( repo_id, path, username, shared_to) # Delete share permission at ExtraSharePermission table. if path == '/': ExtraSharePermission.objects.delete_share_permission( repo_id, shared_to) send_perm_audit_msg('delete-repo-perm', username, shared_to, repo_id, path, permission) if shared_to_group: group_id = request.GET.get('group_id') try: group_id = int(group_id) except ValueError: return api_error(status.HTTP_400_BAD_REQUEST, 'group_id %s invalid' % group_id) # hacky way to get group repo permission permission = '' if is_org_context(request): org_id = request.user.org.org_id shared_groups = seafile_api.list_org_repo_shared_group( org_id, username, repo_id) else: shared_groups = seafile_api.list_repo_shared_group( username, repo_id) for e in shared_groups: if e.group_id == group_id: permission = e.perm break if is_org_context(request): org_id = request.user.org.org_id if path == '/': seaserv.del_org_group_repo(repo_id, org_id, group_id) else: seafile_api.org_unshare_subdir_for_group( org_id, repo_id, path, username, group_id) else: if path == '/': seafile_api.unset_group_repo(repo_id, group_id, username) else: seafile_api.unshare_subdir_for_group( repo_id, path, username, group_id) send_perm_audit_msg('delete-repo-perm', username, group_id, repo_id, path, permission) return HttpResponse(json.dumps({'success': True}), status=200, content_type=json_content_type)
def delete(self, request, repo_id, format=None): username = request.user.username repo = seafile_api.get_repo(repo_id) if not repo: return api_error(status.HTTP_404_NOT_FOUND, 'Library %s not found.' % repo_id) path = request.GET.get('p', '/') if seafile_api.get_dir_id_by_path(repo.id, path) is None: return api_error(status.HTTP_404_NOT_FOUND, 'Folder %s not found.' % path) if username != self.get_repo_owner(request, repo_id): return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') shared_to_user, shared_to_group = self.handle_shared_to_args(request) if shared_to_user: shared_to = request.GET.get('username') if shared_to is None or not is_valid_username(shared_to): return api_error(status.HTTP_400_BAD_REQUEST, 'Email %s invalid.' % shared_to) # if user not found, permission will be None permission = seafile_api.check_permission_by_path( repo_id, '/', shared_to) if is_org_context(request): org_id = request.user.org.org_id if path == '/': seaserv.seafserv_threaded_rpc.org_remove_share( org_id, repo_id, username, shared_to) else: seafile_api.org_unshare_subdir_for_user( org_id, repo_id, path, username, shared_to) else: if path == '/': seaserv.remove_share(repo_id, username, shared_to) else: seafile_api.unshare_subdir_for_user( repo_id, path, username, shared_to) send_perm_audit_msg('delete-repo-perm', username, shared_to, repo_id, path, permission) if shared_to_group: group_id = request.GET.get('group_id') try: group_id = int(group_id) except ValueError: return api_error(status.HTTP_400_BAD_REQUEST, 'group_id %s invalid' % group_id) # hacky way to get group repo permission permission = '' if is_org_context(request): org_id = request.user.org.org_id shared_groups = seafile_api.list_org_repo_shared_group( org_id, username, repo_id) else: shared_groups = seafile_api.list_repo_shared_group( username, repo_id) for e in shared_groups: if e.group_id == group_id: permission = e.perm break if is_org_context(request): org_id = request.user.org.org_id if path == '/': seaserv.del_org_group_repo(repo_id, org_id, group_id) else: seafile_api.org_unshare_subdir_for_group( org_id, repo_id, path, username, group_id) else: if path == '/': seafile_api.unset_group_repo(repo_id, group_id, username) else: seafile_api.unshare_subdir_for_group( repo_id, path, username, group_id) send_perm_audit_msg('delete-repo-perm', username, group_id, repo_id, path, permission) return HttpResponse(json.dumps({'success': True}), status=200, content_type=json_content_type)
def delete(self, request, repo_id, format=None): username = request.user.username repo = seafile_api.get_repo(repo_id) if not repo: return api_error(status.HTTP_400_BAD_REQUEST, 'Repo not found.') shared_to_user, shared_to_group = self.handle_shared_to_args(request) path = request.GET.get('p', '/') if seafile_api.get_dir_id_by_path(repo.id, path) is None: return api_error(status.HTTP_400_BAD_REQUEST, 'Directory not found.') if path == '/': shared_repo = repo else: try: sub_repo = self.get_sub_repo_by_path(request, repo, path) if sub_repo: shared_repo = sub_repo else: return api_error(status.HTTP_400_BAD_REQUEST, 'No sub repo found') except SearpcError as e: logger.error(e) return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, 'Failed to get sub repo') if shared_to_user: shared_to = request.GET.get('username') if shared_to is None or not is_valid_username(shared_to): return api_error(status.HTTP_400_BAD_REQUEST, 'Bad argument.') if is_org_context(request): org_id = request.user.org.org_id seaserv.seafserv_threaded_rpc.org_remove_share( org_id, shared_repo.id, username, shared_to) else: seaserv.remove_share(shared_repo.id, username, shared_to) permission = seafile_api.check_permission_by_path( repo.id, path, shared_to) send_perm_audit_msg('delete-repo-perm', username, shared_to, repo_id, path, permission) if shared_to_group: group_id = request.GET.get('group_id') try: group_id = int(group_id) except ValueError: return api_error(status.HTTP_400_BAD_REQUEST, 'Bad group id') # hacky way to get group repo permission permission = '' for e in seafile_api.list_repo_shared_group( username, shared_repo.id): if e.group_id == group_id: permission = e.perm break if is_org_context(request): org_id = request.user.org.org_id seaserv.del_org_group_repo(shared_repo.id, org_id, group_id) else: seafile_api.unset_group_repo(shared_repo.id, group_id, username) send_perm_audit_msg('delete-repo-perm', username, group_id, repo_id, path, permission) return HttpResponse(json.dumps({'success': True}), status=200, content_type=json_content_type)
def delete(self, request, repo_id, format=None): username = request.user.username repo = seafile_api.get_repo(repo_id) if not repo: return api_error(status.HTTP_400_BAD_REQUEST, 'Repo not found.') shared_to_user, shared_to_group = self.handle_shared_to_args(request) path = request.GET.get('p', '/') if seafile_api.get_dir_id_by_path(repo.id, path) is None: return api_error(status.HTTP_400_BAD_REQUEST, 'Directory not found.') if path == '/': shared_repo = repo else: try: sub_repo = self.get_sub_repo_by_path(request, repo, path) if sub_repo: shared_repo = sub_repo else: return api_error(status.HTTP_400_BAD_REQUEST, 'No sub repo found') except SearpcError as e: logger.error(e) return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, 'Failed to get sub repo') if shared_to_user: shared_to = request.GET.get('username') if shared_to is None or not is_valid_username(shared_to): return api_error(status.HTTP_400_BAD_REQUEST, 'Bad argument.') if is_org_context(request): org_id = request.user.org.org_id seaserv.seafserv_threaded_rpc.org_remove_share( org_id, shared_repo.id, username, shared_to) else: seaserv.remove_share(shared_repo.id, username, shared_to) permission = seafile_api.check_permission_by_path(repo.id, path, shared_to) send_perm_audit_msg('delete-repo-perm', username, shared_to, repo_id, path, permission) if shared_to_group: group_id = request.GET.get('group_id') try: group_id = int(group_id) except ValueError: return api_error(status.HTTP_400_BAD_REQUEST, 'Bad group id') # hacky way to get group repo permission permission = '' for e in seafile_api.list_repo_shared_group(username, shared_repo.id): if e.group_id == group_id: permission = e.perm break if is_org_context(request): org_id = request.user.org.org_id seaserv.del_org_group_repo(shared_repo.id, org_id, group_id) else: seafile_api.unset_group_repo(shared_repo.id, group_id, username) send_perm_audit_msg('delete-repo-perm', username, group_id, repo_id, path, permission) return HttpResponse(json.dumps({'success': True}), status=200, content_type=json_content_type)