def update_user_dir_permission(repo_id, path, owner, share_to, permission, org_id=None): # Update the user's permission(r, rw, admin) in the repo or subdir. extra_share_permission = '' if permission == PERMISSION_ADMIN: extra_share_permission = permission permission = PERMISSION_READ_WRITE if org_id: if path == '/': seafile_api.org_set_share_permission( org_id, repo_id, owner, share_to, permission) else: seafile_api.org_update_share_subdir_perm_for_user( org_id, repo_id, path, owner, share_to, permission) else: if path == '/': seafile_api.set_share_permission( repo_id, owner, share_to, permission) else: seafile_api.update_share_subdir_perm_for_user( repo_id, path, owner, share_to, permission) if path == '/': ExtraSharePermission.objects.update_share_permission(repo_id, share_to, extra_share_permission)
def update_user_dir_permission(repo_id, path, owner, share_to, permission, org_id=None): # Update the user's permission(r, rw, admin) in the repo or subdir. extra_share_permission = '' if permission == PERMISSION_ADMIN: extra_share_permission = permission permission = PERMISSION_READ_WRITE if is_valid_org_id(org_id): if path == '/': seafile_api.org_set_share_permission( org_id, repo_id, owner, share_to, permission) else: seafile_api.org_update_share_subdir_perm_for_user( org_id, repo_id, path, owner, share_to, permission) else: if path == '/': seafile_api.set_share_permission( repo_id, owner, share_to, permission) else: seafile_api.update_share_subdir_perm_for_user( repo_id, path, owner, share_to, permission) if path == '/': ExtraSharePermission.objects.update_share_permission(repo_id, share_to, extra_share_permission)
def post(self, request, repo_id, format=None): """Update shared item permission. """ username = request.user.username repo = seafile_api.get_repo(repo_id) if not repo: return api_error(status.HTTP_404_NOT_FOUND, 'Library %s not found.' % repo_id) path = request.GET.get('p', '/') if seafile_api.get_dir_id_by_path(repo.id, path) is None: return api_error(status.HTTP_404_NOT_FOUND, 'Folder %s not found.' % path) permission = request.data.get('permission', PERMISSION_READ) if permission not in [ PERMISSION_READ, PERMISSION_READ_WRITE, PERMISSION_ADMIN ]: return api_error(status.HTTP_400_BAD_REQUEST, 'permission invalid.') shared_to_user, shared_to_group = self.handle_shared_to_args(request) if shared_to_user: shared_to = request.GET.get('username') if shared_to is None or not is_valid_username(shared_to): return api_error(status.HTTP_400_BAD_REQUEST, 'Email %s invalid.' % shared_to) if username != self.get_repo_owner(request, repo_id) and \ ExtraSharePermission.objects.get_user_permission(repo_id, username) != PERMISSION_ADMIN: return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') else: if username != self.get_repo_owner(request, repo_id): return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') if shared_to_user: try: User.objects.get(email=shared_to) except User.DoesNotExist: return api_error(status.HTTP_400_BAD_REQUEST, 'Invalid user, should be registered') extra_share_permission = "" if permission not in [PERMISSION_READ, PERMISSION_READ_WRITE]: extra_share_permission = permission permission = PERMISSION_READ_WRITE if permission == PERMISSION_ADMIN else PERMISSION_READ if is_org_context(request): username = seafile_api.get_org_repo_owner(repo_id) org_id = request.user.org.org_id if path == '/': seafile_api.org_set_share_permission( org_id, repo_id, username, shared_to, permission) else: seafile_api.org_update_share_subdir_perm_for_user( org_id, repo_id, path, username, shared_to, permission) else: username = seafile_api.get_repo_owner(repo_id) if path == '/': seafile_api.set_share_permission(repo_id, username, shared_to, permission) else: seafile_api.update_share_subdir_perm_for_user( repo_id, path, username, shared_to, permission) if path == '/': ExtraSharePermission.objects.update_share_permission( repo_id, shared_to, extra_share_permission) send_perm_audit_msg('modify-repo-perm', username, shared_to, repo_id, path, permission) if shared_to_group: gid = request.GET.get('group_id') try: gid = int(gid) except ValueError: return api_error(status.HTTP_400_BAD_REQUEST, 'group_id %s invalid.' % gid) group = seaserv.get_group(gid) if not group: return api_error(status.HTTP_404_NOT_FOUND, 'Group %s not found.' % gid) if is_org_context(request): org_id = request.user.org.org_id if path == '/': seaserv.seafserv_threaded_rpc.set_org_group_repo_permission( org_id, gid, repo.id, permission) else: seafile_api.org_update_share_subdir_perm_for_group( org_id, repo_id, path, username, gid, permission) else: if path == '/': seafile_api.set_group_repo_permission( gid, repo.id, permission) else: seafile_api.update_share_subdir_perm_for_group( repo_id, path, username, gid, permission) send_perm_audit_msg('modify-repo-perm', username, gid, repo_id, path, permission) return HttpResponse(json.dumps({'success': True}), status=200, content_type=json_content_type)
def post(self, request, repo_id, format=None): """Update shared item permission. """ username = request.user.username repo = seafile_api.get_repo(repo_id) if not repo: return api_error(status.HTTP_404_NOT_FOUND, 'Library %s not found.' % repo_id) path = request.GET.get('p', '/') if seafile_api.get_dir_id_by_path(repo.id, path) is None: return api_error(status.HTTP_400_BAD_REQUEST, 'Directory not found.') if username != self.get_repo_owner(request, repo_id): return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') shared_to_user, shared_to_group = self.handle_shared_to_args(request) permission = request.data.get('permission', 'r') if permission not in ['r', 'rw']: return api_error(status.HTTP_400_BAD_REQUEST, 'permission invalid.') path = request.GET.get('p', '/') if seafile_api.get_dir_id_by_path(repo.id, path) is None: return api_error(status.HTTP_404_NOT_FOUND, 'Folder %s not found.' % path) if shared_to_user: shared_to = request.GET.get('username') if shared_to is None or not is_valid_username(shared_to): return api_error(status.HTTP_400_BAD_REQUEST, 'Email %s invalid.' % shared_to) try: User.objects.get(email=shared_to) except User.DoesNotExist: return api_error(status.HTTP_400_BAD_REQUEST, 'Invalid user, should be registered') if is_org_context(request): org_id = request.user.org.org_id if path == '/': seafile_api.org_set_share_permission( org_id, repo_id, username, shared_to, permission) else: seafile_api.org_update_share_subdir_perm_for_user( org_id, repo_id, path, username, shared_to, permission) else: if path == '/': seafile_api.set_share_permission( repo_id, username, shared_to, permission) else: seafile_api.update_share_subdir_perm_for_user( repo_id, path, username, shared_to, permission) send_perm_audit_msg('modify-repo-perm', username, shared_to, repo_id, path, permission) if shared_to_group: gid = request.GET.get('group_id') try: gid = int(gid) except ValueError: return api_error(status.HTTP_400_BAD_REQUEST, 'group_id %s invalid.' % gid) group = seaserv.get_group(gid) if not group: return api_error(status.HTTP_404_NOT_FOUND, 'Group %s not found.' % gid) if is_org_context(request): org_id = request.user.org.org_id if path == '/': seaserv.seafserv_threaded_rpc.set_org_group_repo_permission( org_id, gid, repo.id, permission) else: seafile_api.org_update_share_subdir_perm_for_group( org_id, repo_id, path, username, gid, permission) else: if path == '/': seafile_api.set_group_repo_permission(gid, repo.id, permission) else: seafile_api.update_share_subdir_perm_for_group( repo_id, path, username, gid, permission) send_perm_audit_msg('modify-repo-perm', username, gid, repo_id, path, permission) return HttpResponse(json.dumps({'success': True}), status=200, content_type=json_content_type)