def org_group_remove(request, url_prefix, group_id):
# Request header may missing HTTP_REFERER, we need to handle that case.
next = request.META.get("HTTP_REFERER", None)
if not next:
next = seahub_settings.SITE_ROOT
try:
group_id_int = int(group_id)
except ValueError:
return HttpResponseRedirect(next)
# Check whether is the org group.
org_id = get_org_id_by_group(group_id_int)
if request.user.org["org_id"] != org_id:
return render_permission_error(
request,
_(u"This group doesn't belong to current organazation"),
extra_ctx={"org": request.user.org, "base_template": "org_base.html"},
)
try:
ccnet_threaded_rpc.remove_group(group_id_int, request.user.username)
seafserv_threaded_rpc.remove_repo_group(group_id_int, None)
ccnet_threaded_rpc.remove_org_group(org_id, group_id_int)
except SearpcError, e:
return render_error(request, e.msg, extra_ctx={"org": request.user.org, "base_template": "org_base.html"})
def repo_remove_share(request):
"""
If repo is shared from one person to another person, only these two peson
can remove share.
If repo is shared from one person to a group, then only the one share the
repo and group staff can remove share.
"""
repo_id = request.GET.get('repo_id', '')
group_id = request.GET.get('gid', '')
from_email = request.GET.get('from', '')
if not is_valid_username(from_email):
return render_error(request, _(u'Argument is not valid'))
username = request.user.username
# if request params don't have 'gid', then remove repos that share to
# to other person; else, remove repos that share to groups
if not group_id:
to_email = request.GET.get('to', '')
if not is_valid_username(to_email):
return render_error(request, _(u'Argument is not valid'))
if username != from_email and username != to_email:
return render_permission_error(request,
_(u'Failed to remove share'))
if is_org_context(request):
org_id = request.user.org.org_id
org_remove_share(org_id, repo_id, from_email, to_email)
else:
seaserv.remove_share(repo_id, from_email, to_email)
else:
try:
group_id = int(group_id)
except:
return render_error(request, _(u'group id is not valid'))
group = seaserv.get_group(group_id)
if not group:
return render_error(
request, _(u"Failed to unshare: the group doesn't exist."))
if not seaserv.check_group_staff(group_id, username) \
and username != from_email:
return render_permission_error(request,
_(u'Failed to remove share'))
if is_org_group(group_id):
org_id = get_org_id_by_group(group_id)
del_org_group_repo(repo_id, org_id, group_id)
else:
seafile_api.unset_group_repo(repo_id, group_id, from_email)
messages.success(request, _('Successfully removed share'))
next = request.META.get('HTTP_REFERER', SITE_ROOT)
return HttpResponseRedirect(next)
def repo_remove_share(request):
"""
If repo is shared from one person to another person, only these two peson
can remove share.
If repo is shared from one person to a group, then only the one share the
repo and group staff can remove share.
"""
repo_id = request.GET.get('repo_id', '')
group_id = request.GET.get('gid', '')
from_email = request.GET.get('from', '')
if not is_valid_username(from_email):
return render_error(request, _(u'Argument is not valid'))
username = request.user.username
# if request params don't have 'gid', then remove repos that share to
# to other person; else, remove repos that share to groups
if not group_id:
to_email = request.GET.get('to', '')
if not is_valid_username(to_email):
return render_error(request, _(u'Argument is not valid'))
if username != from_email and username != to_email:
return render_permission_error(request, _(u'Failed to remove share'))
if is_org_context(request):
org_id = request.user.org.org_id
org_remove_share(org_id, repo_id, from_email, to_email)
else:
seaserv.remove_share(repo_id, from_email, to_email)
else:
try:
group_id = int(group_id)
except:
return render_error(request, _(u'group id is not valid'))
group = seaserv.get_group(group_id)
if not group:
return render_error(request, _(u"Failed to unshare: the group doesn't exist."))
if not seaserv.check_group_staff(group_id, username) \
and username != from_email:
return render_permission_error(request, _(u'Failed to remove share'))
if is_org_group(group_id):
org_id = get_org_id_by_group(group_id)
del_org_group_repo(repo_id, org_id, group_id)
else:
seafile_api.unset_group_repo(repo_id, group_id, from_email)
messages.success(request, _('Successfully removed share'))
next = request.META.get('HTTP_REFERER', SITE_ROOT)
return HttpResponseRedirect(next)
def repo_remove_share(request):
"""
If repo is shared from one person to another person, only these two peson
can remove share.
If repo is shared from one person to a group, then only the one share the
repo and group staff can remove share.
"""
repo_id = request.GET.get('repo_id', '')
group_id = request.GET.get('gid', '')
from_email = request.GET.get('from', '')
if not is_valid_username(from_email):
return render_error(request, _(u'Argument is not valid'))
# if request params don't have 'gid', then remove repos that share to
# to other person; else, remove repos that share to groups
if not group_id:
to_email = request.GET.get('to', '')
if not is_valid_username(to_email):
return render_error(request, _(u'Argument is not valid'))
if request.user.username != from_email and \
request.user.username != to_email:
return render_permission_error(request,
_(u'Failed to remove share'))
remove_share(repo_id, from_email, to_email)
else:
try:
group_id_int = int(group_id)
except:
return render_error(request, _(u'group id is not valid'))
if not check_group_staff(group_id_int, request.user.username) \
and request.user.username != from_email:
return render_permission_error(request,
_(u'Failed to remove share'))
if is_org_group(group_id_int):
org_id = get_org_id_by_group(group_id_int)
del_org_group_repo(repo_id, org_id, group_id_int)
else:
from seahub.group.views import group_unshare_repo
group_unshare_repo(request, repo_id, group_id_int, from_email)
messages.success(request, _('Successfully removed share'))
next = request.META.get('HTTP_REFERER', None)
if not next:
next = SITE_ROOT
return HttpResponseRedirect(next)
def repo_remove_share(request):
"""
If repo is shared from one person to another person, only these two peson
can remove share.
If repo is shared from one person to a group, then only the one share the
repo and group staff can remove share.
"""
repo_id = request.GET.get('repo_id', '')
group_id = request.GET.get('gid', '')
from_email = request.GET.get('from', '')
if not is_valid_username(from_email):
return render_error(request, _(u'Argument is not valid'))
# if request params don't have 'gid', then remove repos that share to
# to other person; else, remove repos that share to groups
if not group_id:
to_email = request.GET.get('to', '')
if not is_valid_username(to_email):
return render_error(request, _(u'Argument is not valid'))
if request.user.username != from_email and \
request.user.username != to_email:
return render_permission_error(request, _(u'Failed to remove share'))
remove_share(repo_id, from_email, to_email)
else:
try:
group_id_int = int(group_id)
except:
return render_error(request, _(u'group id is not valid'))
if not check_group_staff(group_id_int, request.user.username) \
and request.user.username != from_email:
return render_permission_error(request, _(u'Failed to remove share'))
if is_org_group(group_id_int):
org_id = get_org_id_by_group(group_id_int)
del_org_group_repo(repo_id, org_id, group_id_int)
else:
from seahub.group.views import group_unshare_repo
group_unshare_repo(request, repo_id, group_id_int, from_email)
messages.success(request, _('Successfully removed share'))
next = request.META.get('HTTP_REFERER', None)
if not next:
next = SITE_ROOT
return HttpResponseRedirect(next)
def check_and_get_org_by_group(group_id, user):
"""
Check whether repo is org repo, get org info if it is, and set
base template.
"""
org_id = get_org_id_by_group(group_id)
if org_id > 0:
# this repo is org repo, get org info
org = get_org_by_id(org_id)
org._dict['is_staff'] = is_org_staff(org_id, user)
org._dict['email'] = user
base_template = 'org_base.html'
else:
org = None
base_template = 'myhome_base.html'
return org, base_template
def check_and_get_org_by_group(group_id, user):
"""
Check whether repo is org repo, get org info if it is, and set
base template.
"""
org_id = get_org_id_by_group(group_id)
if org_id > 0:
# this repo is org repo, get org info
org = get_org_by_id(org_id)
org._dict['is_staff'] = is_org_staff(org_id, user)
org._dict['email'] = user
base_template = 'org_base.html'
else:
org = None
base_template = 'myhome_base.html'
return org, base_template
def check_and_get_org_by_group(group_id, user):
"""
Check whether repo is org repo, get org info if it is, and set
base template.
"""
org_id = seaserv.get_org_id_by_group(group_id)
if org_id > 0:
# this repo is org repo, get org info
org = seaserv.get_org_by_id(org_id)
org._dict["is_staff"] = seaserv.is_org_staff(org_id, user)
org._dict["email"] = user
base_template = "org_base.html"
else:
org = None
base_template = "myhome_base.html"
return org, base_template
def delete(self, request, repo_id, format=None):
if not seafile_api.get_repo(repo_id):
return api_error(status.HTTP_400_BAD_REQUEST,
'Library does not exist')
username = request.user.username
share_type = request.GET.get('share_type', None)
if share_type == 'personal':
from_email = request.GET.get('from', None)
if not is_valid_username(from_email):
return api_error(status.HTTP_400_BAD_REQUEST,
'Invalid argument')
if is_org_context(request):
org_id = request.user.org.org_id
seaserv.seafserv_threaded_rpc.org_remove_share(
org_id, repo_id, from_email, username)
else:
seaserv.remove_share(repo_id, from_email, username)
elif share_type == 'group':
from_email = request.GET.get('from', None)
if not is_valid_username(from_email):
return api_error(status.HTTP_400_BAD_REQUEST,
'Invalid argument')
group_id = request.GET.get('group_id', None)
group = seaserv.get_group(group_id)
if not group:
return api_error(status.HTTP_400_BAD_REQUEST,
'Group does not exist')
if not seaserv.check_group_staff(group_id, username) and \
not seafile_api.is_repo_owner(username, repo_id):
return api_error(status.HTTP_403_FORBIDDEN,
'Permission denied')
if seaserv.is_org_group(group_id):
org_id = seaserv.get_org_id_by_group(group_id)
seaserv.del_org_group_repo(repo_id, org_id, group_id)
else:
seafile_api.unset_group_repo(repo_id, group_id, from_email)
elif share_type == 'public':
if is_org_context(request):
org_repo_owner = seafile_api.get_org_repo_owner(repo_id)
is_org_repo_owner = True if org_repo_owner == username else False
if not request.user.org.is_staff and not is_org_repo_owner:
return api_error(status.HTTP_403_FORBIDDEN,
'Permission denied')
org_id = request.user.org.org_id
seaserv.seafserv_threaded_rpc.unset_org_inner_pub_repo(
org_id, repo_id)
else:
if not seafile_api.is_repo_owner(username, repo_id) and \
not request.user.is_staff:
return api_error(status.HTTP_403_FORBIDDEN,
'Permission denied')
seaserv.unset_inner_pub_repo(repo_id)
else:
return api_error(status.HTTP_400_BAD_REQUEST, 'Invalid argument')
return Response({'success': True}, status=status.HTTP_200_OK)
def ajax_repo_remove_share(request):
"""
Remove repo shared to user/group/public
"""
content_type = 'application/json; charset=utf-8'
repo_id = request.POST.get('repo_id', None)
share_type = request.POST.get('share_type', None)
if not seafile_api.get_repo(repo_id):
return HttpResponse(json.dumps({'error':
_(u'Library does not exist')}),
status=400,
content_type=content_type)
username = request.user.username
if share_type == 'personal':
from_email = request.POST.get('from', None)
if not is_valid_username(from_email):
return HttpResponse(json.dumps({'error': _(u'Invalid argument')}),
status=400,
content_type=content_type)
if is_org_context(request):
org_id = request.user.org.org_id
org_remove_share(org_id, repo_id, from_email, username)
else:
seaserv.remove_share(repo_id, from_email, username)
return HttpResponse(json.dumps({'success': True}),
status=200,
content_type=content_type)
elif share_type == 'group':
from_email = request.POST.get('from', None)
if not is_valid_username(from_email):
return HttpResponse(json.dumps({'error': _(u'Invalid argument')}),
status=400,
content_type=content_type)
group_id = request.POST.get('group_id', None)
group = seaserv.get_group(group_id)
if not group:
return HttpResponse(json.dumps(
{'error': _(u"Group does not exist")}),
status=400,
content_type=content_type)
if seaserv.check_group_staff(group_id, username) or \
seafile_api.is_repo_owner(username, repo_id):
if is_org_group(group_id):
org_id = get_org_id_by_group(group_id)
del_org_group_repo(repo_id, org_id, group_id)
else:
seafile_api.unset_group_repo(repo_id, group_id, from_email)
return HttpResponse(json.dumps({'success': True}),
status=200,
content_type=content_type)
else:
return HttpResponse(json.dumps({'error': _(u'Permission denied')}),
status=400,
content_type=content_type)
elif share_type == 'public':
if is_org_context(request):
org_repo_owner = seafile_api.get_org_repo_owner(repo_id)
is_org_repo_owner = True if org_repo_owner == username else False
if request.user.org.is_staff or is_org_repo_owner:
org_id = request.user.org.org_id
seaserv.seafserv_threaded_rpc.unset_org_inner_pub_repo(
org_id, repo_id)
return HttpResponse(json.dumps({'success': True}),
status=200,
content_type=content_type)
else:
return HttpResponse(json.dumps(
{'error': _(u'Permission denied')}),
status=403,
content_type=content_type)
else:
if seafile_api.is_repo_owner(username, repo_id) or \
request.user.is_staff:
unset_inner_pub_repo(repo_id)
return HttpResponse(json.dumps({'success': True}),
status=200,
content_type=content_type)
else:
return HttpResponse(json.dumps(
{'error': _(u'Permission denied')}),
status=403,
content_type=content_type)
else:
return HttpResponse(json.dumps({'error': _(u'Invalid argument')}),
status=400,
content_type=content_type)
def delete(self, request, repo_id, format=None):
if not seafile_api.get_repo(repo_id):
return api_error(status.HTTP_400_BAD_REQUEST, 'Library does not exist')
username = request.user.username
share_type = request.GET.get('share_type', None)
if share_type == 'personal':
from_email = request.GET.get('from', None)
if not is_valid_username(from_email):
return api_error(status.HTTP_400_BAD_REQUEST, 'Invalid argument')
if is_org_context(request):
org_id = request.user.org.org_id
seaserv.seafserv_threaded_rpc.org_remove_share(org_id,
repo_id,
from_email,
username)
else:
seaserv.remove_share(repo_id, from_email, username)
elif share_type == 'group':
from_email = request.GET.get('from', None)
if not is_valid_username(from_email):
return api_error(status.HTTP_400_BAD_REQUEST, 'Invalid argument')
group_id = request.GET.get('group_id', None)
group = seaserv.get_group(group_id)
if not group:
return api_error(status.HTTP_400_BAD_REQUEST, 'Group does not exist')
if not seaserv.check_group_staff(group_id, username) and \
not seafile_api.is_repo_owner(username, repo_id):
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied')
if seaserv.is_org_group(group_id):
org_id = seaserv.get_org_id_by_group(group_id)
seaserv.del_org_group_repo(repo_id, org_id, group_id)
else:
seafile_api.unset_group_repo(repo_id, group_id, from_email)
elif share_type == 'public':
if is_org_context(request):
org_repo_owner = seafile_api.get_org_repo_owner(repo_id)
is_org_repo_owner = True if org_repo_owner == username else False
if not request.user.org.is_staff and not is_org_repo_owner:
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied')
org_id = request.user.org.org_id
seaserv.seafserv_threaded_rpc.unset_org_inner_pub_repo(org_id,
repo_id)
else:
if not seafile_api.is_repo_owner(username, repo_id) and \
not request.user.is_staff:
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied')
seaserv.unset_inner_pub_repo(repo_id)
else:
return api_error(status.HTTP_400_BAD_REQUEST, 'Invalid argument')
return Response({'success': True}, status=status.HTTP_200_OK)
def ajax_repo_remove_share(request):
"""
Remove repo shared to user/group/public
"""
content_type = 'application/json; charset=utf-8'
repo_id = request.POST.get('repo_id', None)
share_type = request.POST.get('share_type', None)
if not seafile_api.get_repo(repo_id):
return HttpResponse(json.dumps({'error': _(u'Library does not exist')}), status=400,
content_type=content_type)
username = request.user.username
if share_type == 'personal':
from_email = request.POST.get('from', None)
if not is_valid_username(from_email):
return HttpResponse(json.dumps({'error': _(u'Invalid argument')}), status=400,
content_type=content_type)
if is_org_context(request):
org_id = request.user.org.org_id
org_remove_share(org_id, repo_id, from_email, username)
else:
seaserv.remove_share(repo_id, from_email, username)
return HttpResponse(json.dumps({'success': True}), status=200,
content_type=content_type)
elif share_type == 'group':
from_email = request.POST.get('from', None)
if not is_valid_username(from_email):
return HttpResponse(json.dumps({'error': _(u'Invalid argument')}), status=400,
content_type=content_type)
group_id = request.POST.get('group_id', None)
group = seaserv.get_group(group_id)
if not group:
return HttpResponse(json.dumps({'error': _(u"Group does not exist")}), status=400,
content_type=content_type)
if seaserv.check_group_staff(group_id, username) or \
seafile_api.is_repo_owner(username, repo_id):
if is_org_group(group_id):
org_id = get_org_id_by_group(group_id)
del_org_group_repo(repo_id, org_id, group_id)
else:
seafile_api.unset_group_repo(repo_id, group_id, from_email)
return HttpResponse(json.dumps({'success': True}), status=200,
content_type=content_type)
else:
return HttpResponse(json.dumps({'error': _(u'Permission denied')}), status=400,
content_type=content_type)
elif share_type == 'public':
if is_org_context(request):
org_repo_owner = seafile_api.get_org_repo_owner(repo_id)
is_org_repo_owner = True if org_repo_owner == username else False
if request.user.org.is_staff or is_org_repo_owner:
org_id = request.user.org.org_id
seaserv.seafserv_threaded_rpc.unset_org_inner_pub_repo(org_id,
repo_id)
return HttpResponse(json.dumps({'success': True}), status=200,
content_type=content_type)
else:
return HttpResponse(json.dumps({'error': _(u'Permission denied')}), status=403,
content_type=content_type)
else:
if seafile_api.is_repo_owner(username, repo_id) or \
request.user.is_staff:
unset_inner_pub_repo(repo_id)
return HttpResponse(json.dumps({'success': True}), status=200,
content_type=content_type)
else:
return HttpResponse(json.dumps({'error': _(u'Permission denied')}), status=403,
content_type=content_type)
else:
return HttpResponse(json.dumps({'error': _(u'Invalid argument')}), status=400,
content_type=content_type)
