def permission_check_admin_owner(username, repo_id, request=None): # maybe add more complex logic in the future
"""
if repo is owned by user return true
or check whether repo is owned by group and whether user is group's staff
so finally the code is:
check user == repo's owner
else
check user is the such group's staff
"""
if username == seafile_api.get_repo_owner(repo_id):
return True
else:
return is_group_repo_staff(request, repo_id, username)
def post(self, request, format=None):
"""Add a new wiki.
"""
username = request.user.username
org_id = -1
if is_org_context(request):
org_id = request.user.org.org_id
repo_id = request.POST.get('repo_id', '')
if not repo_id:
msg = 'Repo id is invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, msg)
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# check perm
if not (request.user.permissions.can_publish_repo() and request.user.permissions.can_generate_share_link()):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
is_owner = is_repo_owner(request, repo_id, username)
if not is_owner:
repo_admin = is_repo_admin(username, repo_id)
if not repo_admin:
is_group_repo_admin = is_group_repo_staff(request, repo_id, username)
if not is_group_repo_admin:
error_msg = _('Permission denied.')
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
try:
wiki = Wiki.objects.add(wiki_name=repo.repo_name, username=username,
repo_id=repo.repo_id, org_id=org_id, permission='public')
except DuplicateWikiNameError:
msg = _('%s is taken by others, please try another name.') % repo.repo_name
return api_error(status.HTTP_400_BAD_REQUEST, msg)
except IntegrityError:
msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, msg)
# create home page if not exist
page_name = "home.md"
if not seafile_api.get_file_id_by_path(repo_id, "/" + page_name):
try:
seafile_api.post_empty_file(repo_id, '/', page_name, username)
except SearpcError as e:
logger.error(e)
msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, msg)
fs = FileShare.objects.get_dir_link_by_path(username, repo_id, '/')
if not fs:
fs = FileShare.objects.create_dir_link(username, repo_id, '/',
permission='view_download', org_id=org_id)
return Response(wiki.to_dict())
def post(self, request, format=None):
"""Add a new wiki.
"""
username = request.user.username
org_id = -1
if is_org_context(request):
org_id = request.user.org.org_id
repo_id = request.POST.get('repo_id', '')
if not repo_id:
msg = 'Repo id is invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, msg)
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# check perm
if not request.user.permissions.can_publish_repo():
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
is_owner = is_repo_owner(request, repo_id, username)
if not is_owner:
repo_admin = is_repo_admin(username, repo_id)
if not repo_admin:
is_group_repo_admin = is_group_repo_staff(request, repo_id, username)
if not is_group_repo_admin:
error_msg = _('Permission denied.')
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
try:
wiki = Wiki.objects.add(wiki_name=repo.repo_name, username=username,
repo_id=repo.repo_id, org_id=org_id, permission='public')
except DuplicateWikiNameError:
msg = _('%s is taken by others, please try another name.') % repo.repo_name
return api_error(status.HTTP_400_BAD_REQUEST, msg)
except IntegrityError:
msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, msg)
# create home page if not exist
page_name = "home.md"
if not seafile_api.get_file_id_by_path(repo_id, "/" + page_name):
try:
seafile_api.post_empty_file(repo_id, '/', page_name, username)
except SearpcError as e:
logger.error(e)
msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, msg)
fs = FileShare.objects.get_dir_link_by_path(username, repo_id, '/')
if not fs:
fs = FileShare.objects.create_dir_link(username, repo_id, '/',
permission='view_download', org_id=org_id)
return Response(wiki.to_dict())
def post(self, request, format=None):
"""Add a new wiki.
"""
use_exist_repo = request.POST.get('use_exist_repo', '')
if not use_exist_repo:
msg = 'Use exist repo is invalid'
return api_error(status.HTTP_400_BAD_REQUEST, msg)
name = request.POST.get('name', '')
if not name:
msg = 'Name is invalid'
return api_error(status.HTTP_400_BAD_REQUEST, msg)
if not is_valid_wiki_name(name):
msg = _(
'Name can only contain letters, numbers, blank, hyphen or underscore.'
)
return api_error(status.HTTP_400_BAD_REQUEST, msg)
username = request.user.username
org_id = -1
if is_org_context(request):
org_id = request.user.org.org_id
if use_exist_repo == 'false':
try:
wiki = Wiki.objects.add(name, username, org_id=org_id)
except DuplicateWikiNameError:
msg = _(
'%s is taken by others, please try another name.') % name
return api_error(status.HTTP_400_BAD_REQUEST, msg)
except IntegrityError:
msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, msg)
# create home page
page_name = "home.md"
try:
seafile_api.post_empty_file(wiki.repo_id, '/', page_name,
request.user.username)
except SearpcError as e:
logger.error(e)
msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, msg)
return Response(wiki.to_dict())
if use_exist_repo == 'true':
repo_id = request.POST.get('repo_id', '')
if not repo_id:
msg = 'Repo id is invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, msg)
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# check perm
is_owner = is_repo_owner(request, repo_id, username)
if not is_owner:
repo_admin = is_repo_admin(username, repo_id)
if not repo_admin:
is_group_repo_admin = is_group_repo_staff(
request, repo_id, username)
if not is_group_repo_admin:
error_msg = _('Permission denied.')
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
try:
wiki = Wiki.objects.add(wiki_name=repo.repo_name,
username=username,
repo_id=repo.repo_id,
org_id=org_id)
except DuplicateWikiNameError:
msg = _('%s is taken by others, please try another name.'
) % repo.repo_name
return api_error(status.HTTP_400_BAD_REQUEST, msg)
except IntegrityError:
msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, msg)
# create home page if not exist
page_name = "home.md"
if not seafile_api.get_file_id_by_path(repo_id, "/" + page_name):
try:
seafile_api.post_empty_file(repo_id, '/', page_name,
username)
except SearpcError as e:
logger.error(e)
msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
msg)
return Response(wiki.to_dict())