def put(self, request, repo_id, comment_id, format=None):
"""Update a comment, only comment author or repo owner can perform
this op
1.Change resolved of comment
2.Add comment_detail
"""
# argument check
resolved = request.data.get('resolved')
if resolved not in ('true', 'false', None):
error_msg = 'resolved invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
detail = request.data.get('detail')
# resource check
try:
file_comment = FileComment.objects.get(pk=comment_id)
except FileComment.DoesNotExist:
error_msg = 'FileComment %s not found.' % comment_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# permission check
username = request.user.username
if username != file_comment.author and not is_repo_owner(request, repo_id, username):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if resolved is not None:
comment_resolved = to_python_boolean(resolved)
try:
file_comment.resolved = comment_resolved
file_comment.save()
except Exception as e:
logger.error(e)
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, 'Internal error.')
if detail is not None:
try:
file_comment.detail = detail
file_comment.save()
except Exception as e:
logger.error(e)
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, 'Internal error.')
try:
avatar_size = int(request.GET.get('avatar_size', AVATAR_DEFAULT_SIZE))
except ValueError:
avatar_size = AVATAR_DEFAULT_SIZE
comment = file_comment.to_dict()
comment.update(user_to_dict(file_comment.author, request=request, avatar_size=avatar_size))
return Response(comment)
def post(self, request, repo_id):
""" Only used for reset encrypted repo's password, and then send new
password to user's mainbox.
Permission checking:
1. repo owner.
"""
if not ENABLE_RESET_ENCRYPTED_REPO_PASSWORD or \
not IS_EMAIL_CONFIGURED:
error_msg = _('Feature disabled.')
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not repo.encrypted:
error_msg = 'Library %s is not encrypted.' % repo_id
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# permission check
username = request.user.username
if not is_repo_owner(request, repo_id, username):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
secret_key = RepoSecretKey.objects.get_secret_key(repo_id)
if not secret_key:
error_msg = _("Can not reset this library's password.")
return api_error(HTTP_520_OPERATION_FAILED, error_msg)
new_password = get_random_string(10)
try:
seafile_api.reset_repo_passwd(repo_id, username, secret_key,
new_password)
content = {
'repo_name': repo.name,
'password': new_password,
}
send_html_email(
_('New password of library %s') % repo.name,
'snippets/reset_repo_password.html', content, None,
[email2contact_email(username)])
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
return Response({'success': True})
def permission_check_admin_owner(request, username, repo_id): # maybe add more complex logic in the future
"""
if repo is owned by user return true
or check whether repo is owned by group and whether user is group's staff
so finally the code is:
check user == repo's owner
else
check user is the such group's staff
"""
if is_repo_owner(request, repo_id, username):
return True
else:
return is_group_repo_staff(request, repo_id, username)
def repo_snapshot(request, repo_id):
"""View repo in history.
"""
repo = get_repo(repo_id)
if not repo:
raise Http404
username = request.user.username
user_perm = check_folder_permission(request, repo.id, '/')
if user_perm is None:
return render_error(request, _('Permission denied'))
try:
server_crypto = UserOptions.objects.is_server_crypto(username)
except CryptoOptionNotSetError:
# Assume server_crypto is ``False`` if this option is not set.
server_crypto = False
reverse_url = reverse('lib_view', args=[repo_id, repo.name, ''])
if repo.encrypted and \
(repo.enc_version == 1 or (repo.enc_version == 2 and server_crypto)) \
and not is_password_set(repo.id, username):
return render(
request, 'decrypt_repo_form.html', {
'repo': repo,
'next': get_next_url_from_request(request) or reverse_url,
})
commit_id = request.GET.get('commit_id', None)
if commit_id is None:
return HttpResponseRedirect(reverse_url)
current_commit = get_commit(repo.id, repo.version, commit_id)
if not current_commit:
current_commit = get_commit(repo.id, repo.version, repo.head_cmmt_id)
has_perm = is_repo_owner(request, repo.id, username)
# department admin
if not has_perm:
repo_owner = seafile_api.get_repo_owner(repo_id)
if '@seafile_group' in repo_owner:
group_id = get_group_id_by_repo_owner(repo_owner)
has_perm = is_group_admin(group_id, username)
return render(
request, 'repo_snapshot_react.html', {
'repo': repo,
"can_restore_repo": has_perm,
'current_commit': current_commit,
})
def post(self, request, repo_id, commit_id, format=None):
""" revert commit in repo history
Permission checking:
1. only repo owner can perform this action.
"""
username = request.user.username
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
commit = seafile_api.get_commit(repo.id, repo.version, commit_id)
if not commit:
error_msg = 'Commit %s not found.' % commit_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# permission check
has_perm = is_repo_owner(request, repo.id, username)
if not has_perm:
repo_owner = get_repo_owner(request, repo_id)
# department admin
if '@seafile_group' in repo_owner:
group_id = get_group_id_by_repo_owner(repo_owner)
has_perm = is_group_admin(group_id, username)
if not has_perm:
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# main
if repo.encrypted:
ret = seafile_api.is_password_set(repo_id, username)
is_decrypted = False if ret == 0 else True
if not is_decrypted:
error_msg = _('This library has not been decrypted.')
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
try:
seafile_api.revert_repo(repo_id, commit_id, username)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
return Response({'success': True})
def delete(self, request, repo_id, comment_id, format=None):
"""Delete a comment, only comment author or repo owner can perform
this op.
"""
try:
file_comment = FileComment.objects.get(pk=comment_id)
except FileComment.DoesNotExist:
return api_error(status.HTTP_400_BAD_REQUEST, 'Wrong comment id')
username = request.user.username
if username != file_comment.author and not is_repo_owner(request, repo_id, username):
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
file_comment.delete()
return Response(status=204)
def delete(self, request, repo_id, comment_id, format=None):
"""Delete a comment, only comment author or repo owner can perform
this op.
"""
try:
file_comment = FileComment.objects.get(pk=comment_id)
except FileComment.DoesNotExist:
return api_error(status.HTTP_400_BAD_REQUEST, 'Wrong comment id')
username = request.user.username
if username != file_comment.author and not is_repo_owner(request, repo_id, username):
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
file_comment.delete()
return Response(status=204)
def post(self, request, repo_id):
""" Only used for reset encrypted repo's password, and then send new
password to user's mainbox.
Permission checking:
1. repo owner.
"""
if not ENABLE_RESET_ENCRYPTED_REPO_PASSWORD or \
not IS_EMAIL_CONFIGURED:
error_msg = _(u'Feature disabled.')
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not repo.encrypted:
error_msg = 'Library %s is not encrypted.' % repo_id
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# permission check
username = request.user.username
if not is_repo_owner(request, repo_id, username):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
secret_key = RepoSecretKey.objects.get_secret_key(repo_id)
if not secret_key:
error_msg = _(u"Can not reset this library's password.")
return api_error(HTTP_520_OPERATION_FAILED, error_msg)
new_password = get_random_string(10)
try:
seafile_api.reset_repo_passwd(repo_id, username, secret_key, new_password)
content = {'repo_name': repo.name, 'password': new_password,}
send_html_email(_(u'New password of library %s') % repo.name,
'snippets/reset_repo_password.html', content,
None, [email2contact_email(username)])
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
return Response({'success': True})
def put(self, request, repo_id):
""" Change/Init repo password.
Permission checking:
1. repo owner
"""
# argument check
operation = request.data.get('operation', 'change-password')
operation = operation.lower()
if operation not in ('change-password', 'reset-password',
'can-reset-password'):
error_msg = 'operation invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not repo.encrypted:
error_msg = 'Library %s is not encrypted.' % repo_id
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# permission check
username = request.user.username
if not is_repo_owner(request, repo_id, username):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if operation == 'change-password':
old_password = request.data.get('old_password', None)
if not old_password:
error_msg = 'old_password invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
new_password = request.data.get('new_password', None)
if not new_password:
error_msg = 'new_password invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
seafile_api.change_repo_passwd(repo_id, old_password,
new_password, username)
except Exception as e:
if e.msg == 'Incorrect password':
error_msg = _('Wrong old password')
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
else:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
error_msg)
if ENABLE_RESET_ENCRYPTED_REPO_PASSWORD:
add_encrypted_repo_secret_key_to_database(
repo_id, new_password)
if operation == 'can-reset-password':
if not ENABLE_RESET_ENCRYPTED_REPO_PASSWORD:
error_msg = 'Feature disabled.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if not RepoSecretKey.objects.get_secret_key(repo_id):
return Response({'allowed': False})
else:
return Response({'allowed': True})
if operation == 'reset-password':
if not ENABLE_RESET_ENCRYPTED_REPO_PASSWORD:
error_msg = 'Feature disabled.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
new_password = request.data.get('new_password', None)
if not new_password:
error_msg = 'new_password invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
secret_key = RepoSecretKey.objects.get_secret_key(repo_id)
if not secret_key:
error_msg = _("Can not reset this library's password.")
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
seafile_api.reset_repo_passwd(repo_id, username, secret_key,
new_password)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
error_msg)
return Response({'success': True})
def post(self, request, format=None):
"""Add a new wiki.
"""
username = request.user.username
org_id = -1
if is_org_context(request):
org_id = request.user.org.org_id
repo_id = request.POST.get('repo_id', '')
if not repo_id:
msg = 'Repo id is invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, msg)
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# check perm
if not (request.user.permissions.can_publish_repo() and request.user.permissions.can_generate_share_link()):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
is_owner = is_repo_owner(request, repo_id, username)
if not is_owner:
repo_admin = is_repo_admin(username, repo_id)
if not repo_admin:
is_group_repo_admin = is_group_repo_staff(request, repo_id, username)
if not is_group_repo_admin:
error_msg = _('Permission denied.')
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
try:
wiki = Wiki.objects.add(wiki_name=repo.repo_name, username=username,
repo_id=repo.repo_id, org_id=org_id, permission='public')
except DuplicateWikiNameError:
msg = _('%s is taken by others, please try another name.') % repo.repo_name
return api_error(status.HTTP_400_BAD_REQUEST, msg)
except IntegrityError:
msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, msg)
# create home page if not exist
page_name = "home.md"
if not seafile_api.get_file_id_by_path(repo_id, "/" + page_name):
try:
seafile_api.post_empty_file(repo_id, '/', page_name, username)
except SearpcError as e:
logger.error(e)
msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, msg)
fs = FileShare.objects.get_dir_link_by_path(username, repo_id, '/')
if not fs:
fs = FileShare.objects.create_dir_link(username, repo_id, '/',
permission='view_download', org_id=org_id)
return Response(wiki.to_dict())
def put(self, request, repo_id, format=None):
""" Currently only support lock, unlock, refresh-lock file.
Permission checking:
1. user with 'rw' permission for current file;
"""
if not is_pro_version():
error_msg = 'file lock feature only supported in professional edition.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# argument check
path = request.GET.get('p', None)
if not path:
error_msg = 'p invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
path = normalize_file_path(path)
operation = request.data.get('operation', None)
if not operation:
error_msg = 'operation invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
operation = operation.lower()
if operation not in ('lock', 'unlock', 'refresh-lock'):
error_msg = "operation can only be 'lock', 'unlock' or 'refresh-lock'."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
file_id = seafile_api.get_file_id_by_path(repo_id, path)
if not file_id:
error_msg = 'File %s not found.' % path
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# permission check
parent_dir = os.path.dirname(path)
if check_folder_permission(request, repo_id,
parent_dir) != PERMISSION_READ_WRITE:
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
username = request.user.username
try:
is_locked, locked_by_me = check_file_lock(repo_id, path, username)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# check if is locked by online office
locked_by_online_office = if_locked_by_online_office(repo_id, path)
if operation == 'lock':
if is_locked:
error_msg = _("File is locked")
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
expire = request.data.get('expire', 0)
try:
expire = int(expire)
except ValueError:
error_msg = 'expire invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if expire < 0:
error_msg = 'expire invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# lock file
try:
if expire > 0:
seafile_api.lock_file(repo_id, path, username,
int(time.time()) + expire)
else:
seafile_api.lock_file(repo_id, path, username, 0)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
error_msg)
if operation == 'unlock':
if not is_locked:
error_msg = _("File is not locked.")
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if locked_by_me or locked_by_online_office or \
is_repo_owner(request, repo_id, username) or \
is_repo_admin(username, repo_id):
# unlock file
try:
seafile_api.unlock_file(repo_id, path)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
error_msg)
else:
error_msg = 'You can not unlock this file.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if operation == 'refresh-lock':
if not is_locked:
error_msg = _("File is not locked.")
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
expire = request.data.get('expire', 0)
try:
expire = int(expire)
except ValueError:
error_msg = 'expire invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if expire < 0:
error_msg = 'expire invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if locked_by_me or locked_by_online_office:
# refresh lock file
try:
if expire > 0:
seafile_api.refresh_file_lock(
repo_id, path,
int(time.time()) + expire)
else:
seafile_api.refresh_file_lock(repo_id, path)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
error_msg)
else:
error_msg = _("You can not refresh this file's lock.")
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
file_info = self.get_file_info(username, repo_id, path)
return Response(file_info)
def post(self, request, format=None):
"""Add a new wiki.
"""
username = request.user.username
org_id = -1
if is_org_context(request):
org_id = request.user.org.org_id
repo_id = request.POST.get('repo_id', '')
if not repo_id:
msg = 'Repo id is invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, msg)
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# check perm
if not request.user.permissions.can_publish_repo():
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
is_owner = is_repo_owner(request, repo_id, username)
if not is_owner:
repo_admin = is_repo_admin(username, repo_id)
if not repo_admin:
is_group_repo_admin = is_group_repo_staff(request, repo_id, username)
if not is_group_repo_admin:
error_msg = _('Permission denied.')
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
try:
wiki = Wiki.objects.add(wiki_name=repo.repo_name, username=username,
repo_id=repo.repo_id, org_id=org_id, permission='public')
except DuplicateWikiNameError:
msg = _('%s is taken by others, please try another name.') % repo.repo_name
return api_error(status.HTTP_400_BAD_REQUEST, msg)
except IntegrityError:
msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, msg)
# create home page if not exist
page_name = "home.md"
if not seafile_api.get_file_id_by_path(repo_id, "/" + page_name):
try:
seafile_api.post_empty_file(repo_id, '/', page_name, username)
except SearpcError as e:
logger.error(e)
msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, msg)
fs = FileShare.objects.get_dir_link_by_path(username, repo_id, '/')
if not fs:
fs = FileShare.objects.create_dir_link(username, repo_id, '/',
permission='view_download', org_id=org_id)
return Response(wiki.to_dict())
def post(self, request, format=None):
"""Add a new wiki.
"""
use_exist_repo = request.POST.get('use_exist_repo', '')
if not use_exist_repo:
msg = 'Use exist repo is invalid'
return api_error(status.HTTP_400_BAD_REQUEST, msg)
name = request.POST.get('name', '')
if not name:
msg = 'Name is invalid'
return api_error(status.HTTP_400_BAD_REQUEST, msg)
if not is_valid_wiki_name(name):
msg = _(
'Name can only contain letters, numbers, blank, hyphen or underscore.'
)
return api_error(status.HTTP_400_BAD_REQUEST, msg)
username = request.user.username
org_id = -1
if is_org_context(request):
org_id = request.user.org.org_id
if use_exist_repo == 'false':
try:
wiki = Wiki.objects.add(name, username, org_id=org_id)
except DuplicateWikiNameError:
msg = _(
'%s is taken by others, please try another name.') % name
return api_error(status.HTTP_400_BAD_REQUEST, msg)
except IntegrityError:
msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, msg)
# create home page
page_name = "home.md"
try:
seafile_api.post_empty_file(wiki.repo_id, '/', page_name,
request.user.username)
except SearpcError as e:
logger.error(e)
msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, msg)
return Response(wiki.to_dict())
if use_exist_repo == 'true':
repo_id = request.POST.get('repo_id', '')
if not repo_id:
msg = 'Repo id is invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, msg)
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# check perm
is_owner = is_repo_owner(request, repo_id, username)
if not is_owner:
repo_admin = is_repo_admin(username, repo_id)
if not repo_admin:
is_group_repo_admin = is_group_repo_staff(
request, repo_id, username)
if not is_group_repo_admin:
error_msg = _('Permission denied.')
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
try:
wiki = Wiki.objects.add(wiki_name=repo.repo_name,
username=username,
repo_id=repo.repo_id,
org_id=org_id)
except DuplicateWikiNameError:
msg = _('%s is taken by others, please try another name.'
) % repo.repo_name
return api_error(status.HTTP_400_BAD_REQUEST, msg)
except IntegrityError:
msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, msg)
# create home page if not exist
page_name = "home.md"
if not seafile_api.get_file_id_by_path(repo_id, "/" + page_name):
try:
seafile_api.post_empty_file(repo_id, '/', page_name,
username)
except SearpcError as e:
logger.error(e)
msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
msg)
return Response(wiki.to_dict())
def put(self, request, repo_id):
""" Change/Init repo password.
Permission checking:
1. repo owner
"""
# argument check
operation = request.data.get('operation', 'change-password')
operation = operation.lower()
if operation not in ('change-password', 'reset-password', 'can-reset-password'):
error_msg = 'operation invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not repo.encrypted:
error_msg = 'Library %s is not encrypted.' % repo_id
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# permission check
username = request.user.username
if not is_repo_owner(request, repo_id, username):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if operation == 'change-password':
old_password = request.data.get('old_password', None)
if not old_password:
error_msg = 'old_password invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
new_password = request.data.get('new_password', None)
if not new_password:
error_msg = 'new_password invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
seafile_api.change_repo_passwd(repo_id, old_password, new_password, username)
except Exception as e:
if e.msg == 'Incorrect password':
error_msg = _(u'Wrong old password')
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
else:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if ENABLE_RESET_ENCRYPTED_REPO_PASSWORD:
add_encrypted_repo_secret_key_to_database(repo_id, new_password)
if operation == 'can-reset-password':
if not ENABLE_RESET_ENCRYPTED_REPO_PASSWORD:
error_msg = 'Feature disabled.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if not RepoSecretKey.objects.get_secret_key(repo_id):
return Response({'allowed': False})
else:
return Response({'allowed': True})
if operation == 'reset-password':
if not ENABLE_RESET_ENCRYPTED_REPO_PASSWORD:
error_msg = 'Feature disabled.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
new_password = request.data.get('new_password', None)
if not new_password:
error_msg = 'new_password invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
secret_key = RepoSecretKey.objects.get_secret_key(repo_id)
if not secret_key:
error_msg = _(u"Can not reset this library's password.")
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
seafile_api.reset_repo_passwd(repo_id, username, secret_key, new_password)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
return Response({'success': True})
