def get(self, request, repo_id, format=None): repo = seafile_api.get_repo(repo_id) if not repo: error_msg = 'Library %s not found.' % repo_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) # argument checking parent_dir = request.GET.get('parent_dir', None) dirent_name_string = request.GET.get('dirents', None) if not parent_dir: error_msg = 'parent_dir invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if not dirent_name_string: error_msg = 'dirents invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # folder exist checking if not seafile_api.get_dir_id_by_path(repo_id, parent_dir): error_msg = 'Folder %s not found.' % parent_dir return api_error(status.HTTP_404_NOT_FOUND, error_msg) # permission checking if check_folder_permission(request, repo_id, parent_dir) is None: error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) dirent_name_list = string2list(dirent_name_string) dirent_list = [] for dirent_name in dirent_name_list: dirent_list.append(dirent_name.strip('/')) fake_obj_id = {} fake_obj_id['file_list'] = dirent_list fake_obj_id['parent_dir'] = parent_dir username = request.user.username try: token = seafile_api.get_fileserver_access_token( repo_id, json.dumps(fake_obj_id), 'download-multi', username, False) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) if len(dirent_list) > 10: send_file_access_msg(request, repo, parent_dir, 'web') else: for dirent_name in dirent_list: full_dirent_path = posixpath.join(parent_dir, dirent_name) send_file_access_msg(request, repo, full_dirent_path, 'web') download_url = '%s/files/%s' % (get_fileserver_root(), token) return Response({'url': download_url})
def get(self, request): """get table file update link Permission: 1. use dtable_uuid verify jwt from dtable-server """ # argument check dtable_uuid = request.GET.get('dtable_uuid', None) if not dtable_uuid: error_msg = 'dtable_uuid invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # permission check auth = request.META.get('HTTP_AUTHORIZATION', '').split() if not is_valid_jwt(auth, dtable_uuid): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) # resource check dtable = DTables.objects.get_dtable_by_uuid(dtable_uuid) if not dtable: error_msg = 'dtable %s not found.' % dtable_uuid return api_error(status.HTTP_404_NOT_FOUND, error_msg) workspace = Workspaces.objects.get_workspace_by_id(dtable.workspace.id) if not workspace: error_msg = 'Workspace not found.' return api_error(status.HTTP_404_NOT_FOUND, error_msg) repo_id = workspace.repo_id repo = seafile_api.get_repo(repo_id) if not repo: error_msg = 'Library %s not found.' % repo_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) username = request.user.username # get token obj_id = json.dumps({'parent_dir': '/'}) try: token = seafile_api.get_fileserver_access_token(repo_id, obj_id, 'upload', username, use_onetime=False) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) update_link = '%s/%s/%s' % (get_fileserver_root(), 'upload-api', token) res = dict() res['update_link'] = update_link res['file_name'] = dtable.name + FILE_TYPE return Response(res)
def file_upload_progress_page(request): ''' As iframe in repo_upload_file.html, for solving problem in chrome. ''' uuid = request.GET.get('uuid', '') fileserver_root = get_fileserver_root() upload_progress_con_id = request.GET.get('upload_progress_con_id', '') return render_to_response('file_upload_progress_page.html', { 'uuid': uuid, 'fileserver_root': fileserver_root, 'upload_progress_con_id': upload_progress_con_id, }, context_instance=RequestContext(request))
def render_repo(request, repo): """Steps to show repo page: If user has permission to view repo If repo is encrypt and password is not set on server return decrypt repo page If repo is not encrypt or password is set on server Show repo direntries based on requested path If user does not have permission to view repo return permission deny page """ username = request.user.username path = get_path_from_request(request) user_perm = check_repo_access_permission(repo.id, request.user) if user_perm is None: return render_error(request, _(u'Permission denied')) sub_lib_enabled = UserOptions.objects.is_sub_lib_enabled(username) server_crypto = False if repo.encrypted: try: server_crypto = UserOptions.objects.is_server_crypto(username) except CryptoOptionNotSetError: return render_to_response('options/set_user_options.html', {}, context_instance=RequestContext(request)) if (repo.enc_version == 1 or (repo.enc_version == 2 and server_crypto)) \ and not is_password_set(repo.id, username): return render_to_response('decrypt_repo_form.html', { 'repo': repo, 'next': get_next_url_from_request(request) or reverse('repo', args=[repo.id]), 'force_server_crypto': FORCE_SERVER_CRYPTO, }, context_instance=RequestContext(request)) # query context args fileserver_root = get_fileserver_root() max_upload_file_size = get_max_upload_file_size() protocol = request.is_secure() and 'https' or 'http' domain = RequestSite(request).domain for g in request.user.joined_groups: g.avatar = grp_avatar(g.id, 20) head_commit = get_commit(repo.id, repo.version, repo.head_cmmt_id) if not head_commit: raise Http404 if new_merge_with_no_conflict(head_commit): info_commit = get_commit_before_new_merge(head_commit) else: info_commit = head_commit repo_size = get_repo_size(repo.id) no_quota = is_no_quota(repo.id) if is_org_context(request): repo_owner = seafile_api.get_org_repo_owner(repo.id) else: repo_owner = seafile_api.get_repo_owner(repo.id) is_repo_owner = True if repo_owner == username else False if is_repo_owner and not repo.is_virtual: show_repo_settings = True else: show_repo_settings = False file_list, dir_list, dirent_more = get_repo_dirents_with_perm(request, repo, head_commit, path, offset=0, limit=100) more_start = None if dirent_more: more_start = 100 zipped = get_nav_path(path, repo.name) repo_groups = get_shared_groups_by_repo_and_user(repo.id, username) if len(repo_groups) > 1: repo_group_str = render_to_string("snippets/repo_group_list.html", {'groups': repo_groups}) else: repo_group_str = '' fileshare = get_fileshare(repo.id, username, path) dir_shared_link = get_dir_share_link(fileshare) uploadlink = get_uploadlink(repo.id, username, path) dir_shared_upload_link = get_dir_shared_upload_link(uploadlink) for f in file_list: file_path = posixpath.join(path, f.obj_name) if allow_generate_thumbnail(request, repo.id, file_path): f.allow_generate_thumbnail = True if os.path.exists( os.path.join(THUMBNAIL_ROOT, str(THUMBNAIL_DEFAULT_SIZE), f.obj_id)): src = get_thumbnail_src(repo.id, THUMBNAIL_DEFAULT_SIZE, file_path) f.encoded_thumbnail_src = urlquote(src) return render_to_response('repo.html', { 'repo': repo, 'user_perm': user_perm, 'repo_owner': repo_owner, 'is_repo_owner': is_repo_owner, 'show_repo_settings': show_repo_settings, 'current_commit': head_commit, 'info_commit': info_commit, 'password_set': True, 'repo_size': repo_size, 'dir_list': dir_list, 'file_list': file_list, 'dirent_more': dirent_more, 'more_start': more_start, 'path': path, 'zipped': zipped, 'groups': repo_groups, 'repo_group_str': repo_group_str, 'no_quota': no_quota, 'max_upload_file_size': max_upload_file_size, 'fileserver_root': fileserver_root, 'protocol': protocol, 'domain': domain, 'fileshare': fileshare, 'dir_shared_link': dir_shared_link, 'uploadlink': uploadlink, 'dir_shared_upload_link': dir_shared_upload_link, 'ENABLE_SUB_LIBRARY': ENABLE_SUB_LIBRARY, 'server_crypto': server_crypto, 'sub_lib_enabled': sub_lib_enabled, 'enable_upload_folder': ENABLE_UPLOAD_FOLDER, 'ENABLE_THUMBNAIL': ENABLE_THUMBNAIL, }, context_instance=RequestContext(request))
def render_repo(request, repo): """Steps to show repo page: If user has permission to view repo If repo is encrypt and password is not set on server return decrypt repo page If repo is not encrypt or password is set on server Show repo direntries based on requested path If user does not have permission to view repo return permission deny page """ username = request.user.username path = get_path_from_request(request) user_perm = check_repo_access_permission(repo.id, request.user) if user_perm is None: return render_to_response('repo_access_deny.html', { 'repo': repo, }, context_instance=RequestContext(request)) sub_lib_enabled = UserOptions.objects.is_sub_lib_enabled(username) server_crypto = False if repo.encrypted: try: server_crypto = UserOptions.objects.is_server_crypto(username) except CryptoOptionNotSetError: return render_to_response('options/set_user_options.html', { }, context_instance=RequestContext(request)) if (repo.enc_version == 1 or (repo.enc_version == 2 and server_crypto)) \ and not is_password_set(repo.id, username): return render_to_response('decrypt_repo_form.html', { 'repo': repo, 'next': get_next_url_from_request(request) or \ reverse('repo', args=[repo.id]), 'force_server_crypto': FORCE_SERVER_CRYPTO, }, context_instance=RequestContext(request)) # query context args fileserver_root = get_fileserver_root() max_upload_file_size = get_max_upload_file_size() protocol = request.is_secure() and 'https' or 'http' domain = RequestSite(request).domain for g in request.user.joined_groups: g.avatar = grp_avatar(g.id, 20) head_commit = get_commit(repo.id, repo.version, repo.head_cmmt_id) if not head_commit: raise Http404 if new_merge_with_no_conflict(head_commit): info_commit = get_commit_before_new_merge(head_commit) else: info_commit = head_commit repo_size = get_repo_size(repo.id) no_quota = is_no_quota(repo.id) if is_org_context(request): repo_owner = seafile_api.get_org_repo_owner(repo.id) else: repo_owner = seafile_api.get_repo_owner(repo.id) is_repo_owner = True if repo_owner == username else False if is_repo_owner and not repo.is_virtual: show_repo_settings = True else: show_repo_settings = False more_start = None file_list, dir_list, dirent_more = get_repo_dirents(request, repo, head_commit, path, offset=0, limit=100) if dirent_more: more_start = 100 zipped = get_nav_path(path, repo.name) repo_groups = get_shared_groups_by_repo_and_user(repo.id, username) if len(repo_groups) > 1: repo_group_str = render_to_string("snippets/repo_group_list.html", {'groups': repo_groups}) else: repo_group_str = '' upload_url = get_upload_url(request, repo.id) fileshare = get_fileshare(repo.id, username, path) dir_shared_link = get_dir_share_link(fileshare) uploadlink = get_uploadlink(repo.id, username, path) dir_shared_upload_link = get_dir_shared_upload_link(uploadlink) return render_to_response('repo.html', { 'repo': repo, 'user_perm': user_perm, 'repo_owner': repo_owner, 'is_repo_owner': is_repo_owner, 'show_repo_settings': show_repo_settings, 'current_commit': head_commit, 'info_commit': info_commit, 'password_set': True, 'repo_size': repo_size, 'dir_list': dir_list, 'file_list': file_list, 'dirent_more': dirent_more, 'more_start': more_start, 'path': path, 'zipped': zipped, 'groups': repo_groups, 'repo_group_str': repo_group_str, 'no_quota': no_quota, 'max_upload_file_size': max_upload_file_size, 'upload_url': upload_url, 'fileserver_root': fileserver_root, 'protocol': protocol, 'domain': domain, 'fileshare': fileshare, 'dir_shared_link': dir_shared_link, 'uploadlink': uploadlink, 'dir_shared_upload_link': dir_shared_upload_link, 'ENABLE_SUB_LIBRARY': ENABLE_SUB_LIBRARY, 'server_crypto': server_crypto, "sub_lib_enabled": sub_lib_enabled, }, context_instance=RequestContext(request))
def render_repo(request, repo): """Steps to show repo page: If user has permission to view repo If repo is encrypt and password is not set on server return decrypt repo page If repo is not encrypt or password is set on server Show repo direntries based on requested path If user does not have permission to view repo return permission deny page """ username = request.user.username path = get_path_from_request(request) user_perm = check_repo_access_permission(repo.id, request.user) if user_perm is None: return render_to_response("repo_access_deny.html", {"repo": repo}, context_instance=RequestContext(request)) sub_lib_enabled = UserOptions.objects.is_sub_lib_enabled(username) server_crypto = False if repo.encrypted: try: server_crypto = UserOptions.objects.is_server_crypto(username) except CryptoOptionNotSetError: return render_to_response("options/set_user_options.html", {}, context_instance=RequestContext(request)) if (repo.enc_version == 1 or (repo.enc_version == 2 and server_crypto)) and not is_password_set( repo.id, username ): return render_to_response( "decrypt_repo_form.html", { "repo": repo, "next": get_next_url_from_request(request) or reverse("repo", args=[repo.id]), "force_server_crypto": FORCE_SERVER_CRYPTO, }, context_instance=RequestContext(request), ) # query context args fileserver_root = get_fileserver_root() max_upload_file_size = get_max_upload_file_size() protocol = request.is_secure() and "https" or "http" domain = RequestSite(request).domain for g in request.user.joined_groups: g.avatar = grp_avatar(g.id, 20) head_commit = get_commit(repo.id, repo.version, repo.head_cmmt_id) if not head_commit: raise Http404 if new_merge_with_no_conflict(head_commit): info_commit = get_commit_before_new_merge(head_commit) else: info_commit = head_commit repo_size = get_repo_size(repo.id) no_quota = is_no_quota(repo.id) if is_org_context(request): repo_owner = seafile_api.get_org_repo_owner(repo.id) else: repo_owner = seafile_api.get_repo_owner(repo.id) is_repo_owner = True if repo_owner == username else False if is_repo_owner and not repo.is_virtual: show_repo_settings = True else: show_repo_settings = False more_start = None file_list, dir_list, dirent_more = get_repo_dirents(request, repo, head_commit, path, offset=0, limit=100) if dirent_more: more_start = 100 zipped = get_nav_path(path, repo.name) repo_groups = get_shared_groups_by_repo_and_user(repo.id, username) if len(repo_groups) > 1: repo_group_str = render_to_string("snippets/repo_group_list.html", {"groups": repo_groups}) else: repo_group_str = "" upload_url = get_upload_url(request, repo.id) fileshare = get_fileshare(repo.id, username, path) dir_shared_link = get_dir_share_link(fileshare) uploadlink = get_uploadlink(repo.id, username, path) dir_shared_upload_link = get_dir_shared_upload_link(uploadlink) return render_to_response( "repo.html", { "repo": repo, "user_perm": user_perm, "repo_owner": repo_owner, "is_repo_owner": is_repo_owner, "show_repo_settings": show_repo_settings, "current_commit": head_commit, "info_commit": info_commit, "password_set": True, "repo_size": repo_size, "dir_list": dir_list, "file_list": file_list, "dirent_more": dirent_more, "more_start": more_start, "path": path, "zipped": zipped, "groups": repo_groups, "repo_group_str": repo_group_str, "no_quota": no_quota, "max_upload_file_size": max_upload_file_size, "upload_url": upload_url, "fileserver_root": fileserver_root, "protocol": protocol, "domain": domain, "fileshare": fileshare, "dir_shared_link": dir_shared_link, "uploadlink": uploadlink, "dir_shared_upload_link": dir_shared_upload_link, "ENABLE_SUB_LIBRARY": ENABLE_SUB_LIBRARY, "server_crypto": server_crypto, "sub_lib_enabled": sub_lib_enabled, }, context_instance=RequestContext(request), )
def get(self, request, repo_id, format=None): repo = seafile_api.get_repo(repo_id) if not repo: error_msg = 'Library %s not found.' % repo_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) # argument checking parent_dir = request.GET.get('parent_dir', None) dirent_name_string = request.GET.get('dirents', None) if not parent_dir: error_msg = 'parent_dir invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if not dirent_name_string: error_msg = 'dirents invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # folder exist checking if not seafile_api.get_dir_id_by_path(repo_id, parent_dir): error_msg = 'Folder %s not found.' % parent_dir return api_error(status.HTTP_404_NOT_FOUND, error_msg) # permission checking if check_folder_permission(request, repo_id, parent_dir) is None: error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) dirent_name_list = string2list(dirent_name_string) dirent_list = [] total_size = 0 for dirent_name in dirent_name_list: dirent_name = dirent_name.strip('/') dirent_list.append(dirent_name) full_dirent_path = posixpath.join(parent_dir, dirent_name) current_dirent = seafile_api.get_dirent_by_path(repo_id, full_dirent_path) if stat.S_ISDIR(current_dirent.mode): total_size += seafile_api.get_dir_size(repo.store_id, repo.version, current_dirent.obj_id) else: total_size += current_dirent.size if total_size > seaserv.MAX_DOWNLOAD_DIR_SIZE: error_msg = _('Total size exceeds limit.') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) fake_obj_id = {} fake_obj_id['file_list'] = dirent_list fake_obj_id['parent_dir'] = parent_dir username = request.user.username try: token = seafile_api.get_fileserver_access_token(repo_id, json.dumps(fake_obj_id), 'download-multi', username, False) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) if len(dirent_list) > 10: send_file_access_msg(request, repo, parent_dir, 'web') else: for dirent_name in dirent_list: full_dirent_path = posixpath.join(parent_dir, dirent_name) send_file_access_msg(request, repo, full_dirent_path, 'web') download_url = '%s/files/%s' % (get_fileserver_root(), token) return Response({'url': download_url})
def render_repo(request, repo): """Steps to show repo page: If user has permission to view repo If repo is encrypt and password is not set on server return decrypt repo page If repo is not encrypt or password is set on server Show repo direntries based on requested path If user does not have permission to view repo return permission deny page """ username = request.user.username path = get_path_from_request(request) user_perm = check_folder_permission(request, repo.id, '/') if user_perm is None: return render_error(request, _(u'Permission denied')) sub_lib_enabled = UserOptions.objects.is_sub_lib_enabled(username) server_crypto = False if repo.encrypted: try: server_crypto = UserOptions.objects.is_server_crypto(username) except CryptoOptionNotSetError: return render_to_response( 'options/set_user_options.html', {}, context_instance=RequestContext(request)) if (repo.enc_version == 1 or (repo.enc_version == 2 and server_crypto)) \ and not is_password_set(repo.id, username): return render_to_response( 'decrypt_repo_form.html', { 'repo': repo, 'next': get_next_url_from_request(request) or reverse('repo', args=[repo.id]), 'force_server_crypto': FORCE_SERVER_CRYPTO, }, context_instance=RequestContext(request)) # query context args fileserver_root = get_fileserver_root() max_upload_file_size = get_max_upload_file_size() protocol = request.is_secure() and 'https' or 'http' domain = RequestSite(request).domain for g in request.user.joined_groups: g.avatar = grp_avatar(g.id, 20) head_commit = get_commit(repo.id, repo.version, repo.head_cmmt_id) if not head_commit: raise Http404 if new_merge_with_no_conflict(head_commit): info_commit = get_commit_before_new_merge(head_commit) else: info_commit = head_commit repo_size = get_repo_size(repo.id) no_quota = is_no_quota(repo.id) if is_org_context(request): repo_owner = seafile_api.get_org_repo_owner(repo.id) else: repo_owner = seafile_api.get_repo_owner(repo.id) is_repo_owner = True if repo_owner == username else False if is_repo_owner and not repo.is_virtual: show_repo_settings = True else: show_repo_settings = False file_list, dir_list, dirent_more = get_repo_dirents_with_perm( request, repo, head_commit, path, offset=0, limit=100) more_start = None if dirent_more: more_start = 100 zipped = get_nav_path(path, repo.name) fileshare = get_fileshare(repo.id, username, path) dir_shared_link = get_dir_share_link(fileshare) uploadlink = get_uploadlink(repo.id, username, path) dir_shared_upload_link = get_dir_shared_upload_link(uploadlink) for f in file_list: file_type, file_ext = get_file_type_and_ext(f.obj_name) if file_type == IMAGE: f.is_img = True file_path = posixpath.join(path, f.obj_name) if os.path.exists( os.path.join(THUMBNAIL_ROOT, str(THUMBNAIL_DEFAULT_SIZE), f.obj_id)): src = get_thumbnail_src(repo.id, THUMBNAIL_DEFAULT_SIZE, file_path) f.encoded_thumbnail_src = urlquote(src) return render_to_response( 'repo.html', { 'repo': repo, 'user_perm': user_perm, 'repo_owner': repo_owner, 'is_repo_owner': is_repo_owner, 'show_repo_settings': show_repo_settings, 'current_commit': head_commit, 'info_commit': info_commit, 'password_set': True, 'repo_size': repo_size, 'dir_list': dir_list, 'file_list': file_list, 'dirent_more': dirent_more, 'more_start': more_start, 'path': path, 'zipped': zipped, 'no_quota': no_quota, 'max_upload_file_size': max_upload_file_size, 'fileserver_root': fileserver_root, 'protocol': protocol, 'domain': domain, 'fileshare': fileshare, 'dir_shared_link': dir_shared_link, 'uploadlink': uploadlink, 'dir_shared_upload_link': dir_shared_upload_link, 'ENABLE_SUB_LIBRARY': ENABLE_SUB_LIBRARY, 'server_crypto': server_crypto, 'sub_lib_enabled': sub_lib_enabled, 'enable_upload_folder': ENABLE_UPLOAD_FOLDER, 'ENABLE_THUMBNAIL': ENABLE_THUMBNAIL, }, context_instance=RequestContext(request))