def put(self, request, group_id, repo_id): """ Set sub repo folder permission. """ path = request.data.get('path', None) if not path: error_msg = 'path invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) perm = request.data.get('permission', None) if not perm or perm not in [PERMISSION_READ, PERMISSION_READ_WRITE]: error_msg = 'permission invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # resource check repo = seafile_api.get_repo(repo_id) if not repo: error_msg = 'Library %s not found.' % repo_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) path = normalize_dir_path(path) if not seafile_api.get_dir_id_by_path(repo_id, path): error_msg = 'Folder %s not found.' % path return api_error(status.HTTP_404_NOT_FOUND, error_msg) # permission check group_id = int(group_id) try: seafile_api.add_folder_group_perm(repo_id, path, perm, group_id) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) return Response({'success': True})
def test_can_delete_folder_perm_with_admin_group(self): if not LOCAL_PRO_DEV_ENV: return self.share_repo_to_group_with_admin_permission() self.add_admin_to_group() self.login_as(self.admin) seafile_api.add_folder_group_perm(self.user_repo_id, self.user_folder_path, self.perm_r, self.group_id) resp = self.client.get( reverse("api2-repo-group-folder-perm", args=[self.user_repo_id])) json_resp = json.loads(resp.content) assert len(json_resp) == 1 url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) data = 'group_id=%s&folder_path=%s' % (self.group_id, self.user_folder_path) resp = self.client.delete(url, data, 'application/x-www-form-urlencoded') self.assertEqual(200, resp.status_code) resp = self.client.get( reverse("api2-repo-group-folder-perm", args=[self.user_repo_id])) json_resp = json.loads(resp.content) assert len(json_resp) == 0
def test_can_not_add_if_folder_perm_already_exist(self): if not LOCAL_PRO_DEV_ENV: return seafile_api.add_folder_group_perm(self.user_repo_id, self.user_folder_path, self.perm_r, self.group_id) self.login_as(self.user) url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) data = {"group_id": self.group_id, "path": self.user_folder_path, "perm": self.perm_rw} resp = self.client.post(url, data) self.assertEqual(409, resp.status_code)
def test_can_get_folder_perm(self): if not LOCAL_PRO_DEV_ENV: return seafile_api.add_folder_group_perm(self.user_repo_id, self.user_folder_path, self.perm_r, self.group_id) self.login_as(self.user) resp = self.client.get(reverse("api2-repo-group-folder-perm", args=[self.user_repo_id])) self.assertEqual(200, resp.status_code) json_resp = json.loads(resp.content) assert json_resp[0]["group_id"] == self.group_id assert json_resp[0]["repo_id"] == self.user_repo_id assert json_resp[0]["permission"] == self.perm_r assert json_resp[0]["folder_path"] == self.user_folder_path
def test_can_get_folder_perm_with_admin(self): if not LOCAL_PRO_DEV_ENV: return self.share_repo_to_admin_with_admin_permission() self.login_as(self.admin) seafile_api.add_folder_group_perm(self.user_repo_id, self.user_folder_path, self.perm_r, self.group_id) resp = self.client.get( reverse("api2-repo-group-folder-perm", args=[self.user_repo_id])) self.assertEqual(200, resp.status_code) json_resp = json.loads(resp.content) assert json_resp[0]['group_id'] == self.group_id assert json_resp[0]['repo_id'] == self.user_repo_id assert json_resp[0]['permission'] == self.perm_r assert json_resp[0]['folder_path'] == self.user_folder_path
def test_can_modify_folder_perm(self): if not LOCAL_PRO_DEV_ENV: return seafile_api.add_folder_group_perm(self.user_repo_id, self.user_folder_path, self.perm_r, self.group_id) self.login_as(self.user) url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) data = "group_id=%s&path=%s&perm=%s" % (self.group_id, self.user_folder_path, self.perm_rw) resp = self.client.put(url, data, "application/x-www-form-urlencoded") self.assertEqual(200, resp.status_code) resp = self.client.get(reverse("api2-repo-group-folder-perm", args=[self.user_repo_id])) json_resp = json.loads(resp.content) assert json_resp[0]["permission"] == self.perm_rw
def test_can_not_add_if_folder_perm_already_exist(self): if not LOCAL_PRO_DEV_ENV: return seafile_api.add_folder_group_perm(self.user_repo_id, self.user_folder_path, self.perm_r, self.group_id) self.login_as(self.user) url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) data = { "group_id": self.group_id, "folder_path": self.user_folder_path, "permission": self.perm_rw } resp = self.client.post(url, data) self.assertEqual(409, resp.status_code)
def test_can_modify_folder_perm(self): if not LOCAL_PRO_DEV_ENV: return seafile_api.add_folder_group_perm(self.user_repo_id, self.user_folder_path, self.perm_r, self.group_id) self.login_as(self.user) url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) data = 'group_id=%s&folder_path=%s&permission=%s' % (self.group_id, self.user_folder_path, self.perm_rw) resp = self.client.put(url, data, 'application/x-www-form-urlencoded') self.assertEqual(200, resp.status_code) resp = self.client.get(reverse("api2-repo-group-folder-perm", args=[self.user_repo_id])) json_resp = json.loads(resp.content) assert json_resp[0]['permission'] == self.perm_rw
def test_can_delete_folder_perm(self): if not LOCAL_PRO_DEV_ENV: return seafile_api.add_folder_group_perm(self.user_repo_id, self.user_folder_path, self.perm_r, self.group_id) self.login_as(self.user) resp = self.client.get(reverse("api2-repo-group-folder-perm", args=[self.user_repo_id])) json_resp = json.loads(resp.content) assert len(json_resp) == 1 url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) data = 'group_id=%s&folder_path=%s' % (self.group_id, self.user_folder_path) resp = self.client.delete(url, data, 'application/x-www-form-urlencoded') self.assertEqual(200, resp.status_code) resp = self.client.get(reverse("api2-repo-group-folder-perm", args=[self.user_repo_id])) json_resp = json.loads(resp.content) assert len(json_resp) == 0
def test_can_not_add_if_folder_perm_already_exist(self): if not LOCAL_PRO_DEV_ENV: return seafile_api.add_folder_group_perm(self.user_repo_id, self.user_folder_path, self.perm_r, self.group_id) self.login_as(self.user) url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) data = { "group_id": self.group_id, "folder_path": self.user_folder_path, "permission": self.perm_rw } resp = self.client.post(url, data) json_resp = json.loads(resp.content) assert len(json_resp['failed']) == 1 assert len(json_resp['success']) == 0 assert json_resp['failed'][0]['group_id'] == self.group_id
def post(self, request, repo_id, format=None): """ Add repo group folder perm. Permission checking: 1. is group admin """ # argument check path = request.data.get('folder_path', None) if not path: error_msg = 'folder_path invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) perm = request.data.get('permission', None) if not perm or perm not in get_available_repo_perms(): error_msg = 'permission invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # resource check repo = seafile_api.get_repo(repo_id) if not repo: error_msg = 'Library %s not found.' % repo_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) path = normalize_dir_path(path) if not seafile_api.get_dir_id_by_path(repo_id, path): error_msg = 'Folder %s not found.' % path return api_error(status.HTTP_404_NOT_FOUND, error_msg) repo_owner = get_repo_owner(request, repo_id) group_id = get_group_id_by_repo_owner(repo_owner) if not ccnet_api.get_group(group_id): error_msg = 'Group %s not found.' % group_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) # permission check username = request.user.username if not is_group_admin(group_id, username): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) result = {} result['failed'] = [] result['success'] = [] group_ids = request.data.getlist('group_id') for group_id in group_ids: try: group_id = int(group_id) except ValueError: result['failed'].append({ 'group_id': group_id, 'error_msg': 'group_id invalid.' }) continue if not ccnet_api.get_group(group_id): result['failed'].append({ 'group_id': group_id, 'error_msg': 'Group %s not found.' % group_id }) continue permission = seafile_api.get_folder_group_perm(repo_id, path, group_id) if permission: result['failed'].append({ 'group_id': group_id, 'error_msg': _(u'Permission already exists.') }) continue try: seafile_api.add_folder_group_perm(repo_id, path, perm, group_id) send_perm_audit_msg('add-repo-perm', username, group_id, repo_id, path, perm) except Exception as e: logger.error(e) result['failed'].append({ 'group_id': group_id, 'error_msg': 'Internal Server Error' }) new_perm = seafile_api.get_folder_group_perm(repo_id, path, group_id) new_perm_info = self._get_group_folder_perm_info( group_id, repo_id, path, new_perm) result['success'].append(new_perm_info) return Response(result)