def test_get_with_invalid_repo_permission(self): user_shared_repos = \ seafile_api.get_share_out_repo_list(self.admin_name, -1, -1) for repo in user_shared_repos: seafile_api.remove_share(repo.repo_id, self.admin_name, repo.user) group_shared_repos = seafile_api.get_group_repos_by_owner( self.admin_name) for repo in group_shared_repos: seafile_api.unset_group_repo(repo.repo_id, repo.group_id, self.admin_name) public_shared_repos = seafile_api.list_inner_pub_repos_by_owner( self.admin_name) for repo in public_shared_repos: seafile_api.remove_inner_pub_repo(repo.repo_id) self.share_repo_to_user() self.share_repo_to_group() self.share_repo_to_public() # login with admin, then get user's share repo info self.login_as(self.admin) resp = self.client.get(self.url) self.assertEqual(200, resp.status_code) json_resp = json.loads(resp.content) assert len(json_resp) == 0
def get(self, request, format=None): """ List all shared out folders. Permission checking: 1. all authenticated user can perform this action. """ shared_repos = [] username = request.user.username try: if is_org_context(request): org_id = request.user.org.org_id shared_repos += seafile_api.get_org_share_out_repo_list(org_id, username, -1, -1) shared_repos += seaserv.seafserv_threaded_rpc.get_org_group_repos_by_owner(org_id, username) else: shared_repos += seafile_api.get_share_out_repo_list(username, -1, -1) shared_repos += seafile_api.get_group_repos_by_owner(username) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) returned_result = [] shared_repos.sort(lambda x, y: cmp(x.repo_name, y.repo_name)) for repo in shared_repos: if not repo.is_virtual: continue result = {} result['repo_id'] = repo.origin_repo_id result['repo_name'] = repo.origin_repo_name result['path'] = repo.origin_path result['folder_name'] = repo.name result['share_type'] = repo.share_type result['share_permission'] = repo.permission if repo.share_type == 'personal': result['user_name'] = email2nickname(repo.user) result['user_email'] = repo.user result['contact_email'] = Profile.objects.get_contact_email_by_user(repo.user) if repo.share_type == 'group': group = ccnet_api.get_group(repo.group_id) if not group: if is_org_context(request): seafile_api.org_unshare_subdir_for_group(org_id, repo.repo_id, repo.origin_path, username, repo.group_id) else: seafile_api.unshare_subdir_for_group( repo.repo_id, repo.origin_path, username, repo.group_id) continue result['group_id'] = repo.group_id result['group_name'] = group.group_name returned_result.append(result) return Response(returned_result)
def test_can_update_group_share_perm(self): self.share_repo_to_group() # print seafile_api.get_folder_group_perm(self.repo_id, '/', int(self.group_id)) repos = seafile_api.get_group_repos_by_owner(self.user_name) assert repos[0].permission == 'rw' self.login_as(self.user) url = reverse('api-v2.1-shared-repo', args=[self.repo_id]) data = 'permission=r&share_type=group&group_id=%s' % self.group_id resp = self.client.put(url, data, 'application/x-www-form-urlencoded') self.assertEqual(200, resp.status_code) repos = seafile_api.get_group_repos_by_owner(self.user_name) assert repos[0].permission == 'r'
def test_delete_group_share(self): self.share_repo_to_group() # repo in group repos = seafile_api.get_group_repos_by_owner(self.user_name) assert repos[0].permission == 'rw' self.login_as(self.user) args = '?share_type=group&group_id=%s' % self.group_id url = reverse('api-v2.1-shared-repo', args=[self.repo_id]) + args resp = self.client.delete(url, {}, 'application/x-www-form-urlencoded') self.assertEqual(200, resp.status_code) # repo NOT in group repos = seafile_api.get_group_repos_by_owner(self.user_name) assert len(repos) == 0
def get(self, request, format=None): """ List all shared out repos. Permission checking: 1. all authenticated user can perform this action. """ shared_repos = [] username = request.user.username try: if is_org_context(request): org_id = request.user.org.org_id shared_repos += seafile_api.get_org_share_out_repo_list(org_id, username, -1, -1) shared_repos += seaserv.seafserv_threaded_rpc.get_org_group_repos_by_owner(org_id, username) shared_repos += seaserv.seafserv_threaded_rpc.list_org_inner_pub_repos_by_owner(org_id, username) else: shared_repos += seafile_api.get_share_out_repo_list(username, -1, -1) shared_repos += seafile_api.get_group_repos_by_owner(username) if not request.cloud_mode: shared_repos += seaserv.list_inner_pub_repos_by_owner(username) except Exception as e: logger.error(e) error_msg = "Internal Server Error" return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) returned_result = [] shared_repos.sort(lambda x, y: cmp(x.repo_name, y.repo_name)) for repo in shared_repos: if repo.is_virtual: continue result = {} result["repo_id"] = repo.repo_id result["repo_name"] = repo.repo_name result["share_type"] = repo.share_type result["share_permission"] = repo.permission if repo.share_type == "personal": result["user_name"] = email2nickname(repo.user) result["user_email"] = repo.user if repo.share_type == "group": group = ccnet_api.get_group(repo.group_id) result["group_id"] = repo.group_id result["group_name"] = group.group_name returned_result.append(result) return Response(returned_result)
def setUp(self): self.repo_id = self.repo.id self.group_id = self.group.id self.user_name = self.user.username self.admin_name = self.admin.username self.url = reverse('api-v2.1-shared-repos') # make sure this user has not sharing any repos for x in seafile_api.get_share_out_repo_list(self.user_name, -1, -1): seafile_api.remove_share(x.repo_id, self.user_name, x.user) assert len(seafile_api.get_share_out_repo_list(self.user_name, -1, -1)) == 0 for x in seafile_api.get_group_repos_by_owner(self.user_name): seafile_api.unset_group_repo(x.repo_id, x.group_id, self.user_name) assert len(seafile_api.get_group_repos_by_user(self.user_name)) == 0
def show_share_info(user, show_groupmembers=False): shared_repos = seafile_api.get_share_out_repo_list(user, -1, -1) shared_repos += seafile_api.get_group_repos_by_owner(user) shown_repos = set() if show_groupmembers: groups = {} for repo in shared_repos: if repo.repo_id in shown_repos: continue shown_repos.add(repo.repo_id) if repo.is_virtual: print("Folder %s of Repo %s, shared to:" % (repo.origin_path, repo.origin_repo_id)) else: print("Repo %s (%s), shared to:" % (repo.repo_id, repo.name)) sgroups = seafile_api.list_repo_shared_group(user, repo.repo_id) print("groups:") for sgroup in sgroups: print("%s (%d), %s" % (ccnet_api.get_group( sgroup.group_id).group_name, sgroup.group_id, sgroup.perm)) if show_groupmembers: groups[sgroup.group_id] = sgroup susers = seafile_api.list_repo_shared_to(user, repo.repo_id) print("users:") for suser in susers: print("%s, %s" % (suser.user, suser.perm)) print("\n") if show_groupmembers: print("\ngroup memberships:") for group in groups.values(): print("group %s (%d):" % (ccnet_api.get_group( group.group_id).group_name, group.group_id)) gusers = ccnet_api.get_group_members(group.group_id) for guser in gusers: print("%s" % (guser.user_name)) print("")
def test_get_group_repos(repo, group): repo = api.get_repo(repo.id) api.group_share_repo(repo.id, group.id, USER, 'rw') repos = api.get_repos_by_group(group.id) assert_group_repos_attr(repo, repos[0]) repos = api.get_group_repos_by_owner(USER) assert_group_repos_attr(repo, repos[0]) v_repo_id = api.share_subdir_to_group(repo.id, '/dir1', USER, group.id, 'rw') v_repo = api.get_repo(v_repo_id) v_repo_to_test = api.get_group_shared_repo_by_path(repo.id, '/dir1', group.id) assert_group_repos_attr(v_repo, v_repo_to_test) api.unshare_subdir_for_group(repo.id, '/dir1', USER, group.id) repos = api.get_group_repos_by_user(USER) assert_group_repos_attr(repo, repos[0]) assert api.group_unshare_repo(repo.id, group.id, USER) == 0
def get(self, request, format=None): """ List all shared out repos. Permission checking: 1. all authenticated user can perform this action. """ shared_repos = [] username = request.user.username try: if is_org_context(request): org_id = request.user.org.org_id shared_repos += seafile_api.get_org_share_out_repo_list( org_id, username, -1, -1) shared_repos += seafile_api.get_org_group_repos_by_owner( org_id, username) shared_repos += seafile_api.list_org_inner_pub_repos_by_owner( org_id, username) else: shared_repos += seafile_api.get_share_out_repo_list( username, -1, -1) shared_repos += seafile_api.get_group_repos_by_owner(username) if not request.cloud_mode: shared_repos += seafile_api.list_inner_pub_repos_by_owner( username) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) returned_result = [] shared_repos.sort(lambda x, y: cmp(x.repo_name, y.repo_name)) usernames = [] gids = [] for repo in shared_repos: if repo.is_virtual: continue result = {} result['repo_id'] = repo.repo_id result['repo_name'] = repo.repo_name result['encrypted'] = repo.encrypted result['share_type'] = repo.share_type result['share_permission'] = repo.permission result['modifier_email'] = repo.last_modifier result['modifier_name'] = email2nickname(repo.last_modifier) result['modifier_contact_email'] = email2contact_email( repo.last_modifier) if repo.share_type == 'personal': result['user_name'] = email2nickname(repo.user) result['user_email'] = repo.user result[ 'contact_email'] = Profile.objects.get_contact_email_by_user( repo.user) usernames.append((repo.repo_id, repo.user)) if repo.share_type == 'group': group = ccnet_api.get_group(repo.group_id) result['group_id'] = repo.group_id result['group_name'] = group.group_name if group else '' gids.append(repo.group_id) returned_result.append(result) user_admins = ExtraSharePermission.objects.batch_is_admin(usernames) group_admins = ExtraGroupsSharePermission.objects.batch_get_repos_with_admin_permission( gids) for result in returned_result: if result['share_type'] == 'group': result['is_admin'] = (result['repo_id'], result['group_id']) in group_admins elif result['share_type'] == 'personal': result['is_admin'] = (result['repo_id'], result['user_email']) in user_admins return Response(returned_result)
def test_share_repo_to_group(repo, group, permission): assert api.check_permission(repo.id, USER) == 'rw' assert api.check_permission(repo.id, USER2) is None repos = api.get_repos_by_group(group.id) assert len(repos) == 0 group_list = ccnet_api.get_groups(USER) assert len(group_list) == 1 group_list = ccnet_api.get_groups(USER2) assert len(group_list) == 0 api.group_share_repo(repo.id, group.id, USER, permission) repos = api.get_repos_by_group(group.id) assert_repo_with_permission(repo, repos, permission) group_ids = api.get_shared_group_ids_by_repo(repo.id) assert group_ids[0] == str(group.id) group_list = api.list_repo_shared_group_by_user(USER, repo.id) assert len(group_list) == 1 group_list = api.list_repo_shared_group_by_user(USER2, repo.id) assert len(group_list) == 0 repo_get = api.get_group_shared_repo_by_path(repo.id, None, group.id) assert repo_get and repo_get.repo_id == repo.id ccnet_api.group_add_member(group.id, USER, USER2) group_list = ccnet_api.get_groups(USER2) assert len(group_list) == 1 group = group_list[0] assert group.id == group.id repos2 = api.get_repos_by_group(group.id) assert_repo_with_permission(repo, repos2, permission) assert api.check_permission(repo.id, USER2) == permission repos = api.get_group_repos_by_user(USER) assert len(repos) == 1 repoids = api.get_group_repoids(group.id) assert len(repoids) == 1 repos = api.get_group_repos_by_owner(USER) assert len(repos) == 1 api.remove_group_repos_by_owner(group.id, USER) repos = api.get_group_repos_by_owner(USER) assert len(repos) == 0 api.set_group_repo(repo.id, group.id, USER, permission) repos = api.get_repos_by_group(group.id) assert len(repos) == 1 api.remove_group_repos(group.id) repos = api.get_repos_by_group(group.id) assert len(repos) == 0 api.group_unshare_repo(repo.id, group.id, USER) repos = api.get_repos_by_group(group.id) assert len(repos) == 0 assert api.check_permission(repo.id, USER2) is None
def get(self, request, format=None): """ List all shared out repos. Permission checking: 1. all authenticated user can perform this action. """ shared_repos = [] username = request.user.username try: if is_org_context(request): org_id = request.user.org.org_id shared_repos += seafile_api.get_org_share_out_repo_list(org_id, username, -1, -1) shared_repos += seafile_api.get_org_group_repos_by_owner(org_id, username) shared_repos += seafile_api.list_org_inner_pub_repos_by_owner(org_id, username) else: shared_repos += seafile_api.get_share_out_repo_list(username, -1, -1) shared_repos += seafile_api.get_group_repos_by_owner(username) if not request.cloud_mode: shared_repos += seafile_api.list_inner_pub_repos_by_owner(username) except Exception as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) returned_result = [] shared_repos.sort(lambda x, y: cmp(x.repo_name, y.repo_name)) usernames = [] gids = [] for repo in shared_repos: if repo.is_virtual: continue result = {} result['repo_id'] = repo.repo_id result['repo_name'] = repo.repo_name result['encrypted'] = repo.encrypted result['share_type'] = repo.share_type result['share_permission'] = repo.permission result['modifier_email'] = repo.last_modifier result['modifier_name'] = email2nickname(repo.last_modifier) result['modifier_contact_email'] = email2contact_email(repo.last_modifier) if repo.share_type == 'personal': result['user_name'] = email2nickname(repo.user) result['user_email'] = repo.user result['contact_email'] = Profile.objects.get_contact_email_by_user(repo.user) usernames.append((repo.repo_id, repo.user)) if repo.share_type == 'group': group = ccnet_api.get_group(repo.group_id) result['group_id'] = repo.group_id result['group_name'] = group.group_name if group else '' gids.append(repo.group_id) returned_result.append(result) user_admins = ExtraSharePermission.objects.batch_is_admin(usernames) group_admins = ExtraGroupsSharePermission.objects.batch_get_repos_with_admin_permission(gids) for result in returned_result: if result['share_type'] == 'group': result['is_admin'] = (result['repo_id'], result['group_id']) in group_admins elif result['share_type'] == 'personal': result['is_admin'] = (result['repo_id'], result['user_email']) in user_admins return Response(returned_result)