def sysadmin_react_fake_view(request, **kwargs):
try:
expire_days = seafile_api.get_server_config_int('library_trash', 'expire_days')
except Exception as e:
logger.error(e)
expire_days = -1
multi_institution = getattr(dj_settings, 'MULTI_INSTITUTION', False)
institutions = None
if multi_institution:
institutions = [inst.name for inst in Institution.objects.all()]
return render(request, 'sysadmin/sysadmin_react_app.html', {
'constance_enabled': dj_settings.CONSTANCE_ENABLED,
'multi_tenancy': MULTI_TENANCY,
'multi_institution': multi_institution,
'institutions': institutions,
'send_email_on_adding_system_member': SEND_EMAIL_ON_ADDING_SYSTEM_MEMBER,
'sysadmin_extra_enabled': ENABLE_SYSADMIN_EXTRA,
'enable_guest_invitation': ENABLE_GUEST_INVITATION,
'enable_terms_and_conditions': config.ENABLE_TERMS_AND_CONDITIONS,
'enable_file_scan': ENABLE_FILE_SCAN,
'enable_work_weixin': ENABLE_WORK_WEIXIN,
'enable_dingtalk': ENABLE_DINGTALK,
'enable_sys_admin_view_repo': ENABLE_SYS_ADMIN_VIEW_REPO,
'trash_repos_expire_days': expire_days if expire_days > 0 else 30,
'available_roles': get_available_roles(),
'available_admin_roles': get_available_admin_roles(),
'have_ldap': get_ldap_info(),
'two_factor_auth_enabled': has_two_factor_auth(),
'enable_share_link_report_abuse': ENABLE_SHARE_LINK_REPORT_ABUSE,
})
def add_or_update(self, org, role=None):
org_id = org.org_id
try:
settings = self.get(org_id=org_id)
except OrgSettings.DoesNotExist:
settings = self.model(org_id=org_id)
if role is not None:
if role in get_available_roles():
settings.role = role
else:
logger.warn('Role %s is not valid' % role)
settings.save(using=self._db)
return settings
def get_role_by_org(self, org):
org_id = org.org_id
try:
role = self.get(org_id=org_id).role
except OrgSettings.DoesNotExist:
return DEFAULT_ORG
else:
if role is None:
return DEFAULT_ORG
if role in get_available_roles():
return role
else:
logger.warn('Role %s is not valid' % role)
return DEFAULT_ORG
class AddUserForm(forms.Form):
"""
Form for adding a user.
"""
email = forms.EmailField()
name = forms.CharField(max_length=64, required=False)
department = forms.CharField(max_length=512, required=False)
role = forms.ChoiceField(choices=[(i, i) for i in get_available_roles()])
password1 = forms.CharField(widget=forms.PasswordInput())
password2 = forms.CharField(widget=forms.PasswordInput())
def clean_email(self):
if user_number_over_limit():
raise forms.ValidationError(
_("The number of users exceeds the limit."))
email = self.cleaned_data['email']
try:
user = User.objects.get(email=email)
raise forms.ValidationError(
_("A user with this email already exists."))
except User.DoesNotExist:
return self.cleaned_data['email']
def clean_name(self):
"""
should not include '/'
"""
if "/" in self.cleaned_data["name"]:
raise forms.ValidationError(_(u"Name should not include '/'."))
return self.cleaned_data["name"]
def clean(self):
"""
Verifiy that the values entered into the two password fields
match. Note that an error here will end up in
``non_field_errors()`` because it doesn't apply to a single
field.
"""
if 'password1' in self.cleaned_data and 'password2' in self.cleaned_data:
if self.cleaned_data['password1'] != self.cleaned_data['password2']:
raise forms.ValidationError(
_("The two passwords didn't match."))
return self.cleaned_data
def sysadmin_react_fake_view(request, **kwargs):
try:
expire_days = seafile_api.get_server_config_int('library_trash', 'expire_days')
except Exception as e:
logger.error(e)
expire_days = -1
return render(request, 'sysadmin/sysadmin_react_app.html', {
'constance_enabled': dj_settings.CONSTANCE_ENABLED,
'multi_tenancy': MULTI_TENANCY,
'multi_institution': getattr(dj_settings, 'MULTI_INSTITUTION', False),
'send_email_on_adding_system_member': SEND_EMAIL_ON_ADDING_SYSTEM_MEMBER,
'sysadmin_extra_enabled': ENABLE_SYSADMIN_EXTRA,
'enable_guest_invitation': ENABLE_GUEST_INVITATION,
'enable_terms_and_conditions': config.ENABLE_TERMS_AND_CONDITIONS,
'enable_work_weixin': ENABLE_WORK_WEIXIN,
'trash_repos_expire_days': expire_days if expire_days > 0 else 30,
'available_roles': get_available_roles(),
'available_admin_roles': get_available_admin_roles()
})
def post(self, request):
""" Import users from xlsx file
Permission checking:
1. admin user.
"""
xlsx_file = request.FILES.get('file', None)
if not xlsx_file:
error_msg = 'file can not be found.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
file_type, ext = get_file_type_and_ext(xlsx_file.name)
if ext != 'xlsx':
error_msg = file_type_error_msg(ext, 'xlsx')
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
content = xlsx_file.read()
try:
fs = BytesIO(content)
wb = load_workbook(filename=fs, read_only=True)
except Exception as e:
logger.error(e)
# example file is like:
# Email Password Name(Optional) Role(Optional) Space Quota(MB, Optional)
# [email protected] a a default 1024
# [email protected] b b default 2048
rows = wb.worksheets[0].rows
records = []
# skip first row(head field).
next(rows)
for row in rows:
records.append([col.value for col in row])
if user_number_over_limit(new_users=len(records)):
error_msg = 'The number of users exceeds the limit.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
result = {}
result['failed'] = []
result['success'] = []
for record in records:
if record[0]:
email = record[0].strip()
if not is_valid_username(email):
result['failed'].append({
'email': email,
'error_msg': 'email %s invalid.' % email
})
continue
else:
result['failed'].append({
'email': '',
'error_msg': 'email invalid.'
})
continue
if record[1]:
password = str(record[1]).strip()
if not password:
result['failed'].append({
'email': email,
'error_msg': 'password invalid.'
})
continue
else:
result['failed'].append({
'email': email,
'error_msg': 'password invalid.'
})
continue
vid = get_virtual_id_by_email(email)
try:
User.objects.get(email=vid)
result['failed'].append({
'email': email,
'error_msg': 'user %s exists.' % email
})
continue
except User.DoesNotExist:
pass
user = User.objects.create_user(email, password, is_staff=False, is_active=True)
virtual_id = get_virtual_id_by_email(email)
if config.FORCE_PASSWORD_CHANGE:
UserOptions.objects.set_force_passwd_change(virtual_id)
# update the user's optional info
# update nikename
nickname = email.split('@')[0]
try:
if record[2]:
input_nickname = str(record[2]).strip()
if len(input_nickname) <= 64 and '/' not in input_nickname:
nickname = input_nickname
Profile.objects.add_or_update(virtual_id, nickname, '')
except Exception as e:
logger.error(e)
# update role
if record[3]:
try:
role = record[3].strip()
if is_pro_version() and role in get_available_roles():
User.objects.update_role(virtual_id, role)
except Exception as e:
logger.error(e)
# update quota
if record[4]:
try:
space_quota_mb = int(record[4])
if space_quota_mb >= 0:
space_quota = int(space_quota_mb) * get_file_size_unit('MB')
seafile_api.set_user_quota(virtual_id, space_quota)
except Exception as e:
logger.error(e)
try:
send_html_email_with_dj_template(
email, dj_template='sysadmin/user_batch_add_email.html',
subject=_('You are invited to join %s') % get_site_name(),
context={
'user': email2nickname(request.user.username),
'email': email,
'password': password,
})
except Exception as e:
logger.error(e)
user_info = get_user_info(virtual_id)
result['success'].append(user_info)
# send admin operation log signal
admin_op_detail = {
"email": email,
}
admin_operation.send(sender=None, admin_name=request.user.username,
operation=USER_ADD, detail=admin_op_detail)
return Response(result)
def put(self, request, email):
# basic user info check
is_staff = request.data.get("is_staff", None)
if is_staff:
try:
is_staff = to_python_boolean(is_staff)
except ValueError:
error_msg = 'is_staff invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
is_active = request.data.get("is_active", None)
if is_active:
try:
is_active = to_python_boolean(is_active)
except ValueError:
error_msg = 'is_active invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# additional user info check
role = request.data.get("role", None)
if role:
available_roles = get_available_roles()
if role.lower() not in available_roles:
error_msg = 'role must be in %s.' % str(available_roles)
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
name = request.data.get("name", None)
if name:
if len(name) > 64:
error_msg = 'Name is too long (maximum is 64 characters).'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if "/" in name:
error_msg = "Name should not include '/'."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# argument check for login_id
login_id = request.data.get("login_id", None)
if login_id is not None:
login_id = login_id.strip()
username_by_login_id = Profile.objects.get_username_by_login_id(
login_id)
if username_by_login_id is not None:
return api_error(status.HTTP_400_BAD_REQUEST,
_(u"Login id %s already exists." % login_id))
reference_id = request.data.get("reference_id", "").strip()
if reference_id:
if ' ' in reference_id:
return api_error(status.HTTP_400_BAD_REQUEST,
'Reference ID can not contain spaces.')
primary_id = ccnet_api.get_primary_id(reference_id)
if primary_id:
return api_error(
status.HTTP_400_BAD_REQUEST,
'Reference ID %s already exists.' % reference_id)
department = request.data.get("department", None)
if department:
if len(department) > 512:
error_msg = "Department is too long (maximum is 512 characters)."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
quota_total_mb = request.data.get("quota_total", None)
if quota_total_mb:
try:
quota_total_mb = int(quota_total_mb)
except ValueError:
error_msg = "Must be an integer that is greater than or equal to 0."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if quota_total_mb < 0:
error_msg = "Space quota is too low (minimum value is 0)."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if is_org_context(request):
org_id = request.user.org.org_id
org_quota_mb = seafile_api.get_org_quota(org_id) / \
get_file_size_unit('MB')
if quota_total_mb > org_quota_mb:
error_msg = 'Failed to set quota: maximum quota is %d MB' % org_quota_mb
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# query user info
try:
user_obj = User.objects.get(email=email)
except User.DoesNotExist:
error_msg = 'User %s not found.' % email
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
update_user_info(request, user_obj)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
user_info = get_user_info(email)
return Response(user_info)
def post(self, request):
email = request.data.get('email', None)
if not email or not is_valid_username(email):
error_msg = 'email invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# basic user info check
is_staff = request.data.get("is_staff", None)
if is_staff:
try:
is_staff = to_python_boolean(is_staff)
except ValueError:
error_msg = 'is_staff invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
is_active = request.data.get("is_active", None)
if is_active:
try:
is_active = to_python_boolean(is_active)
except ValueError:
error_msg = 'is_active invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# additional user info check
role = request.data.get("role", None)
if role:
available_roles = get_available_roles()
if role.lower() not in available_roles:
error_msg = 'role must be in %s.' % str(available_roles)
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
name = request.data.get("name", None)
if name:
if len(name) > 64:
error_msg = 'Name is too long (maximum is 64 characters).'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if "/" in name:
error_msg = "Name should not include '/'."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
department = request.data.get("department", None)
if department:
if len(department) > 512:
error_msg = "Department is too long (maximum is 512 characters)."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
quota_total_mb = request.data.get("quota_total", None)
if quota_total_mb:
try:
quota_total_mb = int(quota_total_mb)
except ValueError:
error_msg = "Must be an integer that is greater than or equal to 0."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if quota_total_mb < 0:
error_msg = "Space quota is too low (minimum value is 0)."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if is_org_context(request):
org_id = request.user.org.org_id
org_quota_mb = seafile_api.get_org_quota(org_id) / \
get_file_size_unit('MB')
if quota_total_mb > org_quota_mb:
error_msg = 'Failed to set quota: maximum quota is %d MB' % org_quota_mb
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
User.objects.get(email=email)
user_exist = True
except User.DoesNotExist:
user_exist = False
if user_exist:
error_msg = "User %s already exists." % email
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
password = request.data.get('password', None)
if not password:
error_msg = 'password required.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# create user
try:
user_obj = User.objects.create_user(email)
update_user_info(request, user_obj)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
user_info = get_user_info(email)
return Response(user_info)
def put(self, request, org_id):
""" Update base info of a organization
Permission checking:
1. only admin can perform this action.
"""
if not (CLOUD_MODE and MULTI_TENANCY):
error_msg = 'Feature is not enabled.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
org_id = int(org_id)
if org_id == 0:
error_msg = 'org_id invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
org = ccnet_api.get_org_by_id(org_id)
if not org:
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# update org name
new_name = request.data.get('org_name', None)
if new_name:
try:
ccnet_api.set_org_name(org_id, new_name)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# update org max user number
max_user_number = request.data.get('max_user_number', None)
if max_user_number and ORG_MEMBER_QUOTA_ENABLED:
try:
max_user_number = int(max_user_number)
except ValueError:
error_msg = 'max_user_number invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if max_user_number <= 0:
error_msg = 'max_user_number invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
OrgMemberQuota.objects.set_quota(org_id, max_user_number)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
quota_mb = request.data.get('quota', None)
if quota_mb:
try:
quota_mb = int(quota_mb)
except ValueError:
error_msg = 'quota invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if quota_mb < 0:
error_msg = 'quota invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
quota = quota_mb * get_file_size_unit('MB')
try:
seafile_api.set_org_quota(org_id, quota)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
role = request.data.get('role', None)
if role:
if role not in get_available_roles():
error_msg = 'Role %s invalid.' % role
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
OrgSettings.objects.add_or_update(org, role)
org = ccnet_api.get_org_by_id(org_id)
org_info = get_org_info(org)
return Response(org_info)
def test_get_available_role(self):
assert len(get_available_roles()) == 2
assert GUEST_USER in get_available_roles()
assert DEFAULT_USER in get_available_roles()
def put(self, request, email):
if not request.user.admin_permissions.can_manage_user():
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
# basic user info check
is_staff = request.data.get("is_staff", None)
if is_staff:
try:
is_staff = to_python_boolean(is_staff)
except ValueError:
error_msg = 'is_staff invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
is_active = request.data.get("is_active", None)
if is_active:
try:
is_active = to_python_boolean(is_active)
except ValueError:
error_msg = 'is_active invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# additional user info check
role = request.data.get("role", None)
if role:
available_roles = get_available_roles()
if role not in available_roles:
error_msg = 'role must be in %s.' % str(available_roles)
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
name = request.data.get("name", None)
if name:
if len(name) > 64:
error_msg = 'Name is too long (maximum is 64 characters).'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if "/" in name:
error_msg = "Name should not include '/'."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# argument check for login_id
login_id = request.data.get("login_id", None)
if login_id is not None:
login_id = login_id.strip()
username_by_login_id = Profile.objects.get_username_by_login_id(
login_id)
if username_by_login_id is not None:
return api_error(status.HTTP_400_BAD_REQUEST,
_("Login id %s already exists." % login_id))
contact_email = request.data.get("contact_email", None)
if contact_email is not None and contact_email.strip() != '':
if not is_valid_email(contact_email):
error_msg = 'Contact email invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
password = request.data.get("password")
reference_id = request.data.get("reference_id", None)
if reference_id:
if ' ' in reference_id:
return api_error(status.HTTP_400_BAD_REQUEST,
'Reference ID can not contain spaces.')
primary_id = ccnet_api.get_primary_id(reference_id)
if primary_id:
return api_error(
status.HTTP_400_BAD_REQUEST,
'Reference ID %s already exists.' % reference_id)
quota_total_mb = request.data.get("quota_total", None)
if quota_total_mb:
try:
quota_total_mb = int(quota_total_mb)
except ValueError:
error_msg = "Must be an integer that is greater than or equal to 0."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if quota_total_mb < 0:
error_msg = "Space quota is too low (minimum value is 0)."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if is_org_context(request):
org_id = request.user.org.org_id
org_quota_mb = seafile_api.get_org_quota(org_id) / \
get_file_size_unit('MB')
if quota_total_mb > org_quota_mb:
error_msg = 'Failed to set quota: maximum quota is %d MB' % org_quota_mb
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
institution = request.data.get("institution", None)
if institution:
try:
Institution.objects.get(name=institution)
except Institution.DoesNotExist:
error_msg = 'Institution %s does not exist' % institution
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# query user info
try:
user_obj = User.objects.get(email=email)
except User.DoesNotExist:
error_msg = 'User %s not found.' % email
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
update_user_info(request,
user=user_obj,
password=password,
is_active=is_active,
is_staff=is_staff,
role=role,
nickname=name,
login_id=login_id,
contact_email=contact_email,
reference_id=reference_id,
quota_total_mb=quota_total_mb,
institution_name=institution)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# update user
try:
user_obj.save()
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
update_status_tip = ''
if is_active is not None:
update_status_tip = _('Edit succeeded')
if user_obj.is_active and IS_EMAIL_CONFIGURED:
try:
send_html_email(
_(u'Your account on %s is activated') %
get_site_name(), 'sysadmin/user_activation_email.html',
{'username': user_obj.email}, None,
[email2contact_email(user_obj.email)])
update_status_tip = _(
'Edit succeeded, an email has been sent.')
except Exception as e:
logger.error(e)
update_status_tip = _(
'Edit succeeded, but failed to send email, please check your email configuration.'
)
user_info = get_user_info(email)
user_info['update_status_tip'] = update_status_tip
return Response(user_info)
def post(self, request):
if not request.user.admin_permissions.can_manage_user():
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
if user_number_over_limit():
error_msg = _("The number of users exceeds the limit.")
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
email = request.data.get('email', None)
if not email or not is_valid_email(email):
error_msg = 'email invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# basic user info check
is_staff = request.data.get("is_staff", 'False')
try:
is_staff = to_python_boolean(is_staff)
except ValueError:
error_msg = 'is_staff invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
is_active = request.data.get("is_active", 'True')
try:
is_active = to_python_boolean(is_active)
except ValueError:
error_msg = 'is_active invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# additional user info check
role = ''
if is_pro_version():
role = request.data.get("role", None)
if role:
available_roles = get_available_roles()
if role not in available_roles:
error_msg = 'role must be in %s.' % str(available_roles)
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
name = request.data.get("name", None)
if name:
if len(name) > 64:
error_msg = 'Name is too long (maximum is 64 characters).'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if "/" in name:
error_msg = "Name should not include '/'."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
contact_email = request.data.get('contact_email', None)
if contact_email and not is_valid_email(contact_email):
error_msg = 'contact_email invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
quota_total_mb = request.data.get("quota_total", None)
if quota_total_mb:
try:
quota_total_mb = int(quota_total_mb)
except ValueError:
error_msg = "Must be an integer that is greater than or equal to 0."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if quota_total_mb < 0:
error_msg = "Space quota is too low (minimum value is 0)."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if is_org_context(request):
org_id = request.user.org.org_id
org_quota_mb = seafile_api.get_org_quota(org_id) / \
get_file_size_unit('MB')
if quota_total_mb > org_quota_mb:
error_msg = 'Failed to set quota: maximum quota is %d MB' % org_quota_mb
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
User.objects.get(email=email)
user_exist = True
except User.DoesNotExist:
user_exist = False
if user_exist:
error_msg = "User %s already exists." % email
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
password = request.data.get('password', None)
if not password:
error_msg = 'password required.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# create user
try:
user_obj = User.objects.create_user(email, password, is_staff,
is_active)
create_user_info(request,
email=user_obj.username,
role=role,
nickname=name,
contact_email=contact_email,
quota_total_mb=quota_total_mb)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
add_user_tip = _('Successfully added user %(user)s.') % {'user': email}
if IS_EMAIL_CONFIGURED and SEND_EMAIL_ON_ADDING_SYSTEM_MEMBER:
c = {
'user': request.user.username,
'email': email,
'password': password
}
try:
send_html_email(
_('You are invited to join %s') % get_site_name(),
'sysadmin/user_add_email.html', c, None,
[email2contact_email(email)])
add_user_tip = _(
'Successfully added user %(user)s. An email notification has been sent.'
) % {
'user': email
}
except Exception as e:
logger.error(str(e))
add_user_tip = _(
'Successfully added user %(user)s. But email notification can not be sent, because Email service is not properly configured.'
) % {
'user': email
}
user_info = get_user_info(email)
user_info['add_user_tip'] = add_user_tip
# send admin operation log signal
admin_op_detail = {
"email": email,
}
admin_operation.send(sender=None,
admin_name=request.user.username,
operation=USER_ADD,
detail=admin_op_detail)
return Response(user_info)
def put(self, request, email):
# basic user info check
is_staff = request.data.get("is_staff", None)
if is_staff:
try:
is_staff = to_python_boolean(is_staff)
except ValueError:
error_msg = 'is_staff invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
is_active = request.data.get("is_active", None)
if is_active:
try:
is_active = to_python_boolean(is_active)
except ValueError:
error_msg = 'is_active invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# additional user info check
role = request.data.get("role", None)
if role:
available_roles = get_available_roles()
if role.lower() not in available_roles:
error_msg = 'role must be in %s.' % str(available_roles)
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
name = request.data.get("name", None)
if name:
if len(name) > 64:
error_msg = 'Name is too long (maximum is 64 characters).'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if "/" in name:
error_msg = "Name should not include '/'."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# argument check for login_id
login_id = request.data.get("login_id", None)
if login_id is not None:
login_id = login_id.strip()
username_by_login_id = Profile.objects.get_username_by_login_id(login_id)
if username_by_login_id is not None:
return api_error(status.HTTP_400_BAD_REQUEST,
_(u"Login id %s already exists." % login_id))
contact_email = request.data.get("contact_email", None)
if contact_email is not None and contact_email.strip() != '':
if not is_valid_email(contact_email):
error_msg = 'Contact email invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
profile = Profile.objects.get_profile_by_contact_email(contact_email)
if profile:
error_msg = 'Contact email %s already exists.' % contact_email
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
reference_id = request.data.get("reference_id", "")
if reference_id:
if ' ' in reference_id:
return api_error(status.HTTP_400_BAD_REQUEST, 'Reference ID can not contain spaces.')
primary_id = ccnet_api.get_primary_id(reference_id)
if primary_id:
return api_error(status.HTTP_400_BAD_REQUEST, 'Reference ID %s already exists.' % reference_id)
department = request.data.get("department", None)
if department:
if len(department) > 512:
error_msg = "Department is too long (maximum is 512 characters)."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
quota_total_mb = request.data.get("quota_total", None)
if quota_total_mb:
try:
quota_total_mb = int(quota_total_mb)
except ValueError:
error_msg = "Must be an integer that is greater than or equal to 0."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if quota_total_mb < 0:
error_msg = "Space quota is too low (minimum value is 0)."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if is_org_context(request):
org_id = request.user.org.org_id
org_quota_mb = seafile_api.get_org_quota(org_id) / \
get_file_size_unit('MB')
if quota_total_mb > org_quota_mb:
error_msg = 'Failed to set quota: maximum quota is %d MB' % org_quota_mb
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# query user info
try:
user_obj = User.objects.get(email=email)
except User.DoesNotExist:
error_msg = 'User %s not found.' % email
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
update_user_info(request, user_obj)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
user_info = get_user_info(email)
return Response(user_info)
def post(self, request):
email = request.data.get('email', None)
if not email or not is_valid_username(email):
error_msg = 'email invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# basic user info check
is_staff = request.data.get("is_staff", None)
if is_staff:
try:
is_staff = to_python_boolean(is_staff)
except ValueError:
error_msg = 'is_staff invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
is_active = request.data.get("is_active", None)
if is_active:
try:
is_active = to_python_boolean(is_active)
except ValueError:
error_msg = 'is_active invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# additional user info check
role = request.data.get("role", None)
if role:
available_roles = get_available_roles()
if role.lower() not in available_roles:
error_msg = 'role must be in %s.' % str(available_roles)
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
name = request.data.get("name", None)
if name:
if len(name) > 64:
error_msg = 'Name is too long (maximum is 64 characters).'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if "/" in name:
error_msg = "Name should not include '/'."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
department = request.data.get("department", None)
if department:
if len(department) > 512:
error_msg = "Department is too long (maximum is 512 characters)."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
quota_total_mb = request.data.get("quota_total", None)
if quota_total_mb:
try:
quota_total_mb = int(quota_total_mb)
except ValueError:
error_msg = "Must be an integer that is greater than or equal to 0."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if quota_total_mb < 0:
error_msg = "Space quota is too low (minimum value is 0)."
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if is_org_context(request):
org_id = request.user.org.org_id
org_quota_mb = seafile_api.get_org_quota(org_id) / \
get_file_size_unit('MB')
if quota_total_mb > org_quota_mb:
error_msg = 'Failed to set quota: maximum quota is %d MB' % org_quota_mb
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
User.objects.get(email=email)
user_exist = True
except User.DoesNotExist:
user_exist = False
if user_exist:
error_msg = "User %s already exists." % email
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
password = request.data.get('password', None)
if not password:
error_msg = 'password required.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# create user
try:
user_obj = User.objects.create_user(email)
update_user_info(request, user_obj)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
user_info = get_user_info(email)
return Response(user_info)
def put(self, request, org_id):
""" Update base info of a organization
Permission checking:
1. only admin can perform this action.
"""
if not (CLOUD_MODE and MULTI_TENANCY):
error_msg = 'Feature is not enabled.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
org_id = int(org_id)
if org_id == 0:
error_msg = 'org_id invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
org = ccnet_api.get_org_by_id(org_id)
if not org:
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# update org name
new_name = request.data.get('org_name', None)
if new_name:
try:
ccnet_api.set_org_name(org_id, new_name)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# update org max user number
max_user_number = request.data.get('max_user_number', None)
if max_user_number and ORG_MEMBER_QUOTA_ENABLED:
try:
max_user_number = int(max_user_number)
except ValueError:
error_msg = 'max_user_number invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if max_user_number <= 0:
error_msg = 'max_user_number invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
OrgMemberQuota.objects.set_quota(org_id, max_user_number)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
quota_mb = request.data.get('quota', None)
if quota_mb:
try:
quota_mb = int(quota_mb)
except ValueError:
error_msg = 'quota invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if quota_mb < 0:
error_msg = 'quota invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
quota = quota_mb * get_file_size_unit('MB')
try:
seafile_api.set_org_quota(org_id, quota)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
role = request.data.get('role', None)
if role:
if role not in get_available_roles():
error_msg = 'Role %s invalid.' % role
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
OrgSettings.objects.add_or_update(org, role)
org = ccnet_api.get_org_by_id(org_id)
org_info = get_org_info(org)
return Response(org_info)
def test_get_available_role(self):
assert len(get_available_roles()) == 2
assert GUEST_USER in get_available_roles()
assert DEFAULT_USER in get_available_roles()
