def group_add_member(request, username):
teamUser = GsuserManager.get_user_by_name(username)
team_group_id = int(request.POST.get('team_group_id', '0'))
teamGroup = TeamManager.get_teamGroup_by_id(team_group_id)
if not teamGroup or teamGroup.team_user_id != teamUser.id:
return _response_not_manage_rights(request)
member_username = request.POST.get('member_username', '')
member_user = GsuserManager.get_user_by_name(member_username)
if not member_user:
return json_failed(500, u'没有该用户名')
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(
teamUser.id, member_user.id)
if not teamMember:
return json_failed(
500,
u'用户 %s 还没有加入团队帐号 %s' % (member_user.username, teamUser.username))
groupMember = TeamManager.get_groupMember_by_teamGroupId_memberUserId(
teamGroup.id, member_user.id)
if groupMember:
return json_success(u'用户 %s 已经在该组' % member_user.username)
groupMember = GroupMember(team_user_id=teamUser.id,
group_id=teamGroup.id,
member_user_id=member_user.id)
groupMember.save()
return json_success(u'成功添加用户 %s 到组 %s' %
(member_user.username, teamGroup.name))
def group(request, username, group_id):
teamUser = GsuserManager.get_user_by_name(username)
teamUserprofile = GsuserManager.get_userprofile_by_id(teamUser.id)
teamGroup = TeamManager.get_teamGroup_by_id(group_id)
if not teamGroup or teamGroup.team_user_id != teamUser.id:
raise Http404
groupMembers = TeamManager.list_groupMember_by_teamGroupId(teamGroup.id)
userIdInGroupSet = Set([x.member_user_id for x in groupMembers])
teamMembers = TeamManager.list_teamMember_by_teamUserId(teamUser.id)
teamMembersNotInGroup = [
x for x in teamMembers if x.user_id not in userIdInGroupSet
]
current = 'settings'
sub_nav = 'groups'
title = u'%s / 设置 / 组管理 / %s' % (teamUser.username, teamGroup.name)
response_dictionary = {
'current': current,
'sub_nav': sub_nav,
'title': title,
'teamGroup': teamGroup,
'groupMembers': groupMembers,
'teamMembersNotInGroup': teamMembersNotInGroup
}
response_dictionary.update(
_get_common_team_dict(request, teamUser, teamUserprofile))
return render_to_response('team/group.html',
response_dictionary,
context_instance=RequestContext(request))
def add_member(request, username):
(teamUser, teamUserprofile) = _get_team_user_userprofile(request, username)
teamMember = None
username_or_email = request.POST.get('username_or_email', '')
if '@' in username_or_email:
user = GsuserManager.get_user_by_email(username_or_email)
if not user:
ref_hash = '%032x' % random.getrandbits(128)
ref_message = u'用户 %s 邀请您注册Gitshell,成为团队 %s 的成员' % (
request.user.username, username)
userViaRef = UserViaRef(email=username_or_email,
ref_type=REF_TYPE.VIA_TEAM_MEMBER,
ref_hash=ref_hash,
ref_message=ref_message,
first_refid=teamUser.id,
first_refname=teamUser.username)
userViaRef.save()
join_url = 'https://gitshell.com/join/ref/%s/' % ref_hash
Mailer().send_join_via_team_addmember(request.user, teamUser,
username_or_email, join_url)
return json_failed(301,
u'邮箱 %s 未注册,已经发送邮件邀请对方注册' % username_or_email)
teamMember = TeamManager.add_teamMember_by_email(
teamUser, username_or_email)
else:
teamMember = TeamManager.add_teamMember_by_username(
teamUser, username_or_email)
if not teamMember:
return json_failed(404, u'没有相关用户,不能是团队帐号')
return json_success(u'成功添加用户')
def _get_teamMember_by_manageTeamMemberId(request):
teamMember_id = int(request.POST.get('teamMember_id', 0))
manage_teamMember = TeamManager.get_teamMember_by_id(teamMember_id)
if not manage_teamMember:
return None
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(manage_teamMember.team_user_id, request.user.id)
if not teamMember or not teamMember.has_admin_rights():
return (None, None)
return (manage_teamMember, teamMember)
def member_leave(request, username):
(teamUser, teamUserprofile) = _get_team_user_userprofile(request, username)
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(teamUser.id, request.user.id)
teamMembers = TeamManager.list_teamMember_by_teamUserId(teamMember.team_user_id)
if _has_other_admin_teamMember(request, teamMember, teamMembers):
teamMember.visibly = 1
teamMember.save()
return json_success(u'用户退出成功')
return json_failed(500, u'用户退出失败,一个团队帐号至少需要保留一个管理员')
def permission_grant(request, username):
teamUser = GsuserManager.get_user_by_name(username)
grant_type = request.POST.get('grant_type', 'global')
permission = int(request.POST.get('permission', '0'))
if grant_type == 'global':
TeamManager.grant_team_global_permission(teamUser.id, permission)
elif grant_type == 'user':
user_id = int(request.POST.get('user_id', '0'))
TeamManager.grant_team_user_permission(teamUser.id, user_id, permission)
return json_success(u'赋予权限成功')
def _get_teamMember_by_manageTeamMemberId(request):
teamMember_id = int(request.POST.get('teamMember_id', 0))
manage_teamMember = TeamManager.get_teamMember_by_id(teamMember_id)
if not manage_teamMember:
return None
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(
manage_teamMember.team_user_id, request.user.id)
if not teamMember or not teamMember.has_admin_rights():
return (None, None)
return (manage_teamMember, teamMember)
def members(request, username):
(teamUser, teamUserprofile) = _get_team_user_userprofile(request, username)
current = 'settings'; sub_nav = 'members'; title = u'%s / 设置 / 成员' % (teamUser.username)
teamMembers = TeamManager.list_teamMember_by_teamUserId(teamUser.id)
globalPermission = TeamManager.get_team_globalPermission_by_userId(teamUser.id)
response_dictionary = {'current': current, 'title': title, 'sub_nav': sub_nav, 'teamMembers': teamMembers, 'PERMISSION_VIEW': PERMISSION.VIEW, 'globalPermission': globalPermission}
response_dictionary.update(_get_common_team_dict(request, teamUser, teamUserprofile))
return render_to_response('team/members.html',
response_dictionary,
context_instance=RequestContext(request))
def member_leave(request, username):
(teamUser, teamUserprofile) = _get_team_user_userprofile(request, username)
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(
teamUser.id, request.user.id)
teamMembers = TeamManager.list_teamMember_by_teamUserId(
teamMember.team_user_id)
if _has_other_admin_teamMember(request, teamMember, teamMembers):
teamMember.visibly = 1
teamMember.save()
return json_success(u'用户退出成功')
return json_failed(500, u'用户退出失败,一个团队帐号至少需要保留一个管理员')
def permission_grant(request, username):
teamUser = GsuserManager.get_user_by_name(username)
grant_type = request.POST.get('grant_type', 'global')
permission = int(request.POST.get('permission', '0'))
if grant_type == 'global':
TeamManager.grant_team_global_permission(teamUser.id, permission)
elif grant_type == 'user':
user_id = int(request.POST.get('user_id', '0'))
TeamManager.grant_team_user_permission(teamUser.id, user_id,
permission)
return json_success(u'赋予权限成功')
def group_remove_member(request, username):
teamUser = GsuserManager.get_user_by_name(username)
team_group_id = int(request.POST.get('team_group_id', '0'))
teamGroup = TeamManager.get_teamGroup_by_id(team_group_id)
if not teamGroup or teamGroup.team_user_id != teamUser.id:
return _response_not_manage_rights(request)
member_user_id = int(request.POST.get('member_user_id', '0'))
groupMember = TeamManager.get_groupMember_by_teamGroupId_memberUserId(teamGroup.id, member_user_id)
if groupMember:
groupMember.visibly = 1
groupMember.save()
return json_success(u'从 %s 组移除用户' % (teamGroup.name))
def group_remove_member(request, username):
teamUser = GsuserManager.get_user_by_name(username)
team_group_id = int(request.POST.get('team_group_id', '0'))
teamGroup = TeamManager.get_teamGroup_by_id(team_group_id)
if not teamGroup or teamGroup.team_user_id != teamUser.id:
return _response_not_manage_rights(request)
member_user_id = int(request.POST.get('member_user_id', '0'))
groupMember = TeamManager.get_groupMember_by_teamGroupId_memberUserId(
teamGroup.id, member_user_id)
if groupMember:
groupMember.visibly = 1
groupMember.save()
return json_success(u'从 %s 组移除用户' % (teamGroup.name))
def group_remove(request, username):
teamUser = GsuserManager.get_user_by_name(username)
team_group_id = int(request.POST.get('team_group_id', '0'))
teamGroup = TeamManager.get_teamGroup_by_id(team_group_id)
if not teamGroup or teamGroup.team_user_id != teamUser.id:
return _response_not_manage_rights(request)
groupMembers = TeamManager.list_groupMember_by_teamGroupId(teamGroup.id)
for groupMember in groupMembers:
groupMember.visibly = 1
groupMember.save()
teamGroup.visibly = 1
teamGroup.save()
return json_success(u'成功删除组 %s' % teamGroup.name)
def group_remove(request, username):
teamUser = GsuserManager.get_user_by_name(username)
team_group_id = int(request.POST.get('team_group_id', '0'))
teamGroup = TeamManager.get_teamGroup_by_id(team_group_id)
if not teamGroup or teamGroup.team_user_id != teamUser.id:
return _response_not_manage_rights(request)
groupMembers = TeamManager.list_groupMember_by_teamGroupId(teamGroup.id)
for groupMember in groupMembers:
groupMember.visibly = 1
groupMember.save()
teamGroup.visibly = 1
teamGroup.save()
return json_success(u'成功删除组 %s' % teamGroup.name)
def destroy_confirm(request, username):
(teamUser, teamUserprofile) = _get_team_user_userprofile(request, username)
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(teamUser.id, request.user.id)
teamRepos = RepoManager.list_repo_by_userId(teamUser.id, 0, 1000)
for teamRepo in teamRepos:
RepoManager.delete_repo(teamUser, teamUserprofile, teamRepo)
teamMembers = TeamManager.list_teamMember_by_teamUserId(teamUser.id)
for teamMember in teamMembers:
teamMember.visibly = 1
teamMember.save()
teamUser.delete()
teamUserprofile.visibly = 1
teamUserprofile.save()
return json_success(u'已经删除了团队帐号')
def destroy_confirm(request, username):
(teamUser, teamUserprofile) = _get_team_user_userprofile(request, username)
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(
teamUser.id, request.user.id)
teamRepos = RepoManager.list_repo_by_userId(teamUser.id, 0, 1000)
for teamRepo in teamRepos:
RepoManager.delete_repo(teamUser, teamUserprofile, teamRepo)
teamMembers = TeamManager.list_teamMember_by_teamUserId(teamUser.id)
for teamMember in teamMembers:
teamMember.visibly = 1
teamMember.save()
teamUser.delete()
teamUserprofile.visibly = 1
teamUserprofile.save()
return json_success(u'已经删除了团队帐号')
def team(request):
current = 'team'; title = u'设置 / 团队'
teamMembers = TeamManager.list_teamMember_by_userId(request.user.id)
response_dictionary = {'current': current, 'title': title, 'teamMembers': teamMembers}
return render_to_response('settings/team.html',
response_dictionary,
context_instance=RequestContext(request))
def group(request, username, group_id):
teamUser = GsuserManager.get_user_by_name(username)
teamUserprofile = GsuserManager.get_userprofile_by_id(teamUser.id)
teamGroup = TeamManager.get_teamGroup_by_id(group_id)
if not teamGroup or teamGroup.team_user_id != teamUser.id:
raise Http404
groupMembers = TeamManager.list_groupMember_by_teamGroupId(teamGroup.id)
userIdInGroupSet = Set([x.member_user_id for x in groupMembers])
teamMembers = TeamManager.list_teamMember_by_teamUserId(teamUser.id)
teamMembersNotInGroup = [x for x in teamMembers if x.user_id not in userIdInGroupSet]
current = 'settings'; sub_nav = 'groups'; title = u'%s / 设置 / 组管理 / %s' % (teamUser.username, teamGroup.name)
response_dictionary = {'current': current, 'sub_nav': sub_nav, 'title': title, 'teamGroup': teamGroup, 'groupMembers': groupMembers, 'teamMembersNotInGroup': teamMembersNotInGroup}
response_dictionary.update(_get_common_team_dict(request, teamUser, teamUserprofile))
return render_to_response('team/group.html',
response_dictionary,
context_instance=RequestContext(request))
def is_owner_or_teamAdmin(self, repo, user):
if repo.user_id == user.id:
return True
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(repo.user_id, user.id)
if teamMember and teamMember.has_admin_rights():
return True
return False
def remove_member(request, username):
(manage_teamMember, teamMember) = _get_teamMember_by_manageTeamMemberId(request)
teamMembers = TeamManager.list_teamMember_by_teamUserId(teamMember.team_user_id)
if _has_other_admin_teamMember(request, manage_teamMember, teamMembers):
manage_teamMember.visibly = 1
manage_teamMember.save()
return json_success(u'删除用户成功')
return json_failed(500, u'删除用户失败,一个团队帐号至少需要保留一个管理员')
def cancal_admin(request, username):
(manage_teamMember, teamMember) = _get_teamMember_by_manageTeamMemberId(request)
teamMembers = TeamManager.list_teamMember_by_teamUserId(teamMember.team_user_id)
if _has_other_admin_teamMember(request, manage_teamMember, teamMembers):
manage_teamMember.is_admin = 0
manage_teamMember.save()
return json_success(u'解除管理员权限')
return json_failed(500, u'解除管理员失败,一个团队帐号至少需要保留一个管理员')
def is_owner_or_teamAdmin(self, repo, user):
if repo.user_id == user.id:
return True
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(
repo.user_id, user.id)
if teamMember and teamMember.has_admin_rights():
return True
return False
def destroy(request, username):
(teamUser, teamUserprofile) = _get_team_user_userprofile(request, username)
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(teamUser.id, request.user.id)
current = 'settings'; sub_nav = 'destroy'; title = u'%s / 设置 / 删除帐号' % (teamUser.username)
response_dictionary = {'current': current, 'title': title, 'sub_nav': sub_nav}
response_dictionary.update(_get_common_team_dict(request, teamUser, teamUserprofile))
return render_to_response('team/destroy.html',
response_dictionary,
context_instance=RequestContext(request))
def group_add_member(request, username):
teamUser = GsuserManager.get_user_by_name(username)
team_group_id = int(request.POST.get('team_group_id', '0'))
teamGroup = TeamManager.get_teamGroup_by_id(team_group_id)
if not teamGroup or teamGroup.team_user_id != teamUser.id:
return _response_not_manage_rights(request)
member_username = request.POST.get('member_username', '')
member_user = GsuserManager.get_user_by_name(member_username)
if not member_user:
return json_failed(500, u'没有该用户名')
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(teamUser.id, member_user.id)
if not teamMember:
return json_failed(500, u'用户 %s 还没有加入团队帐号 %s' % (member_user.username, teamUser.username))
groupMember = TeamManager.get_groupMember_by_teamGroupId_memberUserId(teamGroup.id, member_user.id)
if groupMember:
return json_success(u'用户 %s 已经在该组' % member_user.username)
groupMember = GroupMember(team_user_id=teamUser.id, group_id=teamGroup.id, member_user_id=member_user.id)
groupMember.save()
return json_success(u'成功添加用户 %s 到组 %s' % (member_user.username, teamGroup.name))
def cancal_admin(request, username):
(manage_teamMember,
teamMember) = _get_teamMember_by_manageTeamMemberId(request)
teamMembers = TeamManager.list_teamMember_by_teamUserId(
teamMember.team_user_id)
if _has_other_admin_teamMember(request, manage_teamMember, teamMembers):
manage_teamMember.is_admin = 0
manage_teamMember.save()
return json_success(u'解除管理员权限')
return json_failed(500, u'解除管理员失败,一个团队帐号至少需要保留一个管理员')
def remove_member(request, username):
(manage_teamMember,
teamMember) = _get_teamMember_by_manageTeamMemberId(request)
teamMembers = TeamManager.list_teamMember_by_teamUserId(
teamMember.team_user_id)
if _has_other_admin_teamMember(request, manage_teamMember, teamMembers):
manage_teamMember.visibly = 1
manage_teamMember.save()
return json_success(u'删除用户成功')
return json_failed(500, u'删除用户失败,一个团队帐号至少需要保留一个管理员')
def switch(request, user_name, current_user_id):
current_user_id = int(current_user_id)
new_current_user_id = request.user.id
if current_user_id != request.user.id:
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(current_user_id, request.user.id)
if teamMember:
new_current_user_id = current_user_id
request.userprofile.current_user_id = new_current_user_id
request.userprofile.save()
return HttpResponseRedirect(request.urlRouter.route('/dashboard/'))
def groups(request, username):
teamUser = GsuserManager.get_user_by_name(username)
teamUserprofile = GsuserManager.get_userprofile_by_id(teamUser.id)
teamGroups = TeamManager.list_teamGroup_by_teamUserId(teamUser.id)
current = 'settings'; sub_nav = 'groups'; title = u'%s / 设置 / 组管理' % (teamUser.username)
response_dictionary = {'current': current, 'sub_nav': sub_nav, 'title': title, 'teamGroups': teamGroups}
response_dictionary.update(_get_common_team_dict(request, teamUser, teamUserprofile))
return render_to_response('team/groups.html',
response_dictionary,
context_instance=RequestContext(request))
def userprofile(request):
if hasattr(request, 'userprofile'):
userprofile = request.userprofile
else:
userprofile = Userprofile()
gs_teamMembers = []
if userprofile and userprofile.has_joined_team == 1:
gs_teamMembers = TeamManager.list_teamMember_by_userId(userprofile.id)
#urlRouter = request.urlRouter
#return {'userprofile': userprofile, 'urlRouter': urlRouter, 'gs_teamMembers': gs_teamMembers}
return {'userprofile': userprofile, 'gs_teamMembers': gs_teamMembers}
def _get_team_user_userprofile(request, username):
current_user = GsuserManager.get_user_by_name(username)
if not current_user:
return (request.user, request.userprofile)
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(current_user.id, request.user.id)
if not teamMember:
return (request.user, request.userprofile)
current_userprofile = GsuserManager.get_userprofile_by_id(current_user.id)
if current_userprofile:
return (current_user, current_userprofile)
return (request.user, request.userprofile)
def fill_username(self, userprofile, owner_user_id):
feedAction = FeedAction()
teamMembers = TeamManager.list_teamMember_by_userId(userprofile.id)
username_choices = []
username_choices.append((userprofile.username, userprofile.username))
for teamMember in teamMembers:
if teamMember.team_user_id == owner_user_id:
username_choices.insert(0, (teamMember.team_user.username, teamMember.team_user.username))
continue
username_choices.append((teamMember.team_user.username, teamMember.team_user.username))
self.fields['username'] = forms.ChoiceField(choices=username_choices, required=False)
def _get_common_team_dict(request, teamUser, teamUserprofile):
has_admin_rights = False
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(
teamUser.id, request.user.id)
if teamMember and teamMember.has_admin_rights():
has_admin_rights = True
return {
'teamUser': teamUser,
'teamUserprofile': teamUserprofile,
'has_admin_rights': has_admin_rights
}
def userprofile(request):
if hasattr(request, 'userprofile'):
userprofile = request.userprofile
else:
userprofile = Userprofile()
gs_teamMembers = []
if userprofile and userprofile.has_joined_team == 1:
gs_teamMembers = TeamManager.list_teamMember_by_userId(userprofile.id)
#urlRouter = request.urlRouter
#return {'userprofile': userprofile, 'urlRouter': urlRouter, 'gs_teamMembers': gs_teamMembers}
return {'userprofile': userprofile, 'gs_teamMembers': gs_teamMembers}
def add_member(request, username):
(teamUser, teamUserprofile) = _get_team_user_userprofile(request, username)
teamMember = None
username_or_email = request.POST.get('username_or_email', '')
if '@' in username_or_email:
user = GsuserManager.get_user_by_email(username_or_email)
if not user:
ref_hash = '%032x' % random.getrandbits(128)
ref_message = u'用户 %s 邀请您注册Gitshell,成为团队 %s 的成员' % (request.user.username, username)
userViaRef = UserViaRef(email=username_or_email, ref_type=REF_TYPE.VIA_TEAM_MEMBER, ref_hash=ref_hash, ref_message=ref_message, first_refid = teamUser.id, first_refname = teamUser.username)
userViaRef.save()
join_url = 'https://gitshell.com/join/ref/%s/' % ref_hash
Mailer().send_join_via_team_addmember(request.user, teamUser, username_or_email, join_url)
return json_failed(301, u'邮箱 %s 未注册,已经发送邮件邀请对方注册' % username_or_email)
teamMember = TeamManager.add_teamMember_by_email(teamUser, username_or_email)
else:
teamMember = TeamManager.add_teamMember_by_username(teamUser, username_or_email)
if not teamMember:
return json_failed(404, u'没有相关用户,不能是团队帐号')
return json_success(u'成功添加用户')
def switch(request, user_name, current_user_id):
current_user_id = int(current_user_id)
new_current_user_id = request.user.id
if current_user_id != request.user.id:
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(
current_user_id, request.user.id)
if teamMember:
new_current_user_id = current_user_id
request.userprofile.current_user_id = new_current_user_id
request.userprofile.save()
return HttpResponseRedirect(request.urlRouter.route('/dashboard/'))
def group_add(request, username):
teamUser = GsuserManager.get_user_by_name(username)
group_name = request.POST.get('group_name', '')
if not re.match('^[ 0-9a-zA-Z_-]+$', group_name):
return json_failed(403, u'组名不符合规范,只允许[ 0-9a-zA-Z_-]之内的字符')
teamGroup = TeamManager.get_teamGroup_by_teamUserId_name(teamUser.id, group_name)
if teamGroup:
return json_failed(500, u'组名已经存在')
teamGroup = TeamGroup(team_user_id = teamUser.id, name = group_name, desc = '')
teamGroup.save()
return json_success(u'成功创建组 %s' % group_name)
def wrap(request, *args, **kwargs):
if len(args) >= 1:
username = args[0]
teamUser = GsuserManager.get_user_by_name(username)
if not teamUser:
return _response_not_admin_rights(request)
if not request.user.is_authenticated():
return HttpResponseRedirect('/login/?next=' + urlquote(request.path))
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(teamUser.id, request.user.id)
if not teamMember or not teamMember.has_admin_rights():
return _response_not_admin_rights(request)
return function(request, *args, **kwargs)
def members(request, username):
(teamUser, teamUserprofile) = _get_team_user_userprofile(request, username)
current = 'settings'
sub_nav = 'members'
title = u'%s / 设置 / 成员' % (teamUser.username)
teamMembers = TeamManager.list_teamMember_by_teamUserId(teamUser.id)
globalPermission = TeamManager.get_team_globalPermission_by_userId(
teamUser.id)
response_dictionary = {
'current': current,
'title': title,
'sub_nav': sub_nav,
'teamMembers': teamMembers,
'PERMISSION_VIEW': PERMISSION.VIEW,
'globalPermission': globalPermission
}
response_dictionary.update(
_get_common_team_dict(request, teamUser, teamUserprofile))
return render_to_response('team/members.html',
response_dictionary,
context_instance=RequestContext(request))
def group_add(request, username):
teamUser = GsuserManager.get_user_by_name(username)
group_name = request.POST.get('group_name', '')
if not re.match('^[ 0-9a-zA-Z_-]+$', group_name):
return json_failed(403, u'组名不符合规范,只允许[ 0-9a-zA-Z_-]之内的字符')
teamGroup = TeamManager.get_teamGroup_by_teamUserId_name(
teamUser.id, group_name)
if teamGroup:
return json_failed(500, u'组名已经存在')
teamGroup = TeamGroup(team_user_id=teamUser.id, name=group_name, desc='')
teamGroup.save()
return json_success(u'成功创建组 %s' % group_name)
def _get_team_user_userprofile(request, username):
current_user = GsuserManager.get_user_by_name(username)
if not current_user:
return (request.user, request.userprofile)
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(
current_user.id, request.user.id)
if not teamMember:
return (request.user, request.userprofile)
current_userprofile = GsuserManager.get_userprofile_by_id(current_user.id)
if current_userprofile:
return (current_user, current_userprofile)
return (request.user, request.userprofile)
def team(request):
current = 'team'
title = u'设置 / 团队'
teamMembers = TeamManager.list_teamMember_by_userId(request.user.id)
response_dictionary = {
'current': current,
'title': title,
'teamMembers': teamMembers
}
return render_to_response('settings/team.html',
response_dictionary,
context_instance=RequestContext(request))
def user(request, user_name):
title = u'%s / 概括' % user_name
gsuser = GsuserManager.get_user_by_name(user_name)
if gsuser is None:
raise Http404
gsuserprofile = GsuserManager.get_userprofile_by_id(gsuser.id)
if gsuserprofile.is_team_account == 1 and TeamManager.is_teamMember(
gsuser.id, request.user.id):
return HttpResponseRedirect('/%s/-/dashboard/' % user_name)
recommendsForm = RecommendsForm()
repos = []
if gsuser.id == request.user.id:
repos = RepoManager.list_repo_by_userId(gsuser.id, 0, 100)
else:
repos = RepoManager.list_unprivate_repo_by_userId(gsuser.id, 0, 100)
now = datetime.now()
last30days = timeutils.getlast30days(now)
last30days_commit = get_last30days_commit(gsuser)
feedAction = FeedAction()
raw_watch_repos = feedAction.get_watch_repos(gsuser.id, 0, 10)
watch_repo_ids = [int(x[0]) for x in raw_watch_repos]
watch_repos_map = RepoManager.merge_repo_map(watch_repo_ids)
watch_repos = [
watch_repos_map[x] for x in watch_repo_ids if x in watch_repos_map
]
pri_user_feeds = feedAction.get_pri_user_feeds(gsuser.id, 0, 10)
pub_user_feeds = feedAction.get_pub_user_feeds(gsuser.id, 0, 10)
feeds_as_json = get_feeds_as_json(request, pri_user_feeds, pub_user_feeds)
star_repos = RepoManager.list_star_repo(gsuser.id, 0, 20)
response_dictionary = {
'mainnav': 'user',
'title': title,
'recommendsForm': recommendsForm,
'repos': repos,
'watch_repos': watch_repos,
'star_repos': star_repos,
'last30days': last30days,
'last30days_commit': last30days_commit,
'feeds_as_json': feeds_as_json
}
response_dictionary.update(
get_common_user_dict(request, gsuser, gsuserprofile))
return render_to_response('user/user.html',
response_dictionary,
context_instance=RequestContext(request))
def fill_username(self, userprofile, owner_user_id):
feedAction = FeedAction()
teamMembers = TeamManager.list_teamMember_by_userId(userprofile.id)
username_choices = []
username_choices.append((userprofile.username, userprofile.username))
for teamMember in teamMembers:
if teamMember.team_user_id == owner_user_id:
username_choices.insert(0, (teamMember.team_user.username,
teamMember.team_user.username))
continue
username_choices.append(
(teamMember.team_user.username, teamMember.team_user.username))
self.fields['username'] = forms.ChoiceField(choices=username_choices,
required=False)
def wrap(request, *args, **kwargs):
if len(args) >= 1:
username = args[0]
teamUser = GsuserManager.get_user_by_name(username)
if not teamUser:
return _response_not_admin_rights(request)
if not request.user.is_authenticated():
return HttpResponseRedirect('/login/?next=' +
urlquote(request.path))
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(
teamUser.id, request.user.id)
if not teamMember or not teamMember.has_admin_rights():
return _response_not_admin_rights(request)
return function(request, *args, **kwargs)
def is_allowed_access_repo(self, repo, user, repoPermission):
if repo is None or user is None:
return False
user_permission = TeamManager.get_repo_user_permission(repo, user)
if user_permission == PERMISSION.ADMIN:
return True
if repoPermission == REPO_PERMISSION.WEB_VIEW:
if repo.auth_type != 2:
return True
elif repoPermission == REPO_PERMISSION.READ_ONLY:
if repo.auth_type == 0:
return True
if user_permission >= repoPermission:
return True
return False
def is_allowed_access_repo(self, repo, user, repoPermission):
if repo is None or user is None:
return False
user_permission = TeamManager.get_repo_user_permission(repo, user)
if user_permission == PERMISSION.ADMIN:
return True
if repoPermission == REPO_PERMISSION.WEB_VIEW:
if repo.auth_type != 2:
return True
elif repoPermission == REPO_PERMISSION.READ_ONLY:
if repo.auth_type == 0:
return True
if user_permission >= repoPermission:
return True
return False
def repo(request, username):
(teamUser, teamUserprofile) = _get_team_user_userprofile(request, username)
current = 'repo'; title = u'%s / 仓库列表' % (teamUser.username)
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(teamUser.id, request.user.id)
repos = []
# is team member
if teamMember:
repos = RepoManager.list_repo_by_userId(teamUser.id, 0, 1000)
else:
repos = RepoManager.list_unprivate_repo_by_userId(teamUser.id, 0, 1000)
response_dictionary = {'current': current, 'title': title, 'repos': repos}
response_dictionary.update(_get_common_team_dict(request, teamUser, teamUserprofile))
return render_to_response('team/repo.html',
response_dictionary,
context_instance=RequestContext(request))
def destroy(request, username):
(teamUser, teamUserprofile) = _get_team_user_userprofile(request, username)
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(
teamUser.id, request.user.id)
current = 'settings'
sub_nav = 'destroy'
title = u'%s / 设置 / 删除帐号' % (teamUser.username)
response_dictionary = {
'current': current,
'title': title,
'sub_nav': sub_nav
}
response_dictionary.update(
_get_common_team_dict(request, teamUser, teamUserprofile))
return render_to_response('team/destroy.html',
response_dictionary,
context_instance=RequestContext(request))
def list_repo_team_memberUser(self, repo_id):
repo = self.get_repo_by_id(repo_id)
if not repo:
return []
repoemembers = self.list_repomember(repo_id)
user_ids = [x.user_id for x in repoemembers]
userprofile = GsuserManager.get_userprofile_by_id(repo.user_id)
if not userprofile:
return []
if userprofile.is_team_account == 0:
user_ids.insert(0, repo.user_id)
if userprofile.is_team_account == 1:
teamMembers = TeamManager.list_teamMember_by_teamUserId(userprofile.id)
for x in teamMembers:
if x.user_id not in user_ids:
user_ids.append(x.user_id)
return GsuserManager.list_userprofile_by_ids(user_ids)
def repo(request, username):
(teamUser, teamUserprofile) = _get_team_user_userprofile(request, username)
current = 'repo'
title = u'%s / 仓库列表' % (teamUser.username)
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(
teamUser.id, request.user.id)
repos = []
# is team member
if teamMember:
repos = RepoManager.list_repo_by_userId(teamUser.id, 0, 1000)
else:
repos = RepoManager.list_unprivate_repo_by_userId(teamUser.id, 0, 1000)
response_dictionary = {'current': current, 'title': title, 'repos': repos}
response_dictionary.update(
_get_common_team_dict(request, teamUser, teamUserprofile))
return render_to_response('team/repo.html',
response_dictionary,
context_instance=RequestContext(request))
def groups(request, username):
teamUser = GsuserManager.get_user_by_name(username)
teamUserprofile = GsuserManager.get_userprofile_by_id(teamUser.id)
teamGroups = TeamManager.list_teamGroup_by_teamUserId(teamUser.id)
current = 'settings'
sub_nav = 'groups'
title = u'%s / 设置 / 组管理' % (teamUser.username)
response_dictionary = {
'current': current,
'sub_nav': sub_nav,
'title': title,
'teamGroups': teamGroups
}
response_dictionary.update(
_get_common_team_dict(request, teamUser, teamUserprofile))
return render_to_response('team/groups.html',
response_dictionary,
context_instance=RequestContext(request))
def list_repo_team_memberUser(self, repo_id):
repo = self.get_repo_by_id(repo_id)
if not repo:
return []
repoemembers = self.list_repomember(repo_id)
user_ids = [x.user_id for x in repoemembers]
userprofile = GsuserManager.get_userprofile_by_id(repo.user_id)
if not userprofile:
return []
if userprofile.is_team_account == 0:
user_ids.insert(0, repo.user_id)
if userprofile.is_team_account == 1:
teamMembers = TeamManager.list_teamMember_by_teamUserId(
userprofile.id)
for x in teamMembers:
if x.user_id not in user_ids:
user_ids.append(x.user_id)
return GsuserManager.list_userprofile_by_ids(user_ids)
def wrap(request, *args, **kwargs):
if len(args) >= 2:
user_name = args[0]; repo_name = args[1]
repo = RepoManager.get_repo_by_name(user_name, repo_name)
if repo is None:
return error_with_reason(request, 'repo_not_found')
if not request.user.is_authenticated():
return HttpResponseRedirect('/login/?next=' + urlquote(request.path))
from gitshell.team.models import TeamManager
user_permission = TeamManager.get_repo_user_permission(repo, request.user)
if user_permission < REPO_PERMISSION.ADMIN:
if user_permission >= REPO_PERMISSION.WEB_VIEW:
return HttpResponseRedirect('/%s/%s/' % (user_name, repo_name))
if request.method == 'POST':
return json_failed(403, u'没有管理权限')
return error_with_reason(request, 'repo_permission_denied')
if request.user.is_authenticated():
feedAction = FeedAction()
feedAction.add_recently_view_repo_now(request.user.id, repo.id)
return function(request, *args, **kwargs)
def user(request, user_name):
title = u'%s / 概括' % user_name
gsuser = GsuserManager.get_user_by_name(user_name)
if gsuser is None:
raise Http404
gsuserprofile = GsuserManager.get_userprofile_by_id(gsuser.id)
if gsuserprofile.is_team_account == 1 and TeamManager.is_teamMember(gsuser.id, request.user.id):
return HttpResponseRedirect('/%s/-/dashboard/' % user_name)
recommendsForm = RecommendsForm()
repos = []
if gsuser.id == request.user.id:
repos = RepoManager.list_repo_by_userId(gsuser.id, 0, 100)
else:
repos = RepoManager.list_unprivate_repo_by_userId(gsuser.id, 0, 100)
now = datetime.now()
last30days = timeutils.getlast30days(now)
last30days_commit = get_last30days_commit(gsuser)
feedAction = FeedAction()
raw_watch_repos = feedAction.get_watch_repos(gsuser.id, 0, 10)
watch_repo_ids = [int(x[0]) for x in raw_watch_repos]
watch_repos_map = RepoManager.merge_repo_map(watch_repo_ids)
watch_repos = [watch_repos_map[x] for x in watch_repo_ids if x in watch_repos_map]
pri_user_feeds = feedAction.get_pri_user_feeds(gsuser.id, 0, 10)
pub_user_feeds = feedAction.get_pub_user_feeds(gsuser.id, 0, 10)
feeds_as_json = get_feeds_as_json(request, pri_user_feeds, pub_user_feeds)
star_repos = RepoManager.list_star_repo(gsuser.id, 0, 20)
response_dictionary = {'mainnav': 'user', 'title': title, 'recommendsForm': recommendsForm, 'repos': repos, 'watch_repos': watch_repos, 'star_repos': star_repos, 'last30days': last30days, 'last30days_commit': last30days_commit, 'feeds_as_json': feeds_as_json}
response_dictionary.update(get_common_user_dict(request, gsuser, gsuserprofile))
return render_to_response('user/user.html',
response_dictionary,
context_instance=RequestContext(request))
def wrap(request, *args, **kwargs):
if len(args) >= 2:
user_name = args[0]
repo_name = args[1]
repo = RepoManager.get_repo_by_name(user_name, repo_name)
if repo is None:
return error_with_reason(request, 'repo_not_found')
if not request.user.is_authenticated():
return HttpResponseRedirect('/login/?next=' +
urlquote(request.path))
from gitshell.team.models import TeamManager
user_permission = TeamManager.get_repo_user_permission(
repo, request.user)
if user_permission < REPO_PERMISSION.ADMIN:
if user_permission >= REPO_PERMISSION.WEB_VIEW:
return HttpResponseRedirect('/%s/%s/' %
(user_name, repo_name))
if request.method == 'POST':
return json_failed(403, u'没有管理权限')
return error_with_reason(request, 'repo_permission_denied')
if request.user.is_authenticated():
feedAction = FeedAction()
feedAction.add_recently_view_repo_now(request.user.id, repo.id)
return function(request, *args, **kwargs)
def keyauth(request, fingerprint, command):
command = command.strip()
last_blank_idx = command.rfind(' ')
if last_blank_idx == -1:
return not_git_command()
pre_command = command[0 : last_blank_idx]
short_repo_path = command[last_blank_idx+1 :]
if pre_command == '' or '"' in pre_command or '\'' in pre_command or short_repo_path == '':
return not_git_command()
first_repo_char_idx = -1
slash_idx = -1
last_repo_char_idx = -1
for i in range(0, len(short_repo_path)):
schar = short_repo_path[i]
if first_repo_char_idx == -1 and re.match('\w', schar):
first_repo_char_idx = i
if schar == '/':
slash_idx = i
if re.match('[a-zA-Z0-9_\-]', schar):
last_repo_char_idx = i
if not (first_repo_char_idx > -1 and first_repo_char_idx < slash_idx and slash_idx < last_repo_char_idx):
return not_git_command()
username = short_repo_path[first_repo_char_idx : slash_idx]
reponame = short_repo_path[slash_idx+1 : last_repo_char_idx+1]
if reponame.endswith('.git'):
reponame = reponame[0 : len(reponame)-4]
if not (re.match('^[a-zA-Z0-9_\-]+$', username) and RepoManager.is_allowed_reponame_pattern(reponame)):
return not_git_command()
user = GsuserManager.get_user_by_name(username)
if user is None:
return not_git_command()
userprofile = GsuserManager.get_userprofile_by_id(user.id)
if userprofile is None:
return not_git_command()
if userprofile.used_quote > userprofile.quote:
return not_git_command()
repo = RepoManager.get_repo_by_userId_name(user.id, reponame)
if repo is None:
return not_git_command()
quote = userprofile.quote
# author of the repo
userPubkey = KeyauthManager.get_userpubkey_by_userId_fingerprint(user.id, fingerprint)
if userPubkey is not None:
return response_full_git_command(quote, pre_command, user, user, repo)
userpubkeys = KeyauthManager.list_userpubkey_by_fingerprint(fingerprint)
for userpubkey in userpubkeys:
# member of the repo
repoMember = RepoManager.get_repo_member(repo.id, userpubkey.user_id)
# member of the team user
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(user.id, userpubkey.user_id)
if repoMember or teamMember:
pushUser = GsuserManager.get_user_by_id(userpubkey.user_id)
if 'git-receive-pack' in pre_command:
if RepoManager.is_allowed_access_repo(repo, pushUser, REPO_PERMISSION.WRITE):
return response_full_git_command(quote, pre_command, pushUser, user, repo)
elif RepoManager.is_allowed_access_repo(repo, pushUser, REPO_PERMISSION.READ_ONLY):
return response_full_git_command(quote, pre_command, pushUser, user, repo)
return not_git_command()
def keyauth(request, fingerprint, command):
command = command.strip()
last_blank_idx = command.rfind(' ')
if last_blank_idx == -1:
return not_git_command()
pre_command = command[0:last_blank_idx]
short_repo_path = command[last_blank_idx + 1:]
if pre_command == '' or '"' in pre_command or '\'' in pre_command or short_repo_path == '':
return not_git_command()
first_repo_char_idx = -1
slash_idx = -1
last_repo_char_idx = -1
for i in range(0, len(short_repo_path)):
schar = short_repo_path[i]
if first_repo_char_idx == -1 and re.match('\w', schar):
first_repo_char_idx = i
if schar == '/':
slash_idx = i
if re.match('[a-zA-Z0-9_\-]', schar):
last_repo_char_idx = i
if not (first_repo_char_idx > -1 and first_repo_char_idx < slash_idx
and slash_idx < last_repo_char_idx):
return not_git_command()
username = short_repo_path[first_repo_char_idx:slash_idx]
reponame = short_repo_path[slash_idx + 1:last_repo_char_idx + 1]
if reponame.endswith('.git'):
reponame = reponame[0:len(reponame) - 4]
if not (re.match('^[a-zA-Z0-9_\-]+$', username)
and RepoManager.is_allowed_reponame_pattern(reponame)):
return not_git_command()
user = GsuserManager.get_user_by_name(username)
if user is None:
return not_git_command()
userprofile = GsuserManager.get_userprofile_by_id(user.id)
if userprofile is None:
return not_git_command()
if userprofile.used_quote > userprofile.quote:
return not_git_command()
repo = RepoManager.get_repo_by_userId_name(user.id, reponame)
if repo is None:
return not_git_command()
quote = userprofile.quote
# author of the repo
userPubkey = KeyauthManager.get_userpubkey_by_userId_fingerprint(
user.id, fingerprint)
if userPubkey is not None:
return response_full_git_command(quote, pre_command, user, user, repo)
userpubkeys = KeyauthManager.list_userpubkey_by_fingerprint(fingerprint)
for userpubkey in userpubkeys:
# member of the repo
repoMember = RepoManager.get_repo_member(repo.id, userpubkey.user_id)
# member of the team user
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(
user.id, userpubkey.user_id)
if repoMember or teamMember:
pushUser = GsuserManager.get_user_by_id(userpubkey.user_id)
if 'git-receive-pack' in pre_command:
if RepoManager.is_allowed_access_repo(repo, pushUser,
REPO_PERMISSION.WRITE):
return response_full_git_command(quote, pre_command,
pushUser, user, repo)
elif RepoManager.is_allowed_access_repo(repo, pushUser,
REPO_PERMISSION.READ_ONLY):
return response_full_git_command(quote, pre_command, pushUser,
user, repo)
return not_git_command()
def _get_common_team_dict(request, teamUser, teamUserprofile):
has_admin_rights = False
teamMember = TeamManager.get_teamMember_by_teamUserId_userId(teamUser.id, request.user.id)
if teamMember and teamMember.has_admin_rights():
has_admin_rights = True
return {'teamUser': teamUser, 'teamUserprofile': teamUserprofile, 'has_admin_rights': has_admin_rights}