def test_can_delete(self): if not LOCAL_PRO_DEV_ENV: return email = '%s@%s.com' % (randstring(6), randstring(6)) self.create_user(email=email) ccnet_api.add_org_user(self.org_id, email, 0) assert ccnet_api.org_user_exists(self.org_id, email) == 1 self.login_as(self.admin) url = reverse('api-v2.1-admin-org-user', args=[self.org_id, email]) resp = self.client.delete(url) self.assertEqual(200, resp.status_code) assert ccnet_api.org_user_exists(self.org_id, email) == 0
def get(self, request, org_id, email): """Get org user info """ # argument check avatar_size = request.GET.get('avatar_size', AVATAR_DEFAULT_SIZE) # resource check org_id = int(org_id) if not ccnet_api.get_org_by_id(org_id): error_msg = 'Organization %s not found.' % org_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) try: user = User.objects.get(email=email) except User.DoesNotExist: err_msg = 'User %s not found.' % email return api_error(status.HTTP_404_NOT_FOUND, err_msg) # permission check if not ccnet_api.org_user_exists(org_id, email): err_msg = _('User %s not found in organization.') % email return api_error(status.HTTP_404_NOT_FOUND, err_msg) # get user info user_info = get_user_info(email, org_id) avatar_url, is_default, date_uploaded = api_avatar_url( email, avatar_size) user_info['avatar_url'] = avatar_url return Response(user_info)
def get(self, request, org_id, email): """Org admin list repos by shared to user """ # resource check org_id = int(org_id) if not ccnet_api.get_org_by_id(org_id): error_msg = 'Organization %s not found.' % org_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) try: user = User.objects.get(email=email) except User.DoesNotExist: err_msg = 'User %s not found.' % email return api_error(status.HTTP_404_NOT_FOUND, err_msg) # permission check if not ccnet_api.org_user_exists(org_id, email): err_msg = _('User %s not found in organization.') % email return api_error(status.HTTP_404_NOT_FOUND, err_msg) # list beshared repos repo_info_list = list() beshared_repos = seafile_api.get_org_share_in_repo_list( org_id, email, -1, -1) for r in beshared_repos: owner_email = r.user group_name = '' is_group_owned_repo = False if '@seafile_group' in owner_email: is_group_owned_repo = True group_id = get_group_id_by_repo_owner(owner_email) group_name = group_id_to_name(group_id) owner_name = group_name if is_group_owned_repo else \ email2nickname(owner_email) owner_contact_email = '' if is_group_owned_repo else \ email2contact_email(owner_email) repo_info = { "repo_id": r.repo_id, "repo_name": r.repo_name, "last_modified": timestamp_to_isoformat_timestr(r.last_modify), "modifier_email": r.last_modifier, "owner_email": owner_email, "owner_name": owner_name, "owner_contact_email": owner_contact_email, "size": r.size, "encrypted": r.encrypted, "permission": r.permission, "status": normalize_repo_status_code(r.status), } repo_info_list.append(repo_info) return Response({'repo_list': repo_info_list})
def test_can_delete(self): if not LOCAL_PRO_DEV_ENV: return self.login_as(self.admin) url = reverse('api-v2.1-admin-org-user', args=[self.org_id, self.org_user]) resp = self.client.delete(url) self.assertEqual(200, resp.status_code) assert ccnet_api.org_user_exists(self.org_id, self.org_user) == 0
def post(self, request, group_id): """ Add a group member. """ username = request.user.username # only group owner/admin can add a group member if not is_group_admin_or_owner(group_id, username): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) email = request.data.get('email', None) try: User.objects.get(email=email) except User.DoesNotExist: error_msg = 'User %s not found.' % email return api_error(status.HTTP_404_NOT_FOUND, error_msg) try: if is_group_member(group_id, email): error_msg = _('User %s is already a group member.' ) % email2nickname(email) return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if is_org_context(request): org_id = request.user.org.org_id if not ccnet_api.org_user_exists(org_id, email): error_msg = _('User %s not found in organization.' ) % email2nickname(email) return api_error(status.HTTP_404_NOT_FOUND, error_msg) elif is_org_user(email): error_msg = _('User %s is an organization user.') % email return api_error(status.HTTP_404_NOT_FOUND, error_msg) ccnet_api.group_add_member(group_id, username, email) add_user_to_group.send(sender=None, group_staff=username, group_id=group_id, added_user=email) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) member_info = get_group_member_info(request, group_id, email) return Response(member_info, status=status.HTTP_201_CREATED)
def get(self, request, org_id, email): """Org admin list user owned repos """ # resource check org_id = int(org_id) if not ccnet_api.get_org_by_id(org_id): error_msg = 'Organization %s not found.' % org_id return api_error(status.HTTP_404_NOT_FOUND, error_msg) try: user = User.objects.get(email=email) except User.DoesNotExist: err_msg = 'User %s not found.' % email return api_error(status.HTTP_404_NOT_FOUND, err_msg) # permission check if not ccnet_api.org_user_exists(org_id, email): err_msg = _('User %s not found in organization.') % email return api_error(status.HTTP_404_NOT_FOUND, err_msg) # list repos repo_info_list = list() owned_repos = seafile_api.get_org_owned_repo_list(org_id, email) for r in owned_repos: # do not return virtual repos if r.is_virtual: continue repo_info = { "repo_id": r.id, "repo_name": r.name, "owner_email": email, "owner_name": email2nickname(email), "owner_contact_email": email2contact_email(email), "last_modified": timestamp_to_isoformat_timestr(r.last_modify), "modifier_email": r.last_modifier, "size": r.size, "encrypted": r.encrypted, "permission": 'rw', # Always have read-write permission to owned repo "status": normalize_repo_status_code(r.status), } repo_info_list.append(repo_info) return Response({'repo_list': repo_info_list})
def test_update_with_invalid_args(self): if not LOCAL_PRO_DEV_ENV: return email = '%s@%s.com' % (randstring(6), randstring(6)) tmp_user = self.create_user(email=email) ccnet_api.add_org_user(self.org_id, email, 0) assert ccnet_api.org_user_exists(self.org_id, email) == 1 assert tmp_user.is_active self.login_as(self.admin) url = reverse('api-v2.1-admin-org-user', args=[self.org_id, email]) status = 'fals' data = 'active=%s' % status resp = self.client.put(url, data, 'application/x-www-form-urlencoded') self.assertEqual(400, resp.status_code)
def post(self, request, group_id): """ Add a group member. """ username = request.user.username # only group owner/admin can add a group member if not is_group_admin_or_owner(group_id, username): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) email = request.data.get('email', None) try: User.objects.get(email=email) except User.DoesNotExist: error_msg = 'User %s not found.' % email return api_error(status.HTTP_404_NOT_FOUND, error_msg) try: if is_group_member(group_id, email): error_msg = _(u'User %s is already a group member.') % email return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if is_org_context(request): org_id = request.user.org.org_id if not ccnet_api.org_user_exists(org_id, email): error_msg = _(u'User %s not found in organization.') % email return api_error(status.HTTP_404_NOT_FOUND, error_msg) ccnet_api.group_add_member(group_id, username, email) add_user_to_group.send(sender=None, group_staff=username, group_id=group_id, added_user=email) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) member_info = get_group_member_info(request, group_id, email) return Response(member_info, status=status.HTTP_201_CREATED)
def is_org_user(username, org_id=None): """ Check if an user is an org user. Keyword arguments: org_id -- An integer greater than zero. If provided, check if the user is a member of the specific org. """ if not is_pro_version() or not MULTI_TENANCY: return False try: if org_id: # Return non-zero if True, otherwise 0. return ccnet_api.org_user_exists(org_id, username) != 0 else: orgs = ccnet_api.get_orgs_by_user(username) return len(orgs) > 0 except Exception as e: logger.error(e) return False
def setUp(self): self.user_name = self.user.username self.admin_name = self.admin.username if LOCAL_PRO_DEV_ENV: self.org_name = randstring(6) self.org_url_prefix = randstring(6) tmp_user = self.create_user(email='%s@%s.com' % (randstring(6), randstring(6))) self.org_creator = tmp_user.username self.org_id = ccnet_api.create_org(self.org_name, self.org_url_prefix, self.org_creator) self.org_users_url = reverse('api-v2.1-admin-org-users', args=[self.org_id]) email = '%s@%s.com' % (randstring(6), randstring(6)) self.create_user(email=email) ccnet_api.add_org_user(self.org_id, email, 0) assert ccnet_api.org_user_exists(self.org_id, email) == 1 self.org_user = email
def org_user_exists(org_id, username): return ccnet_api.org_user_exists(org_id, username)
def post(self, request, group_id): """ Import members from xlsx file Permission checking: 1. group admin or owner. """ xlsx_file = request.FILES.get('file', None) if not xlsx_file: error_msg = 'file can not be found.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) file_type, ext = get_file_type_and_ext(xlsx_file.name) if ext != 'xlsx': error_msg = file_type_error_msg(ext, 'xlsx') return api_error(status.HTTP_400_BAD_REQUEST, error_msg) # recourse check group_id = int(group_id) group = ccnet_api.get_group(group_id) if not group: error_msg = _('Group does not exist') return api_error(status.HTTP_404_NOT_FOUND, error_msg) # check permission # only group owner/admin can add group members username = request.user.username if not is_group_admin_or_owner(group_id, username): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) content = xlsx_file.read() try: fs = BytesIO(content) wb = load_workbook(filename=fs, read_only=True) except Exception as e: logger.error(e) # example file is like: # Email # [email protected] # [email protected] rows = wb.worksheets[0].rows records = [] # skip first row(head field). next(rows) for row in rows: records.append([col.value for col in row]) emails_list = [] for record in records: if record[0]: email = record[0].strip().lower() emails_list.append(email) result = {} result['failed'] = [] result['success'] = [] emails_need_add = [] org_id = None if is_org_context(request): org_id = request.user.org.org_id for email in emails_list: email_name = email2nickname(email) try: User.objects.get(email=email) except User.DoesNotExist: result['failed'].append({ 'email': email, 'email_name': email_name, 'error_msg': 'User %s not found.' % email_name }) continue if is_group_member(group_id, email, in_structure=False): result['failed'].append({ 'email': email, 'email_name': email_name, 'error_msg': _('User %s is already a group member.') % email_name }) continue # Can only invite organization users to group if org_id and not ccnet_api.org_user_exists(org_id, email): result['failed'].append({ 'email': email, 'email_name': email_name, 'error_msg': _('User %s not found in organization.') % email_name }) continue if not org_id and is_org_user(email): result['failed'].append({ 'email': email, 'email_name': email_name, 'error_msg': _('User %s is an organization user.') % email_name }) continue emails_need_add.append(email) # Add user to group. for email in emails_need_add: try: ccnet_api.group_add_member(group_id, username, email) member_info = get_group_member_info(request, group_id, email) result['success'].append(member_info) except SearpcError as e: logger.error(e) result['failed'].append({ 'email': email, 'error_msg': 'Internal Server Error' }) add_user_to_group.send(sender=None, group_staff=username, group_id=group_id, added_user=email) return Response(result)
def post(self, request, group_id): """ Bulk add group members. """ username = request.user.username try: if not is_group_admin_or_owner(group_id, username): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) except SearpcError as e: logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) emails_str = request.data.get('emails', '') emails_list = string2list(emails_str) emails_list = [x.lower() for x in emails_list] result = {} result['failed'] = [] result['success'] = [] emails_need_add = [] org_id = None if is_org_context(request): org_id = request.user.org.org_id for email in emails_list: email_name = email2nickname(email) try: User.objects.get(email=email) except User.DoesNotExist: result['failed'].append({ 'email': email, 'email_name': email_name, 'error_msg': 'User %s not found.' % email_name }) continue if is_group_member(group_id, email, in_structure=False): result['failed'].append({ 'email': email, 'email_name': email_name, 'error_msg': _('User %s is already a group member.') % email_name }) continue # Can only invite organization users to group if org_id and not ccnet_api.org_user_exists(org_id, email): result['failed'].append({ 'email': email, 'email_name': email_name, 'error_msg': _('User %s not found in organization.') % email_name }) continue if not org_id and is_org_user(email): result['failed'].append({ 'email': email, 'email_name': email_name, 'error_msg': _('User %s is an organization user.') % email_name }) continue emails_need_add.append(email) # Add user to group. for email in emails_need_add: try: ccnet_api.group_add_member(group_id, username, email) member_info = get_group_member_info(request, group_id, email) result['success'].append(member_info) except SearpcError as e: logger.error(e) result['failed'].append({ 'email': email, 'error_msg': 'Internal Server Error' }) add_user_to_group.send(sender=None, group_staff=username, group_id=group_id, added_user=email) return Response(result)