def put(self, request, group_id, email):
"""
Set/unset a specific group member as admin.
"""
username = request.user.username
is_admin = request.data.get('is_admin', '')
try:
# only group owner can set/unset a specific group member as admin
if not is_group_owner(group_id, username):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if not is_group_member(group_id, email):
error_msg = 'Email %s invalid.' % email
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# set/unset a specific group member as admin
if is_admin.lower() == 'true':
seaserv.ccnet_threaded_rpc.group_set_admin(group_id, email)
elif is_admin.lower() == 'false':
seaserv.ccnet_threaded_rpc.group_unset_admin(group_id, email)
else:
error_msg = 'is_admin invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
member_info = get_group_member_info(request, group_id, email)
return Response(member_info)
def put(self, request, group_id, email):
"""
Set/unset a specific group member as admin.
"""
username = request.user.username
is_admin = request.data.get('is_admin', '')
try:
# only group owner can set/unset a specific group member as admin
if not is_group_owner(group_id, username):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if not is_group_member(group_id, email):
error_msg = 'Email %s invalid.' % email
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# set/unset a specific group member as admin
if is_admin.lower() == 'true':
seaserv.ccnet_threaded_rpc.group_set_admin(group_id, email)
elif is_admin.lower() == 'false':
seaserv.ccnet_threaded_rpc.group_unset_admin(group_id, email)
else:
error_msg = 'is_admin invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
member_info = get_group_member_info(request, group_id, email)
return Response(member_info)
def delete(self, request, group_id, email):
"""
User leave group or group owner/admin delete a group member.
"""
try:
if not is_group_member(group_id, email):
error_msg = 'Email %s invalid.' % email
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
username = request.user.username
# user leave group
if username == email:
try:
seaserv.ccnet_threaded_rpc.quit_group(group_id, username)
# remove repo-group share info of all 'email' owned repos
seafile_api.remove_group_repos_by_owner(group_id, email)
return Response({'success': True})
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR,
error_msg)
# group owner/admin delete a group member
try:
if is_group_owner(group_id, username):
# group owner can delete all group member
seaserv.ccnet_threaded_rpc.group_remove_member(
group_id, username, email)
seafile_api.remove_group_repos_by_owner(group_id, email)
return Response({'success': True})
elif is_group_admin(group_id, username):
# group admin can NOT delete group owner/admin
if not is_group_admin_or_owner(group_id, email):
seaserv.ccnet_threaded_rpc.group_remove_member(
group_id, username, email)
seafile_api.remove_group_repos_by_owner(group_id, email)
return Response({'success': True})
else:
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
else:
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
def delete(self, request, group_id, email):
"""
User leave group or group owner/admin delete a group member.
"""
try:
if not is_group_member(group_id, email):
error_msg = 'Email %s invalid.' % email
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
username = request.user.username
# user leave group
if username == email:
try:
seaserv.ccnet_threaded_rpc.quit_group(group_id, username)
# remove repo-group share info of all 'email' owned repos
seafile_api.remove_group_repos_by_owner(group_id, email)
return Response({'success': True})
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# group owner/admin delete a group member
try:
if is_group_owner(group_id, username):
# group owner can delete all group member
seaserv.ccnet_threaded_rpc.group_remove_member(group_id, username, email)
seafile_api.remove_group_repos_by_owner(group_id, email)
return Response({'success': True})
elif is_group_admin(group_id, username):
# group admin can NOT delete group owner/admin
if not is_group_admin_or_owner(group_id, email):
seaserv.ccnet_threaded_rpc.group_remove_member(group_id, username, email)
seafile_api.remove_group_repos_by_owner(group_id, email)
return Response({'success': True})
else:
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
else:
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
def delete(self, request, group_id):
""" Dismiss a specific group
Permission:
1. group owner
"""
org_id = None
if is_org_context(request):
org_id = request.user.org.org_id
username = request.user.username
try:
# only group owner can dismiss a group
if not is_group_owner(group_id, username):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
# if there are dtables in this group, prohibit deletion of groups
owner = '%s@seafile_group' % group_id
workspace = Workspaces.objects.get_workspace_by_owner(owner)
if DTables.objects.filter(workspace=workspace, deleted=False).exists():
error_msg = 'Disable group deletion before deleting table(s).'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
seafile_api.remove_repo(workspace.repo_id)
workspace.delete()
remove_group_common(group_id, username, org_id=org_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
return Response({'success': True})
def delete(self, request, group_id):
""" Dismiss a specific group
"""
org_id = None
if is_org_context(request):
org_id = request.user.org.org_id
username = request.user.username
try:
# only group owner can dismiss a group
if not is_group_owner(group_id, username):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
remove_group_common(group_id, username, org_id=org_id)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
return Response({'success': True})
def delete(self, request, group_id):
""" Dismiss a specific group
"""
org_id = None
if is_org_context(request):
org_id = request.user.org.org_id
username = request.user.username
try:
# only group owner can dismiss a group
if not is_group_owner(group_id, username):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
remove_group_common(group_id, username, org_id=org_id)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
return Response({'success': True})
def put(self, request, group_id):
""" Rename, transfer a specific group
"""
username = request.user.username
new_group_name = request.data.get('name', None)
# rename a group
if new_group_name:
try:
# only group owner/admin can rename a group
if not is_group_admin_or_owner(group_id, username):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# Check whether group name is validate.
if not validate_group_name(new_group_name):
error_msg = _(u'Group name can only contain letters, numbers, blank, hyphen or underscore')
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# Check whether group name is duplicated.
if check_group_name_conflict(request, new_group_name):
error_msg = _(u'There is already a group with that name.')
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
seaserv.ccnet_threaded_rpc.set_group_name(group_id, new_group_name)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
new_owner = request.data.get('owner', None)
# transfer a group
if new_owner:
try:
# only group owner can transfer a group
if not is_group_owner(group_id, username):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# augument check
if not is_valid_username(new_owner):
error_msg = 'Email %s invalid.' % new_owner
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if is_group_owner(group_id, new_owner):
error_msg = _(u'User %s is already group owner.') % new_owner
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# transfer a group
if not is_group_member(group_id, new_owner):
ccnet_api.group_add_member(group_id, username, new_owner)
if not is_group_admin(group_id, new_owner):
ccnet_api.group_set_admin(group_id, new_owner)
ccnet_api.set_group_creator(group_id, new_owner)
ccnet_api.group_unset_admin(group_id, username)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
wiki_enabled = request.data.get('wiki_enabled', None)
# turn on/off group wiki
if wiki_enabled:
try:
# only group owner/admin can turn on a group wiki
if not is_group_admin_or_owner(group_id, username):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# augument check
if wiki_enabled != 'true' and wiki_enabled != 'false':
error_msg = 'wiki_enabled invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# turn on/off group wiki
if wiki_enabled == 'true':
enable_mod_for_group(group_id, MOD_GROUP_WIKI)
else:
disable_mod_for_group(group_id, MOD_GROUP_WIKI)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
group_info = get_group_info(request, group_id)
return Response(group_info)
def put(self, request, group_id):
""" Rename, transfer a specific group
"""
username = request.user.username
new_group_name = request.data.get('name', None)
# rename a group
if new_group_name:
try:
# only group owner/admin can rename a group
if not is_group_admin_or_owner(group_id, username):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# Check whether group name is validate.
if not validate_group_name(new_group_name):
error_msg = _(u'Group name can only contain letters, numbers, blank, hyphen or underscore')
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# Check whether group name is duplicated.
if check_group_name_conflict(request, new_group_name):
error_msg = _(u'There is already a group with that name.')
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
seaserv.ccnet_threaded_rpc.set_group_name(group_id, new_group_name)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
new_owner = request.data.get('owner', None)
# transfer a group
if new_owner:
try:
# only group owner can transfer a group
if not is_group_owner(group_id, username):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# augument check
if not is_valid_username(new_owner):
error_msg = 'Email %s invalid.' % new_owner
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if is_group_owner(group_id, new_owner):
error_msg = _(u'User %s is already group owner.') % new_owner
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# transfer a group
if not is_group_member(group_id, new_owner):
ccnet_api.group_add_member(group_id, username, new_owner)
if not is_group_admin(group_id, new_owner):
ccnet_api.group_set_admin(group_id, new_owner)
ccnet_api.set_group_creator(group_id, new_owner)
ccnet_api.group_unset_admin(group_id, username)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
wiki_enabled = request.data.get('wiki_enabled', None)
# turn on/off group wiki
if wiki_enabled:
try:
# only group owner/admin can turn on a group wiki
if not is_group_admin_or_owner(group_id, username):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# augument check
if wiki_enabled != 'true' and wiki_enabled != 'false':
error_msg = 'wiki_enabled invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# turn on/off group wiki
if wiki_enabled == 'true':
enable_mod_for_group(group_id, MOD_GROUP_WIKI)
else:
disable_mod_for_group(group_id, MOD_GROUP_WIKI)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
group_info = get_group_info(request, group_id)
return Response(group_info)
def put(self, request, group_id):
""" Admin transfer a group
Permission checking:
1. Admin user;
"""
# argument check
new_owner = request.data.get('new_owner', None)
if not new_owner or not is_valid_username(new_owner):
error_msg = 'new_owner %s invalid.' % new_owner
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
old_owner = request.data.get('old_owner', None)
if not old_owner or not is_valid_username(old_owner):
error_msg = 'old_owner %s invalid.' % old_owner
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# recourse check
group_id = int(group_id) # Checked by URL Conf
group = ccnet_api.get_group(group_id)
if not group:
error_msg = 'Group %d not found.' % group_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# check if new_owner exists,
# NOT need to check old_owner for old_owner may has been deleted.
try:
User.objects.get(email=new_owner)
except User.DoesNotExist:
error_msg = 'User %s not found.' % new_owner
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if new_owner == old_owner:
error_msg = 'new_owner %s is the same as old_owner %s.' % \
(new_owner, old_owner)
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if not is_group_owner(group_id, old_owner):
error_msg = _(u'User %s is not group owner.') % old_owner
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if is_group_owner(group_id, new_owner):
error_msg = _(u'User %s is already group owner.') % new_owner
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# transfer a group
try:
if not is_group_member(group_id, new_owner):
ccnet_api.group_add_member(group_id, old_owner, new_owner)
if not is_group_admin(group_id, new_owner):
ccnet_api.group_set_admin(group_id, new_owner)
ccnet_api.set_group_creator(group_id, new_owner)
ccnet_api.group_unset_admin(group_id, old_owner)
except SearpcError as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
group_info = get_group_info(group_id)
return Response(group_info)
