def test_subdir_permission_in_virtual_repo(repo, group, permission): api.post_dir(repo.id, '/dir1', 'subdir1', USER) api.post_dir(repo.id, '/dir2', 'subdir2', USER) v_repo_id_1 = api.share_subdir_to_user(repo.id, '/dir1', USER, USER2, permission) v_subdir_repo_id_1 = api.create_virtual_repo(v_repo_id_1, '/subdir1', 'subdir1', 'test_desc', USER, passwd='') assert api.check_permission(v_subdir_repo_id_1, USER2) == permission assert ccnet_api.group_add_member(group.id, USER, USER2) == 0 v_repo_id_2 = api.share_subdir_to_group(repo.id, '/dir2', USER, group.id, permission) v_subdir_repo_id_2 = api.create_virtual_repo(v_repo_id_2, '/subdir2', 'subdir2', 'test_desc', USER, passwd='') assert api.check_permission(v_subdir_repo_id_2, USER2) == permission assert api.unshare_subdir_for_user(repo.id, '/dir1', USER, USER2) == 0 assert api.unshare_subdir_for_group(repo.id, '/dir2', USER, group.id) == 0
def _add_shared_items(self): # create repo for user sub_repo_id = seafile_api.create_virtual_repo(self.repo.id, self.folder, self.repo.name, '', self.user.username) self.sub_repo_id = sub_repo_id # create group for admin admin_group_id = seaserv.ccnet_threaded_rpc.create_group('admin-group', self.admin.email) self.admin_group_id = admin_group_id # A user shares a folder to admin with permission 'rw'. seafile_api.share_repo(sub_repo_id, self.user.username, self.admin.username, 'rw') # A user shares a folder to admin group with permission 'rw'. seafile_api.set_group_repo(sub_repo_id, admin_group_id, self.user.username, 'rw') # A user shares a folder to public with permission 'rw'. seafile_api.add_inner_pub_repo(sub_repo_id, 'rw')
def create_virtual_repo(self): name = os.path.basename(self.folder.rstrip('/')) sub_repo_id = seafile_api.create_virtual_repo( self.repo.id, self.folder, name, name, self.user.username) return sub_repo_id
def create_virtual_repo(self): name = os.path.basename(self.folder.rstrip('/')) sub_repo_id = seafile_api.create_virtual_repo(self.repo.id, self.folder, name, name, self.user.username) return sub_repo_id
def test_can_list_priv_shared_folders(self): repo_id = self.repo.id username = self.user.username parent_dir = '/' dirname = '<img onerror=alert(1) src=a>_"_Ω_%2F_W_#_12_这' full_dir_path = os.path.join(parent_dir, dirname) # create folder self.create_folder(repo_id=repo_id, parent_dir=parent_dir, dirname=dirname, username=username) sub_repo_id = seafile_api.create_virtual_repo(repo_id, full_dir_path, dirname, dirname, username) seafile_api.share_repo(sub_repo_id, username, self.admin.username, 'rw') self.login_as(self.user) resp = self.client.get(reverse('list_priv_shared_folders')) self.assertEqual(200, resp.status_code) href = reverse("view_common_lib_dir", args=[repo_id, urlquote(full_dir_path).strip('/')]) self.assertRegexpMatches(resp.content, href)
def _add_shared_items(self): sub_repo_id = seafile_api.create_virtual_repo(self.repo.id, self.folder, self.repo.name, '', self.user.username) # A user shares a folder to admin with permission 'rw'. seafile_api.share_repo(sub_repo_id, self.user.username, self.admin.username, 'rw') # A user shares a folder to group with permission 'rw'. seafile_api.set_group_repo(sub_repo_id, self.group.id, self.user.username, 'rw')
def _prepare_repo_and_group(self): # create repo for user sub_repo_id = seafile_api.create_virtual_repo(self.repo.id, self.folder, self.repo.name, '', self.user.username) self.sub_repo_id = sub_repo_id # create group for admin admin_group_id = seaserv.ccnet_threaded_rpc.create_group( 'admin-group', self.admin.email) self.admin_group_id = admin_group_id
def _prepare_repo_and_group(self): # create repo for user sub_repo_id = seafile_api.create_virtual_repo(self.repo.id, self.folder, self.repo.name, '', self.user.username) self.sub_repo_id = sub_repo_id # create group for admin admin_group_id = seaserv.ccnet_threaded_rpc.create_group('admin-group', self.admin.email) self.admin_group_id = admin_group_id
def get_or_create_sub_repo_by_path(self, request, repo, path): username = request.user.username sub_repo = self.get_sub_repo_by_path(request, repo, path) if not sub_repo: name = os.path.basename(path) # create a sub-lib, # use name as 'repo_name' & 'repo_desc' for sub_repo if is_org_context(request): org_id = request.user.org.org_id sub_repo_id = seaserv.seafserv_threaded_rpc.create_org_virtual_repo( org_id, repo.id, path, name, name, username) else: sub_repo_id = seafile_api.create_virtual_repo( repo.id, path, name, name, username) sub_repo = seafile_api.get_repo(sub_repo_id) return sub_repo
def get_or_create_sub_repo_by_path(self, request, repo, path): username = request.user.username sub_repo = self.get_sub_repo_by_path(request, repo, path) if not sub_repo: name = os.path.basename(path) # create a sub-lib, # use name as 'repo_name' & 'repo_desc' for sub_repo if is_org_context(request): org_id = request.user.org.org_id sub_repo_id = seaserv.seafserv_threaded_rpc.create_org_virtual_repo( org_id, repo.id, path, name, name, username) else: sub_repo_id = seafile_api.create_virtual_repo(repo.id, path, name, name, username) sub_repo = seafile_api.get_repo(sub_repo_id) return sub_repo
def _add_shared_items(self): # create repo for user sub_repo_id = seafile_api.create_virtual_repo(self.repo.id, self.folder, self.repo.name, '', self.user.username) self.sub_repo_id = sub_repo_id # create group for admin admin_group_id = seaserv.ccnet_threaded_rpc.create_group( 'admin-group', self.admin.email) self.admin_group_id = admin_group_id # A user shares a folder to admin with permission 'rw'. seafile_api.share_repo(sub_repo_id, self.user.username, self.admin.username, 'rw') # A user shares a folder to admin group with permission 'rw'. seafile_api.set_group_repo(sub_repo_id, admin_group_id, self.user.username, 'rw') # A user shares a folder to public with permission 'rw'. seafile_api.add_inner_pub_repo(sub_repo_id, 'rw')
def ajax_private_share_dir(request): content_type = 'application/json; charset=utf-8' repo_id = request.POST.get('repo_id', '') path = request.POST.get('path', '') username = request.user.username result = {} repo = seafile_api.get_repo(repo_id) if not repo: result['error'] = _(u'Library does not exist.') return HttpResponse(json.dumps(result), status=400, content_type=content_type) if seafile_api.get_dir_id_by_path(repo_id, path) is None: result['error'] = _(u'Directory does not exist.') return HttpResponse(json.dumps(result), status=400, content_type=content_type) if path != '/': # if share a dir, check sub-repo first try: if is_org_context(request): org_id = request.user.org.org_id sub_repo = seaserv.seafserv_threaded_rpc.get_org_virtual_repo( org_id, repo_id, path, username) else: sub_repo = seafile_api.get_virtual_repo(repo_id, path, username) except SearpcError as e: result['error'] = e.msg return HttpResponse(json.dumps(result), status=500, content_type=content_type) if not sub_repo: name = os.path.basename(path) # create a sub-lib try: # use name as 'repo_name' & 'repo_desc' for sub_repo if is_org_context(request): org_id = request.user.org.org_id sub_repo_id = seaserv.seafserv_threaded_rpc.create_org_virtual_repo( org_id, repo_id, path, name, name, username) else: sub_repo_id = seafile_api.create_virtual_repo(repo_id, path, name, name, username) sub_repo = seafile_api.get_repo(sub_repo_id) except SearpcError as e: result['error'] = e.msg return HttpResponse(json.dumps(result), status=500, content_type=content_type) shared_repo_id = sub_repo.id shared_repo = sub_repo else: shared_repo_id = repo_id shared_repo = repo emails_string = request.POST.get('emails', '') groups_string = request.POST.get('groups', '') perm = request.POST.get('perm', '') emails = string2list(emails_string) groups = string2list(groups_string) # Test whether user is the repo owner. if not seafile_api.is_repo_owner(username, shared_repo_id) and \ not is_org_repo_owner(username, shared_repo_id): result['error'] = _(u'Only the owner of the library has permission to share it.') return HttpResponse(json.dumps(result), status=500, content_type=content_type) # Parsing input values. # no 'share_to_all' share_to_groups, share_to_users, shared_success, shared_failed = [], [], [], [] for email in emails: email = email.lower() if is_valid_username(email): share_to_users.append(email) else: shared_failed.append(email) for group_id in groups: share_to_groups.append(seaserv.get_group(group_id)) for email in share_to_users: # Add email to contacts. mail_sended.send(sender=None, user=request.user.username, email=email) if share_to_user(request, shared_repo, email, perm): shared_success.append(email) else: shared_failed.append(email) for group in share_to_groups: if share_to_group(request, shared_repo, group, perm): shared_success.append(group.group_name) else: shared_failed.append(group.group_name) if len(shared_success) > 0: return HttpResponse(json.dumps({ "shared_success": shared_success, "shared_failed": shared_failed }), content_type=content_type) else: # for case: only share to users and the emails are not valid data = json.dumps({"error": _("Please check the email(s) you entered")}) return HttpResponse(data, status=400, content_type=content_type)
def ajax_private_share_dir(request): content_type = 'application/json; charset=utf-8' repo_id = request.POST.get('repo_id', '') path = request.POST.get('path', '') username = request.user.username result = {} repo = seafile_api.get_repo(repo_id) if not repo: result['error'] = _(u'Library does not exist.') return HttpResponse(json.dumps(result), status=400, content_type=content_type) if seafile_api.get_dir_id_by_path(repo_id, path) is None: result['error'] = _(u'Directory does not exist.') return HttpResponse(json.dumps(result), status=400, content_type=content_type) if path != '/': # if share a dir, check sub-repo first try: if is_org_context(request): org_id = request.user.org.org_id sub_repo = seaserv.seafserv_threaded_rpc.get_org_virtual_repo( org_id, repo_id, path, username) else: sub_repo = seafile_api.get_virtual_repo( repo_id, path, username) except SearpcError as e: result['error'] = e.msg return HttpResponse(json.dumps(result), status=500, content_type=content_type) if not sub_repo: name = os.path.basename(path) # create a sub-lib try: # use name as 'repo_name' & 'repo_desc' for sub_repo if is_org_context(request): org_id = request.user.org.org_id sub_repo_id = seaserv.seafserv_threaded_rpc.create_org_virtual_repo( org_id, repo_id, path, name, name, username) else: sub_repo_id = seafile_api.create_virtual_repo( repo_id, path, name, name, username) sub_repo = seafile_api.get_repo(sub_repo_id) except SearpcError as e: result['error'] = e.msg return HttpResponse(json.dumps(result), status=500, content_type=content_type) shared_repo_id = sub_repo.id shared_repo = sub_repo else: shared_repo_id = repo_id shared_repo = repo emails_string = request.POST.get('emails', '') groups_string = request.POST.get('groups', '') perm = request.POST.get('perm', '') emails = string2list(emails_string) groups = string2list(groups_string) # Test whether user is the repo owner. if not seafile_api.is_repo_owner(username, shared_repo_id) and \ not is_org_repo_owner(username, shared_repo_id): result['error'] = _( u'Only the owner of the library has permission to share it.') return HttpResponse(json.dumps(result), status=500, content_type=content_type) # Parsing input values. # no 'share_to_all' share_to_groups, share_to_users, shared_success, shared_failed = [], [], [], [] for email in emails: email = email.lower() if is_valid_username(email): share_to_users.append(email) else: shared_failed.append(email) for group_id in groups: share_to_groups.append(seaserv.get_group(group_id)) for email in share_to_users: # Add email to contacts. mail_sended.send(sender=None, user=request.user.username, email=email) if share_to_user(request, shared_repo, email, perm): shared_success.append(email) else: shared_failed.append(email) for group in share_to_groups: if share_to_group(request, shared_repo, group, perm): shared_success.append(group.group_name) else: shared_failed.append(group.group_name) if len(shared_success) > 0: return HttpResponse(json.dumps({ "shared_success": shared_success, "shared_failed": shared_failed }), content_type=content_type) else: # for case: only share to users and the emails are not valid data = json.dumps( {"error": _("Please check the email(s) you entered")}) return HttpResponse(data, status=400, content_type=content_type)
# check if the sub-lib exist try: sub_repo = seafile_api.get_virtual_repo(repo_id, path, username) except SearpcError, e: result['error'] = e.msg return HttpResponse(json.dumps(result), status=500, content_type=content_type) if sub_repo: result['sub_repo_id'] = sub_repo.id else: # create a sub-lib try: # use name as 'repo_name' & 'repo_desc' for sub_repo sub_repo_id = seafile_api.create_virtual_repo( repo_id, path, name, name, username) result['sub_repo_id'] = sub_repo_id except SearpcError, e: result['error'] = e.msg return HttpResponse(json.dumps(result), status=500, content_type=content_type) return HttpResponse(json.dumps(result), content_type=content_type) def download_enc_file(request, repo_id, file_id): if not request.is_ajax(): raise Http404 content_type = 'application/json; charset=utf-8'
username = request.user.username # check if the sub-lib exist try: sub_repo = seafile_api.get_virtual_repo(repo_id, path, username) except SearpcError, e: result['error'] = e.msg return HttpResponse(json.dumps(result), status=500, content_type=content_type) if sub_repo: result['sub_repo_id'] = sub_repo.id else: # create a sub-lib try: # use name as 'repo_name' & 'repo_desc' for sub_repo sub_repo_id = seafile_api.create_virtual_repo(repo_id, path, name, name, username) result['sub_repo_id'] = sub_repo_id except SearpcError, e: result['error'] = e.msg return HttpResponse(json.dumps(result), status=500, content_type=content_type) return HttpResponse(json.dumps(result), content_type=content_type) def download_enc_file(request, repo_id, file_id): if not request.is_ajax(): raise Http404 content_type = 'application/json; charset=utf-8' result = {} op = 'downloadblks'