def test_subdir_permission_in_virtual_repo(repo, group, permission):
    api.post_dir(repo.id, '/dir1', 'subdir1', USER)
    api.post_dir(repo.id, '/dir2', 'subdir2', USER)

    v_repo_id_1 = api.share_subdir_to_user(repo.id, '/dir1', USER, USER2,
                                           permission)
    v_subdir_repo_id_1 = api.create_virtual_repo(v_repo_id_1,
                                                 '/subdir1',
                                                 'subdir1',
                                                 'test_desc',
                                                 USER,
                                                 passwd='')
    assert api.check_permission(v_subdir_repo_id_1, USER2) == permission

    assert ccnet_api.group_add_member(group.id, USER, USER2) == 0
    v_repo_id_2 = api.share_subdir_to_group(repo.id, '/dir2', USER, group.id,
                                            permission)
    v_subdir_repo_id_2 = api.create_virtual_repo(v_repo_id_2,
                                                 '/subdir2',
                                                 'subdir2',
                                                 'test_desc',
                                                 USER,
                                                 passwd='')
    assert api.check_permission(v_subdir_repo_id_2, USER2) == permission

    assert api.unshare_subdir_for_user(repo.id, '/dir1', USER, USER2) == 0
    assert api.unshare_subdir_for_group(repo.id, '/dir2', USER, group.id) == 0
    def _add_shared_items(self):
        # create repo for user
        sub_repo_id = seafile_api.create_virtual_repo(self.repo.id,
                                                      self.folder,
                                                      self.repo.name, '',
                                                      self.user.username)

        self.sub_repo_id = sub_repo_id


        # create group for admin
        admin_group_id = seaserv.ccnet_threaded_rpc.create_group('admin-group',
                self.admin.email)
        self.admin_group_id = admin_group_id

        # A user shares a folder to admin with permission 'rw'.
        seafile_api.share_repo(sub_repo_id, self.user.username,
                               self.admin.username, 'rw')

        # A user shares a folder to admin group with permission 'rw'.
        seafile_api.set_group_repo(sub_repo_id, admin_group_id,
                                   self.user.username, 'rw')

        # A user shares a folder to public with permission 'rw'.
        seafile_api.add_inner_pub_repo(sub_repo_id, 'rw')
    def create_virtual_repo(self):

        name = os.path.basename(self.folder.rstrip('/'))
        sub_repo_id = seafile_api.create_virtual_repo(
                self.repo.id, self.folder, name,
                name, self.user.username)
        return sub_repo_id
    def create_virtual_repo(self):

        name = os.path.basename(self.folder.rstrip('/'))
        sub_repo_id = seafile_api.create_virtual_repo(self.repo.id,
                                                      self.folder, name, name,
                                                      self.user.username)
        return sub_repo_id
示例#5
0
    def test_can_list_priv_shared_folders(self):
        repo_id = self.repo.id
        username = self.user.username

        parent_dir = '/'
        dirname = '<img onerror=alert(1) src=a>_"_Ω_%2F_W_#_12_这'
        full_dir_path = os.path.join(parent_dir, dirname)

        # create folder
        self.create_folder(repo_id=repo_id,
                           parent_dir=parent_dir,
                           dirname=dirname,
                           username=username)

        sub_repo_id = seafile_api.create_virtual_repo(repo_id, full_dir_path,
                                                      dirname, dirname,
                                                      username)
        seafile_api.share_repo(sub_repo_id, username, self.admin.username,
                               'rw')

        self.login_as(self.user)
        resp = self.client.get(reverse('list_priv_shared_folders'))
        self.assertEqual(200, resp.status_code)
        href = reverse("view_common_lib_dir",
                       args=[repo_id,
                             urlquote(full_dir_path).strip('/')])
        self.assertRegexpMatches(resp.content, href)
示例#6
0
 def _add_shared_items(self):
     sub_repo_id = seafile_api.create_virtual_repo(self.repo.id,
                                                   self.folder,
                                                   self.repo.name, '',
                                                   self.user.username)
     # A user shares a folder to admin with permission 'rw'.
     seafile_api.share_repo(sub_repo_id, self.user.username,
                            self.admin.username, 'rw')
     # A user shares a folder to group with permission 'rw'.
     seafile_api.set_group_repo(sub_repo_id, self.group.id,
                                self.user.username, 'rw')
示例#7
0
 def _add_shared_items(self):
     sub_repo_id = seafile_api.create_virtual_repo(self.repo.id,
                                                   self.folder,
                                                   self.repo.name, '',
                                                   self.user.username)
     # A user shares a folder to admin with permission 'rw'.
     seafile_api.share_repo(sub_repo_id, self.user.username,
                            self.admin.username, 'rw')
     # A user shares a folder to group with permission 'rw'.
     seafile_api.set_group_repo(sub_repo_id, self.group.id,
                                self.user.username, 'rw')
示例#8
0
    def _prepare_repo_and_group(self):
        # create repo for user
        sub_repo_id = seafile_api.create_virtual_repo(self.repo.id,
                                                      self.folder,
                                                      self.repo.name, '',
                                                      self.user.username)

        self.sub_repo_id = sub_repo_id

        # create group for admin
        admin_group_id = seaserv.ccnet_threaded_rpc.create_group(
            'admin-group', self.admin.email)
        self.admin_group_id = admin_group_id
示例#9
0
    def _prepare_repo_and_group(self):
        # create repo for user
        sub_repo_id = seafile_api.create_virtual_repo(self.repo.id,
                                                      self.folder,
                                                      self.repo.name, '',
                                                      self.user.username)

        self.sub_repo_id = sub_repo_id

        # create group for admin
        admin_group_id = seaserv.ccnet_threaded_rpc.create_group('admin-group',
                self.admin.email)
        self.admin_group_id = admin_group_id
示例#10
0
    def get_or_create_sub_repo_by_path(self, request, repo, path):
        username = request.user.username
        sub_repo = self.get_sub_repo_by_path(request, repo, path)
        if not sub_repo:
            name = os.path.basename(path)
            # create a sub-lib,
            # use name as 'repo_name' & 'repo_desc' for sub_repo
            if is_org_context(request):
                org_id = request.user.org.org_id
                sub_repo_id = seaserv.seafserv_threaded_rpc.create_org_virtual_repo(
                    org_id, repo.id, path, name, name, username)
            else:
                sub_repo_id = seafile_api.create_virtual_repo(
                    repo.id, path, name, name, username)
            sub_repo = seafile_api.get_repo(sub_repo_id)

        return sub_repo
示例#11
0
    def get_or_create_sub_repo_by_path(self, request, repo, path):
        username = request.user.username
        sub_repo = self.get_sub_repo_by_path(request, repo, path)
        if not sub_repo:
            name = os.path.basename(path)
            # create a sub-lib,
            # use name as 'repo_name' & 'repo_desc' for sub_repo
            if is_org_context(request):
                org_id = request.user.org.org_id
                sub_repo_id = seaserv.seafserv_threaded_rpc.create_org_virtual_repo(
                    org_id, repo.id, path, name, name, username)
            else:
                sub_repo_id = seafile_api.create_virtual_repo(repo.id, path,
                                                              name, name, username)
            sub_repo = seafile_api.get_repo(sub_repo_id)

        return sub_repo
    def test_can_list_priv_shared_folders(self):
        repo_id = self.repo.id
        username = self.user.username

        parent_dir = '/'
        dirname = '<img onerror=alert(1) src=a>_"_Ω_%2F_W_#_12_这'
        full_dir_path = os.path.join(parent_dir, dirname)

        # create folder
        self.create_folder(repo_id=repo_id,
                           parent_dir=parent_dir,
                           dirname=dirname,
                           username=username)

        sub_repo_id = seafile_api.create_virtual_repo(repo_id, full_dir_path, dirname, dirname, username)
        seafile_api.share_repo(sub_repo_id, username, self.admin.username, 'rw')

        self.login_as(self.user)
        resp = self.client.get(reverse('list_priv_shared_folders'))
        self.assertEqual(200, resp.status_code)
        href = reverse("view_common_lib_dir", args=[repo_id, urlquote(full_dir_path).strip('/')])
        self.assertRegexpMatches(resp.content, href)
示例#13
0
    def _add_shared_items(self):
        # create repo for user
        sub_repo_id = seafile_api.create_virtual_repo(self.repo.id,
                                                      self.folder,
                                                      self.repo.name, '',
                                                      self.user.username)

        self.sub_repo_id = sub_repo_id

        # create group for admin
        admin_group_id = seaserv.ccnet_threaded_rpc.create_group(
            'admin-group', self.admin.email)
        self.admin_group_id = admin_group_id

        # A user shares a folder to admin with permission 'rw'.
        seafile_api.share_repo(sub_repo_id, self.user.username,
                               self.admin.username, 'rw')

        # A user shares a folder to admin group with permission 'rw'.
        seafile_api.set_group_repo(sub_repo_id, admin_group_id,
                                   self.user.username, 'rw')

        # A user shares a folder to public with permission 'rw'.
        seafile_api.add_inner_pub_repo(sub_repo_id, 'rw')
示例#14
0
文件: views.py 项目: insky2005/seahub
def ajax_private_share_dir(request):
    content_type = 'application/json; charset=utf-8'

    repo_id = request.POST.get('repo_id', '')
    path = request.POST.get('path', '')
    username = request.user.username
    result = {}

    repo = seafile_api.get_repo(repo_id)
    if not repo:
        result['error'] = _(u'Library does not exist.')
        return HttpResponse(json.dumps(result), status=400, content_type=content_type)

    if seafile_api.get_dir_id_by_path(repo_id, path) is None:
        result['error'] = _(u'Directory does not exist.')
        return HttpResponse(json.dumps(result), status=400, content_type=content_type)

    if path != '/':
        # if share a dir, check sub-repo first
        try:
            if is_org_context(request):
                org_id = request.user.org.org_id
                sub_repo = seaserv.seafserv_threaded_rpc.get_org_virtual_repo(
                    org_id, repo_id, path, username)
            else:
                sub_repo = seafile_api.get_virtual_repo(repo_id, path, username)
        except SearpcError as e:
            result['error'] = e.msg
            return HttpResponse(json.dumps(result), status=500, content_type=content_type)

        if not sub_repo:
            name = os.path.basename(path)
            # create a sub-lib
            try:
                # use name as 'repo_name' & 'repo_desc' for sub_repo
                if is_org_context(request):
                    org_id = request.user.org.org_id
                    sub_repo_id = seaserv.seafserv_threaded_rpc.create_org_virtual_repo(
                        org_id, repo_id, path, name, name, username)
                else:
                    sub_repo_id = seafile_api.create_virtual_repo(repo_id, path,
                        name, name, username)
                sub_repo = seafile_api.get_repo(sub_repo_id)
            except SearpcError as e:
                result['error'] = e.msg
                return HttpResponse(json.dumps(result), status=500, content_type=content_type)

        shared_repo_id = sub_repo.id
        shared_repo = sub_repo
    else:
        shared_repo_id = repo_id
        shared_repo = repo

    emails_string = request.POST.get('emails', '')
    groups_string = request.POST.get('groups', '')
    perm = request.POST.get('perm', '')

    emails = string2list(emails_string)
    groups = string2list(groups_string)

    # Test whether user is the repo owner.
    if not seafile_api.is_repo_owner(username, shared_repo_id) and \
            not is_org_repo_owner(username, shared_repo_id):
        result['error'] = _(u'Only the owner of the library has permission to share it.')
        return HttpResponse(json.dumps(result), status=500, content_type=content_type)

    # Parsing input values.
    # no 'share_to_all'
    share_to_groups, share_to_users, shared_success, shared_failed = [], [], [], []

    for email in emails:
        email = email.lower()
        if is_valid_username(email):
            share_to_users.append(email)
        else:
            shared_failed.append(email)

    for group_id in groups:
        share_to_groups.append(seaserv.get_group(group_id))

    for email in share_to_users:
        # Add email to contacts.
        mail_sended.send(sender=None, user=request.user.username, email=email)
        if share_to_user(request, shared_repo, email, perm):
            shared_success.append(email)
        else:
            shared_failed.append(email)

    for group in share_to_groups:
        if share_to_group(request, shared_repo, group, perm):
            shared_success.append(group.group_name)
        else:
            shared_failed.append(group.group_name)

    if len(shared_success) > 0:
        return HttpResponse(json.dumps({
            "shared_success": shared_success,
            "shared_failed": shared_failed
            }), content_type=content_type)
    else:
        # for case: only share to users and the emails are not valid
        data = json.dumps({"error": _("Please check the email(s) you entered")})
        return HttpResponse(data, status=400, content_type=content_type)
示例#15
0
文件: views.py 项目: mrakob/seahub
def ajax_private_share_dir(request):
    content_type = 'application/json; charset=utf-8'

    repo_id = request.POST.get('repo_id', '')
    path = request.POST.get('path', '')
    username = request.user.username
    result = {}

    repo = seafile_api.get_repo(repo_id)
    if not repo:
        result['error'] = _(u'Library does not exist.')
        return HttpResponse(json.dumps(result),
                            status=400,
                            content_type=content_type)

    if seafile_api.get_dir_id_by_path(repo_id, path) is None:
        result['error'] = _(u'Directory does not exist.')
        return HttpResponse(json.dumps(result),
                            status=400,
                            content_type=content_type)

    if path != '/':
        # if share a dir, check sub-repo first
        try:
            if is_org_context(request):
                org_id = request.user.org.org_id
                sub_repo = seaserv.seafserv_threaded_rpc.get_org_virtual_repo(
                    org_id, repo_id, path, username)
            else:
                sub_repo = seafile_api.get_virtual_repo(
                    repo_id, path, username)
        except SearpcError as e:
            result['error'] = e.msg
            return HttpResponse(json.dumps(result),
                                status=500,
                                content_type=content_type)

        if not sub_repo:
            name = os.path.basename(path)
            # create a sub-lib
            try:
                # use name as 'repo_name' & 'repo_desc' for sub_repo
                if is_org_context(request):
                    org_id = request.user.org.org_id
                    sub_repo_id = seaserv.seafserv_threaded_rpc.create_org_virtual_repo(
                        org_id, repo_id, path, name, name, username)
                else:
                    sub_repo_id = seafile_api.create_virtual_repo(
                        repo_id, path, name, name, username)
                sub_repo = seafile_api.get_repo(sub_repo_id)
            except SearpcError as e:
                result['error'] = e.msg
                return HttpResponse(json.dumps(result),
                                    status=500,
                                    content_type=content_type)

        shared_repo_id = sub_repo.id
        shared_repo = sub_repo
    else:
        shared_repo_id = repo_id
        shared_repo = repo

    emails_string = request.POST.get('emails', '')
    groups_string = request.POST.get('groups', '')
    perm = request.POST.get('perm', '')

    emails = string2list(emails_string)
    groups = string2list(groups_string)

    # Test whether user is the repo owner.
    if not seafile_api.is_repo_owner(username, shared_repo_id) and \
            not is_org_repo_owner(username, shared_repo_id):
        result['error'] = _(
            u'Only the owner of the library has permission to share it.')
        return HttpResponse(json.dumps(result),
                            status=500,
                            content_type=content_type)

    # Parsing input values.
    # no 'share_to_all'
    share_to_groups, share_to_users, shared_success, shared_failed = [], [], [], []

    for email in emails:
        email = email.lower()
        if is_valid_username(email):
            share_to_users.append(email)
        else:
            shared_failed.append(email)

    for group_id in groups:
        share_to_groups.append(seaserv.get_group(group_id))

    for email in share_to_users:
        # Add email to contacts.
        mail_sended.send(sender=None, user=request.user.username, email=email)
        if share_to_user(request, shared_repo, email, perm):
            shared_success.append(email)
        else:
            shared_failed.append(email)

    for group in share_to_groups:
        if share_to_group(request, shared_repo, group, perm):
            shared_success.append(group.group_name)
        else:
            shared_failed.append(group.group_name)

    if len(shared_success) > 0:
        return HttpResponse(json.dumps({
            "shared_success": shared_success,
            "shared_failed": shared_failed
        }),
                            content_type=content_type)
    else:
        # for case: only share to users and the emails are not valid
        data = json.dumps(
            {"error": _("Please check the email(s) you entered")})
        return HttpResponse(data, status=400, content_type=content_type)
示例#16
0
    # check if the sub-lib exist
    try:
        sub_repo = seafile_api.get_virtual_repo(repo_id, path, username)
    except SearpcError, e:
        result['error'] = e.msg
        return HttpResponse(json.dumps(result),
                            status=500,
                            content_type=content_type)

    if sub_repo:
        result['sub_repo_id'] = sub_repo.id
    else:
        # create a sub-lib
        try:
            # use name as 'repo_name' & 'repo_desc' for sub_repo
            sub_repo_id = seafile_api.create_virtual_repo(
                repo_id, path, name, name, username)
            result['sub_repo_id'] = sub_repo_id
        except SearpcError, e:
            result['error'] = e.msg
            return HttpResponse(json.dumps(result),
                                status=500,
                                content_type=content_type)

    return HttpResponse(json.dumps(result), content_type=content_type)


def download_enc_file(request, repo_id, file_id):
    if not request.is_ajax():
        raise Http404

    content_type = 'application/json; charset=utf-8'
示例#17
0
文件: ajax.py 项目: mhltlyc/seahub
    username = request.user.username

    # check if the sub-lib exist
    try:
        sub_repo = seafile_api.get_virtual_repo(repo_id, path, username)
    except SearpcError, e:
        result['error'] = e.msg
        return HttpResponse(json.dumps(result), status=500, content_type=content_type)
    
    if sub_repo:
        result['sub_repo_id'] = sub_repo.id
    else:
        # create a sub-lib
        try:
            # use name as 'repo_name' & 'repo_desc' for sub_repo
            sub_repo_id = seafile_api.create_virtual_repo(repo_id, path, name, name, username)
            result['sub_repo_id'] = sub_repo_id
        except SearpcError, e:
            result['error'] = e.msg
            return HttpResponse(json.dumps(result), status=500, content_type=content_type)

    return HttpResponse(json.dumps(result), content_type=content_type)

def download_enc_file(request, repo_id, file_id):
    if not request.is_ajax(): 
        raise Http404

    content_type = 'application/json; charset=utf-8'
    result = {}  

    op = 'downloadblks'