From cc225f3bb090390c2918bd75b8c76aa10695c31f Mon Sep 17 00:00:00 2001
From: Shuai Lin <linshuai2012@gmail.com>
Date: Wed, 8 Jul 2015 10:33:07 +0800
Subject: [PATCH 01/13] fixed office preview permission check

---
 seahub/templates/snippets/office_convert_js.html |  3 ++-
 seahub/views/file.py                             | 10 +++++-----
 2 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/seahub/templates/snippets/office_convert_js.html b/seahub/templates/snippets/office_convert_js.html
index e9c5a44abe..c06a528a84 100644
--- a/seahub/templates/snippets/office_convert_js.html
+++ b/seahub/templates/snippets/office_convert_js.html
@@ -20,7 +20,8 @@ var OfficePreviewer = function(file_id, preview_token) {
             $.param({file_id: this.file_id, page: page});
     }
     this.page_content_url = function(page) {
-        return "{% url 'office_convert_get_page' obj_id %}/" + page + '.page';
+        return "{% url 'office_convert_get_page' obj_id %}/"
+            + page + '.page?office_preview_token=' + this.preview_token;
     }
 
     var url = window.location.href;
diff --git a/seahub/views/file.py b/seahub/views/file.py
index 37f76f3eb9..a83e250745 100644
--- a/seahub/views/file.py
+++ b/seahub/views/file.py
@@ -1382,11 +1382,11 @@ def office_convert_get_page(request, path, internal=False):
         return HttpResponseForbidden()
 
     file_id = m.group(1)
-    # if path.endswith('file.css'):
-    #     pass
-    # else:
-    #     if request.office_preview_token != do_md5(file_id + settings.SECRET_KEY):
-    #         return HttpResponseForbidden()
+    if path.endswith('file.css'):
+        pass
+    else:
+        if request.office_preview_token != do_md5(file_id + settings.SECRET_KEY):
+            return HttpResponseForbidden()
 
     resp = get_office_converted_page(request, path, file_id, internal=internal)
     resp['Content-Type'] = 'text/html'

From 2cd615d561ce33c629660060c81cbdf27c3e54c9 Mon Sep 17 00:00:00 2001
From: zhengxie <xiez1989@gmail.com>
Date: Wed, 8 Jul 2015 14:37:25 +0800
Subject: [PATCH 02/13] Fix user last login duplicate error

---
 seahub/auth/tokens.py |  8 ++++----
 seahub/base/models.py | 23 ++++++++++++++++++++---
 2 files changed, 24 insertions(+), 7 deletions(-)

diff --git a/seahub/auth/tokens.py b/seahub/auth/tokens.py
index 1599f533c8..91bb013a89 100644
--- a/seahub/auth/tokens.py
+++ b/seahub/auth/tokens.py
@@ -57,12 +57,12 @@ class PasswordResetTokenGenerator(object):
         key_salt = "django.contrib.auth.tokens.PasswordResetTokenGenerator"
 
         # Ensure results are consistent across DB backends
-        try:
-            user_last_login = UserLastLogin.objects.get(username=user.email)
-            login_dt = user_last_login.last_login
-        except UserLastLogin.DoesNotExist:
+        user_last_login = UserLastLogin.objects.get_by_username(user.username)
+        if user_last_login is None:
             from seahub.utils.timeutils import dt
             login_dt = dt(user.ctime)
+        else:
+            login_dt = user_last_login.last_login
         login_timestamp = login_dt.replace(microsecond=0, tzinfo=None)
 
         value = (six.text_type(user.id) + user.enc_password +
diff --git a/seahub/base/models.py b/seahub/base/models.py
index 05103e7f5c..e16347251d 100644
--- a/seahub/base/models.py
+++ b/seahub/base/models.py
@@ -152,18 +152,35 @@ class GroupEnabledModule(models.Model):
     module_name = models.CharField(max_length=20)
 
 ########## misc
+class UserLastLoginManager(models.Manager):
+    def get_by_username(self, username):
+        """Return last login record for a user, delete duplicates if there are
+        duplicated records.
+        """
+        try:
+            return self.get(username=username)
+        except UserLastLogin.DoesNotExist:
+            return None
+        except UserLastLogin.MultipleObjectsReturned:
+            dups = self.filter(username=username)
+            ret = dups[0]
+            for dup in dups[1:]:
+                dup.delete()
+                logger.warn('Delete duplicate user last login record: %s' % username)
+            return ret
+
 class UserLastLogin(models.Model):
     username = models.CharField(max_length=255, db_index=True)
     last_login = models.DateTimeField(default=timezone.now)
+    objects = UserLastLoginManager()
 
 def update_last_login(sender, user, **kwargs):
     """
     A signal receiver which updates the last_login date for
     the user logging in.
     """
-    try:
-        user_last_login = UserLastLogin.objects.get(username=user.username)
-    except UserLastLogin.DoesNotExist:
+    user_last_login = UserLastLogin.objects.get_by_username(user.username)
+    if user_last_login is None:
         user_last_login = UserLastLogin(username=user.username)
     user_last_login.last_login = timezone.now()
     user_last_login.save()

From a47a15e5e3e1be7049a783d7f2d08a387b25bf5c Mon Sep 17 00:00:00 2001
From: zhengxie <xiez1989@gmail.com>
Date: Thu, 9 Jul 2015 15:49:04 +0800
Subject: [PATCH 03/13] Fix license parsing bug in fastcgi mode

---
 seahub/views/sysadmin.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/seahub/views/sysadmin.py b/seahub/views/sysadmin.py
index 39ed0496d9..cd60ae4c15 100644
--- a/seahub/views/sysadmin.py
+++ b/seahub/views/sysadmin.py
@@ -88,7 +88,8 @@ def sys_info(request):
 
     is_pro = is_pro_version()
     if is_pro:
-        license_dict = parse_license('../seafile-license.txt')
+        license_file = os.path.join(settings.PROJECT_ROOT, '../../seafile-license.txt')
+        license_dict = parse_license(license_file)
     else:
         license_dict = {}
     return render_to_response('sysadmin/sys_info.html', {

From 0f65ddfae51511590a976f54dd22aa6b194d6eab Mon Sep 17 00:00:00 2001
From: zhengxie <xiez1989@gmail.com>
Date: Fri, 10 Jul 2015 16:32:48 +0800
Subject: [PATCH 04/13] Fix forbiden issue in dir upload link

---
 seahub/views/ajax.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/seahub/views/ajax.py b/seahub/views/ajax.py
index e757a85d86..12637748a0 100644
--- a/seahub/views/ajax.py
+++ b/seahub/views/ajax.py
@@ -1854,8 +1854,7 @@ def get_file_upload_url_ul(request, token):
                             status=403, content_type=content_type)
 
     acc_token = seafile_api.get_fileserver_access_token(repo_id, 'dummy',
-                                                        'upload',
-                                                        request.user.username,
+                                                        'upload', '',
                                                         use_onetime=False)
     url = gen_file_upload_url(acc_token, 'upload-aj')
     return HttpResponse(json.dumps({"url": url}), content_type=content_type)

From 61dff076d426ada24689356b6f1a08076bb78bcf Mon Sep 17 00:00:00 2001
From: zhengxie <xiez1989@gmail.com>
Date: Mon, 13 Jul 2015 11:56:09 +0800
Subject: [PATCH 05/13] Fix dir/file api path not exists error

---
 seahub/api2/views.py     | 5 ++++-
 seahub/base/models.py    | 5 ++++-
 seahub/group/views.py    | 5 ++++-
 seahub/utils/repo.py     | 3 ++-
 seahub/views/__init__.py | 4 ++++
 seahub/views/file.py     | 5 ++++-
 seahub/views/repo.py     | 3 +++
 seahub/views/wiki.py     | 6 +++++-
 seahub/wiki/utils.py     | 2 ++
 9 files changed, 32 insertions(+), 6 deletions(-)

diff --git a/seahub/api2/views.py b/seahub/api2/views.py
index ae64fdcc28..6475e66738 100644
--- a/seahub/api2/views.py
+++ b/seahub/api2/views.py
@@ -1852,7 +1852,10 @@ class FileDetailView(APIView):
             # get real path for sub repo
             real_path = repo.origin_path + path if repo.origin_path else path
             dirent = seafile_api.get_dirent_by_path(repo.store_id, real_path)
-            latest_contributor, last_modified = dirent.modifier, dirent.mtime
+            if dirent:
+                latest_contributor, last_modified = dirent.modifier, dirent.mtime
+            else:
+                latest_contributor, last_modified = None, 0
         except SearpcError as e:
             logger.error(e)
             latest_contributor, last_modified = None, 0
diff --git a/seahub/base/models.py b/seahub/base/models.py
index e16347251d..cdc4ada20f 100644
--- a/seahub/base/models.py
+++ b/seahub/base/models.py
@@ -120,7 +120,10 @@ class UserStarredFilesManager(models.Manager):
                 real_path = sfile.repo.origin_path + sfile.path if sfile.repo.origin_path else sfile.path
                 dirent = seafile_api.get_dirent_by_path(sfile.repo.store_id,
                                                         real_path)
-                sfile.last_modified = dirent.mtime
+                if dirent:
+                    sfile.last_modified = dirent.mtime
+                else:
+                    sfile.last_modified = 0
             except SearpcError as e:
                 logger.error(e)
                 sfile.last_modified = 0
diff --git a/seahub/group/views.py b/seahub/group/views.py
index 8073836400..6c710d1308 100644
--- a/seahub/group/views.py
+++ b/seahub/group/views.py
@@ -1396,7 +1396,10 @@ def group_wiki(request, group, page_name="home"):
         path = '/' + dirent.obj_name
         try:
             dirent = seafile_api.get_dirent_by_path(repo.id, path)
-            latest_contributor, last_modified = dirent.modifier, dirent.mtime
+            if dirent:
+                latest_contributor, last_modified = dirent.modifier, dirent.mtime
+            else:
+                latest_contributor, last_modified = None, 0
         except SearpcError as e:
             logger.error(e)
             latest_contributor, last_modified = None, 0
diff --git a/seahub/utils/repo.py b/seahub/utils/repo.py
index 532bdb85b6..e8e1e28e7d 100644
--- a/seahub/utils/repo.py
+++ b/seahub/utils/repo.py
@@ -15,7 +15,8 @@ def list_dir_by_path(cmmt, path):
     if cmmt.root_id == EMPTY_SHA1:
         return []
     else:
-        return seafile_api.list_dir_by_commit_and_path(cmmt.repo_id, cmmt.id, path)
+        dirs = seafile_api.list_dir_by_commit_and_path(cmmt.repo_id, cmmt.id, path)
+        return dirs if dirs else []
 
 def get_sub_repo_abbrev_origin_path(repo_name, origin_path):
     """Return abbrev path for sub repo based on `repo_name` and `origin_path`.
diff --git a/seahub/views/__init__.py b/seahub/views/__init__.py
index b3e1f8814b..413b758712 100644
--- a/seahub/views/__init__.py
+++ b/seahub/views/__init__.py
@@ -202,6 +202,8 @@ def get_repo_dirents_with_perm(request, repo, commit, path, offset=-1, limit=-1)
     else:
         try:
             dir_id = seafile_api.get_dir_id_by_path(repo.id, path)
+            if not dir_id:
+                return ([], [], False)
             dirs = seafserv_threaded_rpc.list_dir_with_perm(repo.id, path,
                                                             dir_id, username,
                                                             offset, limit)
@@ -285,6 +287,8 @@ def get_repo_dirents(request, repo, commit, path, offset=-1, limit=-1):
             dirs = seafile_api.list_dir_by_commit_and_path(commit.repo_id,
                                                            commit.id, path,
                                                            offset, limit)
+            if not dirs:
+                return ([], [], False)
         except SearpcError as e:
             logger.error(e)
             return ([], [], False)
diff --git a/seahub/views/file.py b/seahub/views/file.py
index a83e250745..74107b8390 100644
--- a/seahub/views/file.py
+++ b/seahub/views/file.py
@@ -442,7 +442,10 @@ def _file_view(request, repo_id, path):
         # get real path for sub repo
         real_path = repo.origin_path + path if repo.origin_path else path
         dirent = seafile_api.get_dirent_by_path(repo.store_id, real_path)
-        latest_contributor, last_modified = dirent.modifier, dirent.mtime
+        if dirent:
+            latest_contributor, last_modified = dirent.modifier, dirent.mtime
+        else:
+            latest_contributor, last_modified = None, 0
     except SearpcError as e:
         logger.error(e)
         latest_contributor, last_modified = None, 0
diff --git a/seahub/views/repo.py b/seahub/views/repo.py
index fc3ab4a1e6..2dd4531c42 100644
--- a/seahub/views/repo.py
+++ b/seahub/views/repo.py
@@ -374,6 +374,9 @@ def _download_dir_from_share_link(request, fileshare, repo, real_path):
         dirname = os.path.basename(real_path.rstrip('/'))
 
     dir_id = seafile_api.get_dir_id_by_path(repo.id, real_path)
+    if not dir_id:
+        return render_error(
+            request, _(u'Unable to download: folder not found.'))
 
     try:
         total_size = seaserv.seafserv_threaded_rpc.get_dir_size(
diff --git a/seahub/views/wiki.py b/seahub/views/wiki.py
index 8771905ed0..0ab21cf42f 100644
--- a/seahub/views/wiki.py
+++ b/seahub/views/wiki.py
@@ -66,8 +66,12 @@ def personal_wiki(request, page_name="home"):
         path = '/' + dirent.obj_name
         try:
             dirent = seafile_api.get_dirent_by_path(repo.id, path)
-            latest_contributor, last_modified = dirent.modifier, dirent.mtime
+            if dirent:
+                latest_contributor, last_modified = dirent.modifier, dirent.mtime
+            else:
+                latest_contributor, last_modified = None, 0
         except SearpcError as e:
+            logger.error(e)
             latest_contributor, last_modified = None, 0
 
         wiki_index_exists = True
diff --git a/seahub/wiki/utils.py b/seahub/wiki/utils.py
index 456cc5f857..6a4b7a3de3 100644
--- a/seahub/wiki/utils.py
+++ b/seahub/wiki/utils.py
@@ -98,6 +98,8 @@ def get_wiki_pages(repo):
     return pages in hashtable {normalized_name: page_name}
     """
     dir_id = seaserv.seafserv_threaded_rpc.get_dir_id_by_path(repo.id, '/')
+    if not dir_id:
+        return {}
     dirs = seafile_api.list_dir_by_dir_id(repo.id, dir_id)
     pages = {}
     for e in dirs:

From 6ff2efb5970e5b695f4857c1da7f53df51650e75 Mon Sep 17 00:00:00 2001
From: llj <lingjun.li1@gmail.com>
Date: Fri, 26 Jun 2015 15:45:15 +0800
Subject: [PATCH 06/13] [dir private share] split into user/group share

---
 media/css/seahub.css                          |   4 +
 seahub/share/urls.py                          |   1 +
 seahub/share/views.py                         |   2 +-
 seahub/templates/js/templates.html            |  75 +++++---
 seahub/urls.py                                |   3 +
 seahub/views/ajax.py                          |  86 ++++++++-
 static/scripts/app/views/folder-perm-item.js  |  18 +-
 static/scripts/app/views/folder-perm.js       |   8 +-
 static/scripts/app/views/folder-share-item.js |  96 ++++++++++
 static/scripts/app/views/share.js             | 173 ++++++++++++++----
 static/scripts/common.js                      |   3 +
 11 files changed, 396 insertions(+), 73 deletions(-)
 create mode 100644 static/scripts/app/views/folder-share-item.js

diff --git a/media/css/seahub.css b/media/css/seahub.css
index 0fb590a228..28a5128016 100644
--- a/media/css/seahub.css
+++ b/media/css/seahub.css
@@ -3545,16 +3545,20 @@ textarea:-moz-placeholder {/* for FF */
 }
 
 /* user & group folder perm */
+#share-popup .tabs-panel,
 #folder-perm-tabs .tabs-panel {
     width:550px;
 }
+#share-popup .share-permission-select,
 #folder-perm-tabs .perm-select {
     height:30px;
 }
+#share-popup .submit,
 #folder-perm-tabs .submit {
     margin-top:2px;
     height:30px;
 }
+#share-popup table,
 #folder-perm-tabs table {
     margin-top:0;
 }
diff --git a/seahub/share/urls.py b/seahub/share/urls.py
index 9f7a1172b3..17eb5f4a0a 100644
--- a/seahub/share/urls.py
+++ b/seahub/share/urls.py
@@ -37,5 +37,6 @@ urlpatterns = patterns('',
     url(r'^ajax/get-download-link/$', ajax_get_download_link, name='ajax_get_download_link'),
     url(r'^ajax/get-upload-link/$', ajax_get_upload_link, name='ajax_get_upload_link'),
     url(r'^ajax/private-share-file/$', ajax_private_share_file, name='ajax_private_share_file'),
+
     url(r'^ajax/private-share-dir/$', ajax_private_share_dir, name='ajax_private_share_dir'),
 )
diff --git a/seahub/share/views.py b/seahub/share/views.py
index 30cd5d54ff..0e36f84870 100644
--- a/seahub/share/views.py
+++ b/seahub/share/views.py
@@ -359,7 +359,7 @@ def ajax_repo_remove_share(request):
 @login_required
 def repo_remove_share(request):
     """
-    If repo is shared from one person to another person, only these two peson
+    If repo is shared from one person to another person, only these two person
     can remove share.
     If repo is shared from one person to a group, then only the one share the
     repo and group staff can remove share.
diff --git a/seahub/templates/js/templates.html b/seahub/templates/js/templates.html
index c7b972e352..af1e6bfb80 100644
--- a/seahub/templates/js/templates.html
+++ b/seahub/templates/js/templates.html
@@ -328,8 +328,9 @@
                 <% if (user_perm == 'rw' && !repo_encrypted) { %>
             <li class="tab"><a href="#dir-upload-link-share" class="a">{% trans "Upload Link" %}</a></li>
                 <% } %>
-                <% if (!is_virtual && is_repo_owner) { %>
-            <li class="tab"><a href="#dir-private-share" class="a">{% trans "Private Share" %}</a></li>
+            <% if (!is_virtual && is_repo_owner) { %> {# dir private share #}
+            <li class="tab"><a href="#dir-user-share" class="a">{% trans "Share to user" %}</a></li>
+            <li class="tab"><a href="#dir-group-share" class="a">{% trans "Share to group" %}</a></li>
                 <% } %>
             <% } %>
         </ul>
@@ -423,28 +424,56 @@
 
                 <% if (!is_virtual && is_repo_owner) { %>
                     <% if (!repo_encrypted) { %>
-            <div id="dir-private-share" class="tabs-panel hide">
+            <div id="dir-user-share" class="tabs-panel hide">
                     <% } else { %>
-            <div id="dir-private-share" class="tabs-panel"> {# enc lib only has 'dir-private-share' #}
+            <div id="dir-user-share" class="tabs-panel">
                     <% } %>
-                <form id="dir-private-share-form" action="" class="hide">
-                    <label class="label">{% trans "People:" %}</label><br />
-                    <input type="hidden" name="emails" class="w100" /><br />
-
-                    <label class="label">{% trans "Groups:" %}</label><br />
-                    <select name="groups" class="w100" multiple="multiple"></select><br />
-
-                    <label class="label">{% trans "Permission:" %}</label><br />
-                    <select name="permission" class="share-permission-select w100">
-                        <option value="rw" selected="selected">{% trans "Read-Write"%}</option>
-                        <option value="r">{% trans "Read-Only"%}</option>
-                    </select>
-                    <p class="error hide"></p>
-                    <input type="submit" value="{% trans "Submit" %}" class="submit" />
-                </form>
+                <table>
+                    <tr>
+                        <th width="55%">{% trans "User" %}</th>
+                        <th width="25%">{% trans "Permission" %}</th>
+                        <th width="20%"></th>
+                    </tr>
+                    <tr id="add-dir-user-share-item">
+                        <td>
+                            <input type="hidden" name="emails" class="w100" />
+                        </td>
+                        <td>
+                            <select name="permission" class="share-permission-select w100">
+                                <option value="rw" selected="selected">{% trans "Read-Write" %}</option>
+                                <option value="r">{% trans "Read-Only" %}</option>
+                            </select>
+                        </td>
+                        <td><input type="submit" value="{% trans "Submit" %}" class="submit" /></td>
+                    </tr>
+                </table>
+                <p class="error hide"></p>
             </div>
-                <% } %>
-            <% } %>
+
+            <div id="dir-group-share" class="tabs-panel hide">
+                <table>
+                    <tr>
+                        <th width="55%">{% trans "Group" %}</th>
+                        <th width="25%">{% trans "Permission" %}</th>
+                        <th width="20%"></th>
+                    </tr>
+                    <tr id="add-dir-group-share-item">
+                        <td>
+                            <select name="groups" class="w100" multiple="multiple"></select>
+                        </td>
+                        <td>
+                            <select name="permission" class="share-permission-select w100">
+                                <option value="rw" selected="selected">{% trans "Read-Write" %}</option>
+                                <option value="r">{% trans "Read-Only" %}</option>
+                            </select>
+                        </td>
+                        <td><input type="submit" value="{% trans "Submit" %}" class="submit" /></td>
+                    </tr>
+                </table>
+                <p class="error hide"></p>
+            </div>
+                <% } %> {# if (!is_virtual && is_repo_owner) #}
+            <% } %> {# if is_dir #}
 
             <% if (!is_dir && is_repo_owner) { %>
             <div id="file-private-share" class="tabs-panel hide">
@@ -608,7 +637,7 @@
 </form>
 </script>
 <script type="text/template" id="folder-perm-item-tmpl">
-    <% if (is_user_perm) { %>
+    <% if (for_user) { %>
     <td>
         <a href="{{ SITE_ROOT }}profile/<% print(encodeURIComponent(user)); %>/" target="_blank" title="<%- user %>"><%- user_name %></a>
     </td>
@@ -639,7 +668,7 @@
         </select>
     </td>
     <td>
-        <img src="{{ MEDIA_URL }}img/rm.png" class="perm-delete-icon op-icon vh" alt="" title="{% trans "Delete" %}" />
+        <img src="{{ MEDIA_URL }}img/rm.png" class="delete-icon op-icon vh" alt="" title="{% trans "Delete" %}" />
     </td>
 </script>
 <script type="text/template" id="folder-perm-popup-tmpl">
diff --git a/seahub/urls.py b/seahub/urls.py
index e1d3532ec3..44c0d37e64 100644
--- a/seahub/urls.py
+++ b/seahub/urls.py
@@ -177,8 +177,11 @@ urlpatterns = patterns('',
 
     url(r'^_templates/(?P<template>.*)$', underscore_template, name="underscore_template"),
 
+
     ## ajax lib
     url(r'^ajax/lib/(?P<repo_id>[-0-9a-f]{36})/dir/$', list_lib_dir, name="list_lib_dir"),
+    url(r'^ajax/lib/(?P<repo_id>[-0-9a-f]{36})/dir-user-share-items/$', get_dir_user_share_items, name='get_dir_user_share_items'),
+    url(r'^ajax/lib/(?P<repo_id>[-0-9a-f]{36})/dir-group-share-items/$', get_dir_group_share_items, name='get_dir_group_share_items'),
 
     url(r'^ajax/unset-inner-pub-repo/(?P<repo_id>[-0-9a-f]{36})/$', ajax_unset_inner_pub_repo, name='ajax_unset_inner_pub_repo'),
 
diff --git a/seahub/views/ajax.py b/seahub/views/ajax.py
index 12637748a0..74fa02f7a4 100644
--- a/seahub/views/ajax.py
+++ b/seahub/views/ajax.py
@@ -16,7 +16,8 @@ from django.contrib import messages
 from django.template.defaultfilters import filesizeformat
 
 import seaserv
-from seaserv import seafile_api, seafserv_rpc, is_passwd_set, \
+from seaserv.api import seafile_api
+from seaserv import seafserv_rpc, is_passwd_set, \
     get_related_users_by_repo, get_related_users_by_org_repo, \
     CALC_SHARE_USAGE, seafserv_threaded_rpc, ccnet_threaded_rpc, \
     get_user_quota_usage, get_user_share_usage, edit_repo, \
@@ -2708,3 +2709,86 @@ def ajax_unset_inner_pub_repo(request, repo_id):
     except SearpcError:
         return HttpResponse(json.dumps({"error": _('Internal server error')}),
                 status=500, content_type=content_type)
+
+@login_required_ajax
+def get_dir_user_share_items(request, repo_id):
+    """
+    Get share items for a dir: share to users
+    """
+    content_type = 'application/json; charset=utf-8'
+    result = {}
+
+    repo = get_repo(repo_id)
+    if not repo:
+        result["error"] = _('Library does not exist.')
+        return HttpResponse(json.dumps(result),
+                            status=400, content_type=content_type)
+
+    path = request.GET.get('p', None)
+    if not path:
+        result["error"] = _(u'Argument missing')
+        return HttpResponse(json.dumps(result),
+                status=400, content_type=content_type)
+
+    user = request.user.username
+    try:
+        if path == '/':
+            share_items = seafile_api.list_repo_shared_to(user, repo_id)
+        else:
+            share_items = seafile_api.get_shared_users_for_subdir(repo_id, path, user)
+
+        share_items_ = []
+        for item in share_items:
+            share_item = {
+                "user": item.user,
+                "user_name": email2nickname(item.user),
+                "perm": item.perm,
+            }
+            share_items_.append(share_item)
+        return HttpResponse(json.dumps(share_items_), content_type=content_type)
+    except SearpcError, e:
+        logger.error(e)
+        result["error"] = _('Internal server error')
+        return HttpResponse(json.dumps(result), status=500, content_type=content_type)
+
+@login_required_ajax
+def get_dir_group_share_items(request, repo_id):
+    """
+    Get share items for a dir: share to groups
+
+    """
+    content_type = 'application/json; charset=utf-8'
+    result = {}
+
+    repo = get_repo(repo_id)
+    if not repo:
+        result["error"] = _('Library does not exist.')
+        return HttpResponse(json.dumps(result),
+                            status=400, content_type=content_type)
+
+    path = request.GET.get('p', None)
+    if not path:
+        result["error"] = _(u'Argument missing')
+        return HttpResponse(json.dumps(result),
+                status=400, content_type=content_type)
+
+    user = request.user.username
+    try:
+        if path == '/':
+            share_items = seafile_api.list_repo_shared_group(user, repo_id)
+        else:
+            share_items = seafile_api.get_shared_groups_for_subdir(repo_id, path, user)
+
+        share_items_ = []
+        for item in share_items:
+            share_item = {
+                "group_id": item.group_id,
+                "group_name": get_group(item.group_id).group_name,
+                "perm": item.perm,
+            }
+            share_items_.append(share_item)
+        return HttpResponse(json.dumps(share_items_), content_type=content_type)
+    except SearpcError, e:
+        logger.error(e)
+        result["error"] = _('Internal server error')
+        return HttpResponse(json.dumps(result), status=500, content_type=content_type)
diff --git a/static/scripts/app/views/folder-perm-item.js b/static/scripts/app/views/folder-perm-item.js
index c943582a6b..9978e2daab 100644
--- a/static/scripts/app/views/folder-perm-item.js
+++ b/static/scripts/app/views/folder-perm-item.js
@@ -29,7 +29,7 @@ define([
             'mouseleave': 'hidePermOpIcons',
             'click .perm-edit-icon': 'editIconClick',
             'change .perm-toggle-select': 'editPerm',
-            'click .perm-delete-icon': 'deletePerm'
+            'click .delete-icon': 'deletePerm'
         },
 
         showPermOpIcons: function () {
@@ -54,15 +54,15 @@ define([
                 'path': this.path,
                 'type': 'modify'
             };
-            var is_user_perm = this.item_data.is_user_perm;
-            if (is_user_perm) {
+            var for_user = this.item_data.for_user;
+            if (for_user) {
                 $.extend(post_data, {'user': this.item_data.user});
             } else {
                 $.extend(post_data, {'group_id': this.item_data.group_id});
             }
             $.ajax({
                 url: Common.getUrl({
-                    name: is_user_perm ? 'set_user_folder_perm' : 'set_group_folder_perm',
+                    name: for_user ? 'set_user_folder_perm' : 'set_group_folder_perm',
                     repo_id: this.repo_id
                 }),
                 type: 'POST',
@@ -81,7 +81,7 @@ define([
                     } else {
                         err = gettext("Failed. Please check the network.");
                     }
-                    if (is_user_perm) {
+                    if (for_user) {
                         $('#user-folder-perm .error').html(err).removeClass('hide');
                     } else {
                         $('#group-folder-perm .error').html(err).removeClass('hide');
@@ -97,15 +97,15 @@ define([
                 'path': this.path,
                 'type': 'delete'
             };
-            var is_user_perm = this.item_data.is_user_perm;
-            if (is_user_perm) {
+            var for_user = this.item_data.for_user;
+            if (for_user) {
                 $.extend(post_data, {'user': this.item_data.user});
             } else {
                 $.extend(post_data, {'group_id': this.item_data.group_id});
             }
             $.ajax({
                 url: Common.getUrl({
-                    name: is_user_perm ? 'set_user_folder_perm' : 'set_group_folder_perm',
+                    name: for_user ? 'set_user_folder_perm' : 'set_group_folder_perm',
                     repo_id: this.repo_id
                 }),
                 type: 'POST',
@@ -123,7 +123,7 @@ define([
                     } else {
                         err = gettext("Failed. Please check the network.");
                     }
-                    if (is_user_perm) {
+                    if (for_user) {
                         $('#user-folder-perm .error').html(err).removeClass('hide');
                     } else {
                         $('#group-folder-perm .error').html(err).removeClass('hide');
diff --git a/static/scripts/app/views/folder-perm.js b/static/scripts/app/views/folder-perm.js
index 76afdecbf3..1071ff954c 100644
--- a/static/scripts/app/views/folder-perm.js
+++ b/static/scripts/app/views/folder-perm.js
@@ -72,7 +72,7 @@ define([
                         var perm_item = new FolderPermItemView({
                             'repo_id': _this.repo_id,
                             'path': _this.path,
-                            'item_data':$.extend(item, {'is_user_perm': true})
+                            'item_data':$.extend(item, {'for_user': true})
                         });
                         $add_user_perm.after(perm_item.el);
                     });
@@ -81,7 +81,7 @@ define([
                         var perm_item = new FolderPermItemView({
                             'repo_id': _this.repo_id,
                             'path': _this.path,
-                            'item_data':$.extend(item, {'is_user_perm': false})
+                            'item_data':$.extend(item, {'for_user': false})
                         });
                         $add_group_perm.after(perm_item.el);
                     });
@@ -139,7 +139,7 @@ define([
                                 'user': email,
                                 'user_name': item.user_name,
                                 'perm': perm,
-                                'is_user_perm': true
+                                'for_user': true
                             }
                         });
                         form.after(perm_item.el);
@@ -188,7 +188,7 @@ define([
                             'repo_id': _this.repo_id,
                             'path': _this.path,
                             'item_data': {
-                                'is_user_perm': false,
+                                'for_user': false,
                                 'perm': perm,
                                 'group_id': item.group_id,
                                 'group_name': item.group_name
diff --git a/static/scripts/app/views/folder-share-item.js b/static/scripts/app/views/folder-share-item.js
new file mode 100644
index 0000000000..2af626e6c4
--- /dev/null
+++ b/static/scripts/app/views/folder-share-item.js
@@ -0,0 +1,96 @@
+define([
+    'jquery',
+    'underscore',
+    'backbone',
+    'common'
+], function($, _, Backbone, Common) {
+    'use strict';
+
+    var FolderShareItemView = Backbone.View.extend({
+        tagName: 'tr',
+
+        template: _.template($('#folder-perm-item-tmpl').html()),
+
+        initialize: function(options) {
+            this.item_data = options.item_data;
+            this.repo_id = options.repo_id;
+            this.path = options.path;
+
+            this.render();
+        },
+
+        render: function () {
+            this.$el.html(this.template(this.item_data));
+            return this;
+        },
+
+        events: {
+            'mouseenter': 'showOpIcons',
+            'mouseleave': 'hideOpIcons',
+            'click .perm-edit-icon': 'editIconClick',
+            'change .perm-toggle-select': 'editPerm',
+            'click .delete-icon': 'del'
+        },
+
+        showOpIcons: function () {
+            this.$el.find('.op-icon').removeClass('vh');
+        },
+
+        hideOpIcons: function () {
+            this.$el.find('.op-icon').addClass('vh');
+        },
+
+        editIconClick: function (e) {
+            $(e.currentTarget).closest('td')
+                .find('.perm').addClass('hide').end()
+                .find('.perm-toggle-select').removeClass('hide');
+        },
+
+        editPerm: function (e) {
+            var _this = this;
+            var item_data = this.item_data;
+            var for_user = item_data.for_user;
+            var share_type = for_user ? 'personal' : 'group';
+            var perm = $(e.currentTarget).val();
+            var post_data = {
+                repo_id: this.repo_id,
+                email_or_group: for_user ? item_data.user : item_data.group_id,
+                permission: perm 
+            };
+
+            $.ajax({
+                url: Common.getUrl({
+                    name: 'share_permission_admin' 
+                }) + '?share_type=' + share_type,
+                type: 'POST',
+                dataType: 'json',
+                cache: false,
+                beforeSend: Common.prepareCSRFToken,
+                data: post_data,
+                success: function() {
+                    item_data.perm = perm;
+                    _this.render();
+                },
+                error: function(xhr) {
+                    var err;
+                    if (xhr.responseText) {
+                        err = $.parseJSON(xhr.responseText).error;
+                    } else {
+                        err = gettext("Failed. Please check the network.");
+                    }
+                    if (share_type == 'personal') {
+                        $('#dir-user-share .error').html(err).removeClass('hide');
+                    } else {
+                        $('#dir-group-group .error').html(err).removeClass('hide');
+                    }
+                }
+            });
+        },
+
+        del: function () {
+        }
+
+    });
+
+    return FolderShareItemView;
+});
diff --git a/static/scripts/app/views/share.js b/static/scripts/app/views/share.js
index 870ed0c51f..eebd37c48d 100644
--- a/static/scripts/app/views/share.js
+++ b/static/scripts/app/views/share.js
@@ -4,8 +4,9 @@ define([
     'backbone',
     'common',
     'jquery.ui.tabs',
-    'select2'
-], function($, _, Backbone, Common, Tabs, Select2) {
+    'select2',
+    'app/views/folder-share-item'
+], function($, _, Backbone, Common, Tabs, Select2, FolderShareItemView) {
     'use strict';
 
     var SharePopupView = Backbone.View.extend({
@@ -45,7 +46,8 @@ define([
                     this.uploadLinkPanelInit();
                 }
                 if (!this.is_virtual && this.is_repo_owner) {
-                    this.dirPrivateSharePanelInit();
+                    this.dirUserSharePanelInit();
+                    this.dirGroupSharePanelInit();
                 }
             }
         },
@@ -88,7 +90,8 @@ define([
             'submit #file-private-share-form': 'filePrivateShare',
 
             // dir private share
-            'submit #dir-private-share-form': 'dirPrivateShare'
+            'click #add-dir-user-share-item .submit': 'dirUserShare',
+            'click #add-dir-group-share-item .submit': 'dirGroupShare'
         },
 
         highlightCheckbox: function (e) {
@@ -458,14 +461,44 @@ define([
             return false;
         },
 
-        dirPrivateSharePanelInit: function() {
-            // no 'share to all'
-            var form = this.$('#dir-private-share-form');
+        dirUserSharePanelInit: function() {
+            var form = this.$('#dir-user-share');
 
             $('[name="emails"]', form).select2($.extend({
-                width: '400px'
+                width: '297px'
             },Common.contactInputOptionsForSelect2()));
 
+            // show existing items
+            var $add_item = $('#add-dir-user-share-item');
+            var repo_id = this.repo_id, 
+                path = this.dirent_path;
+            Common.ajaxGet({
+                'get_url': Common.getUrl({
+                    name: 'get_dir_user_share_items',
+                    repo_id: repo_id
+                }), 
+                'data': {'p': path},
+                'after_op_success': function (data) {
+                    $(data).each(function(index, item) {
+                        var new_item = new FolderShareItemView({
+                            'repo_id': repo_id,
+                            'path': path,
+                            'item_data':$.extend(item, {
+                                'for_user': true
+                            })
+                        }); 
+                        $add_item.after(new_item.el);
+                    }); 
+                }
+            }); 
+
+            form.removeClass('hide');
+            this.$('.loading-tip').hide();
+        },
+
+        dirGroupSharePanelInit: function() {
+            var form = this.$('#dir-group-share');
+
             var groups = app.pageOptions.groups || [];
             var g_opts = '';
             for (var i = 0, len = groups.length; i < len; i++) {
@@ -473,48 +506,117 @@ define([
             }
             $('[name="groups"]', form).html(g_opts).select2({
                 placeholder: gettext("Select groups"),
-                width: '400px',
+                width: '297px',
                 escapeMarkup: function(m) { return m; }
             });
 
+            // show existing items
+            var $add_item = $('#add-dir-group-share-item');
+            var repo_id = this.repo_id, 
+                path = this.dirent_path;
+            Common.ajaxGet({
+                'get_url': Common.getUrl({
+                    name: 'get_dir_group_share_items',
+                    repo_id: repo_id
+                }), 
+                'data': {'p': path},
+                'after_op_success': function (data) {
+                    $(data).each(function(index, item) {
+                        var new_item = new FolderShareItemView({
+                            'repo_id': repo_id,
+                            'path': path,
+                            'item_data': $.extend(item, {
+                                'for_user': false
+                            })
+                        }); 
+                        $add_item.after(new_item.el);
+                    });
+                }   
+            }); 
+
             form.removeClass('hide');
             this.$('.loading-tip').hide();
         },
 
-        dirPrivateShare: function () {
-            var form = this.$('#dir-private-share-form'),
+        dirUserShare: function () {
+            var form = this.$('#add-dir-user-share-item'),
                 form_id = form.attr('id');
 
-            var emails = $('[name="emails"]', form).val(), // string
-                groups = $('[name="groups"]', form).val(); // null or [group.id]
-
-            if (!emails && !groups) {
-                Common.showFormError(form_id, gettext("Please select a contact or a group."));
+            var emails_input = $('[name="emails"]', form),
+                emails = emails_input.val(); // string
+            if (!emails) {
                 return false;
             }
 
+            var $add_item = $('#add-dir-user-share-item');
+            var repo_id = this.repo_id, 
+                path = this.dirent_path;
+            var perm = $('[name="permission"]', form).val();
             var post_data = {
-                'repo_id': this.repo_id,
-                'path': this.dirent_path
+                'repo_id': repo_id,
+                'path': path,
+                'emails': emails,
+                'perm': perm 
             };
-            if (emails) {
-                post_data['emails'] = emails;
-            }
-            if (groups) {
-                post_data['groups'] = groups.join(',');
-            }
-            post_data['perm'] = $('[name="permission"]', form).val();
-            var post_url = Common.getUrl({name: 'private_share_dir'});
+            var post_url = Common.getUrl({name: 'private_share_dir'}); // TODO: modify url
             var after_op_success = function(data) {
-                $.modal.close();
-                var msg = gettext("Successfully shared to {placeholder}")
-                    .replace('{placeholder}', Common.HTMLescape(data['shared_success'].join(', ')));
-                Common.feedback(msg, 'success');
-                if (data['shared_failed'].length > 0) {
-                    msg += '<br />' + gettext("Failed to share to {placeholder}")
-                        .replace('{placeholder}', Common.HTMLescape(data['shared_failed'].join(', ')));
-                    Common.feedback(msg, 'info');
-                }
+                $(data).each(function(index, item) {
+                    var new_item = new FolderShareItemView({
+                        'repo_id': repo_id,
+                        'path': path,
+                        'item_data': $.extend(item, {
+                            'for_user': false
+                        })
+                    }); 
+                    $add_item.after(new_item.el);
+                });
+                emails_input.select2("val", "");
+            };
+
+            Common.ajaxPost({
+                'form': form,
+                'post_url': post_url,
+                'post_data': post_data,
+                'after_op_success': after_op_success,
+                'form_id': form_id
+            });
+            return false;
+        },
+
+        dirGroupShare: function () {
+            var form = this.$('#add-dir-group-share-item'),
+                form_id = form.attr('id');
+
+            var groups_input = $('[name="groups"]', form),
+                groups = groups_input.val(); // null or [group.id]
+
+            if (!groups) {
+                return false;
+            }
+
+            var $add_item = $('#add-dir-group-share-item');
+            var repo_id = this.repo_id, 
+                path = this.dirent_path;
+            var perm = $('[name="permission"]', form).val();
+            var post_data = {
+                'repo_id': repo_id,
+                'path': path,
+                'groups': groups.join(','),
+                'perm': perm 
+            };
+            var post_url = Common.getUrl({name: 'private_share_dir'}); // TODO: modify url
+            var after_op_success = function(data) {
+                $(data).each(function(index, item) {
+                    var new_item = new FolderShareItemView({
+                        'repo_id': repo_id,
+                        'path': path,
+                        'item_data': $.extend(item, {
+                            'for_user': false
+                        })
+                    }); 
+                    $add_item.after(new_item.el);
+                });
+                groups_input.select2("val", "");
             };
 
             Common.ajaxPost({
@@ -526,6 +628,7 @@ define([
             });
             return false;
         }
+
     });
 
     return SharePopupView;
diff --git a/static/scripts/common.js b/static/scripts/common.js
index 92ee71cfdf..d1c35ae8a4 100644
--- a/static/scripts/common.js
+++ b/static/scripts/common.js
@@ -113,6 +113,9 @@ define([
               case 'starred_files': return siteRoot + 'api2/starredfiles/';
               case 'shared_repos': return siteRoot + 'api2/shared-repos/' + options.repo_id + '/';
               case 'search_user': return siteRoot + 'api2/search-user/';
+              case 'share_permission_admin': return siteRoot + 'share/permission_admin/';
+              case 'get_dir_user_share_items': return siteRoot + 'ajax/lib/' + options.repo_id + '/dir-user-share-items/';
+              case 'get_dir_group_share_items': return siteRoot + 'ajax/lib/' + options.repo_id + '/dir-group-share-items/';
             }
         },
 

From beee7a8fa601ad07032a7644d6980888cb2ee896 Mon Sep 17 00:00:00 2001
From: zhengxie <xiez1989@gmail.com>
Date: Mon, 29 Jun 2015 17:03:40 +0800
Subject: [PATCH 07/13] [api] WIP: add dir shared items endpoint

Conflicts:
	seahub/test_utils.py
---
 seahub/api2/urls.py      |   1 +
 seahub/api2/views.py     | 211 +++++++++++++++++++++++++++++++++++++++
 seahub/test_utils.py     |  10 +-
 tests/api/test_shares.py |  96 ++++++++++++++++++
 4 files changed, 315 insertions(+), 3 deletions(-)

diff --git a/seahub/api2/urls.py b/seahub/api2/urls.py
index 4b3214b049..34fdbd45f0 100644
--- a/seahub/api2/urls.py
+++ b/seahub/api2/urls.py
@@ -40,6 +40,7 @@ urlpatterns = patterns('',
     url(r'^repos/(?P<repo_id>[-0-9-a-f]{36})/dir/$', DirView.as_view(), name='DirView'),
     url(r'^repos/(?P<repo_id>[-0-9-a-f]{36})/dir/sub_repo/$', DirSubRepoView.as_view()),
     url(r'^repos/(?P<repo_id>[-0-9-a-f]{36})/dir/share/$', DirShareView.as_view()),
+    url(r'^repos/(?P<repo_id>[-0-9-a-f]{36})/dir/shared_items/$', DirSharedItemsView.as_view()),
     url(r'^repos/(?P<repo_id>[-0-9-a-f]{36})/dir/download/$', DirDownloadView.as_view()),
     url(r'^repos/(?P<repo_id>[-0-9-a-f]{36})/thumbnail/$', ThumbnailView.as_view(), name='api2-thumbnail'),
     url(r'^starredfiles/', StarredFileView.as_view(), name='starredfiles'),
diff --git a/seahub/api2/views.py b/seahub/api2/views.py
index 6475e66738..46a8abd4c8 100644
--- a/seahub/api2/views.py
+++ b/seahub/api2/views.py
@@ -61,6 +61,7 @@ from seahub.views.modules import get_wiki_enabled_group_list
 from seahub.shortcuts import get_first_object_or_none
 from seahub.signals import repo_created, share_file_to_user_successful
 from seahub.share.models import PrivateFileDirShare, FileShare, OrgFileShare
+from seahub.share.signals import share_repo_to_user_successful
 from seahub.share.views import list_shared_repos
 from seahub.utils import gen_file_get_url, gen_token, gen_file_upload_url, \
     check_filename_with_rename, is_valid_username, EVENTS_ENABLED, \
@@ -2248,6 +2249,216 @@ class DirShareView(APIView):
             share_file_to_user_successful.send(sender=None, priv_share_obj=pfds)
         return HttpResponse(json.dumps({}), status=200, content_type=json_content_type)
 
+
+class DirSharedItemsView(APIView):
+    authentication_classes = (TokenAuthentication, SessionAuthentication)
+    permission_classes = (IsAuthenticated,)
+    throttle_classes = (UserRateThrottle, )
+
+    def list_user_shared_items(self, request, repo_id, path):
+        username = request.user.username
+        if path == '/':
+            share_items = seafile_api.list_repo_shared_to(username, repo_id)
+        else:
+            share_items = seafile_api.get_shared_users_for_subdir(repo_id,
+                                                                  path, username)
+        ret = []
+        for item in share_items:
+            ret.append({
+                "share_type": "user",
+                "user_info": {
+                    "name": item.user,
+                    "nickname": email2nickname(item.user),
+                },
+                "perm": item.perm,
+            })
+        return ret
+
+    def list_group_shared_items(self, request, repo_id, path):
+        return []
+
+    def add_user_shared_item(self, request, repo_id, path):
+        pass
+
+    def handle_shared_to_args(self, request):
+        share_type = request.GET.get('share_type', None)
+        shared_to_user = False
+        shared_to_group = False
+        if share_type:
+            for e in share_type.split(','):
+                e = e.strip()
+                if e not in ['user', 'group']:
+                    continue
+                if e == 'user':
+                    shared_to_user = True
+                if e == 'group':
+                    shared_to_group = True
+        else:
+            shared_to_user = True
+            shared_to_group = True
+
+        return (shared_to_user, shared_to_group)
+
+    def get_sub_repo_by_path(self, request, repo, path):
+        if path == '/':
+            raise Exception("Invalid path")
+
+        # get or create sub repo
+        username = request.user.username
+        if is_org_context(request):
+            org_id = request.user.org.org_id
+            sub_repo = seaserv.seafserv_threaded_rpc.get_org_virtual_repo(
+                org_id, repo.id, path, username)
+        else:
+            sub_repo = seafile_api.get_virtual_repo(repo.id, path, username)
+
+        return sub_repo
+
+    def get_or_create_sub_repo_by_path(self, request, repo, path):
+        username = request.user.username
+        sub_repo = self.get_sub_repo_by_path(request, repo, path)
+        if not sub_repo:
+            name = os.path.basename(path)
+            # create a sub-lib,
+            # use name as 'repo_name' & 'repo_desc' for sub_repo
+            if is_org_context(request):
+                org_id = request.user.org.org_id
+                sub_repo_id = seaserv.seafserv_threaded_rpc.create_org_virtual_repo(
+                    org_id, repo.id, path, name, name, username)
+            else:
+                sub_repo_id = seafile_api.create_virtual_repo(repo.id, path,
+                                                              name, name, username)
+            sub_repo = seafile_api.get_repo(sub_repo_id)
+
+        return sub_repo
+
+    def get(self, request, repo_id, format=None):
+        repo = get_repo(repo_id)
+        if not repo:
+            return api_error(status.HTTP_400_BAD_REQUEST, 'Repo not found.')
+
+        shared_to_user, shared_to_group = self.handle_shared_to_args(request)
+
+        path = request.GET.get('p', '/')
+        if seafile_api.get_dir_id_by_path(repo.id, path) is None:
+            return api_error(status.HTTP_400_BAD_REQUEST, 'Directory not found.')
+
+        ret = []
+        if shared_to_user:
+            ret += self.list_user_shared_items(request, repo_id, path)
+
+        if shared_to_group:
+            ret += self.list_group_shared_items(request, repo_id, path)
+
+        return HttpResponse(json.dumps(ret), status=200,
+                            content_type=json_content_type)
+
+    def post(self, request, repo_id, format=None):
+        return HttpResponse(json.dumps([{'foo': 'bar'}]), status=200,
+                            content_type=json_content_type)
+
+    def put(self, request, repo_id, format=None):
+        username = request.user.username
+        repo = get_repo(repo_id)
+        if not repo:
+            return api_error(status.HTTP_400_BAD_REQUEST, 'Repo not found.')
+
+        # TODO: perm check, quota check
+
+        path = request.GET.get('p', '/')
+        if seafile_api.get_dir_id_by_path(repo.id, path) is None:
+            return api_error(status.HTTP_400_BAD_REQUEST, 'Directory not found.')
+
+        if path != '/':
+            try:
+                sub_repo = self.get_sub_repo_by_path(request, repo, path)
+            except SearpcError as e:
+                logger.error(e)
+                return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, 'Failed to get sub repo')
+        else:
+            sub_repo = None
+
+        share_type = request.DATA.get('share_type')
+        if share_type != 'user' and share_type != 'group':
+            return api_error(status.HTTP_400_BAD_REQUEST, 'Bad share type')
+
+        permission = request.DATA.get('permission', 'r')
+        if permission not in ['r', 'rw']:
+            return api_error(status.HTTP_400_BAD_REQUEST, 'Bad permission')
+
+        shared_repo = repo if path == '/' else sub_repo
+        success, failed = [], []
+        if share_type == 'user':
+            share_to_users = request.DATA.getlist('username')
+            for to_user in share_to_users:
+                try:
+                    if is_org_context(request):
+                        org_id = request.user.org.org_id
+                        # org_share_repo(org_id, shared_repo.id, username, to_user, permission)
+                    else:
+                        seafile_api.share_repo(shared_repo.repo_id, username, to_user, permission)
+                    # send a signal when sharing repo successful
+                    share_repo_to_user_successful.send(sender=None,
+                                                       from_user=username,
+                                                       to_user=to_user,
+                                                       repo=shared_repo)
+                    success.append(to_user)
+                except SearpcError as e:
+                    logger.error(e)
+                    failed.append(to_user)
+                    continue
+
+        if share_type == 'group':
+            pass
+
+        return HttpResponse(json.dumps({
+            "shared_success": success,
+            "shared_failed": failed
+        }), status=200, content_type=json_content_type)
+
+    def delete(self, request, repo_id, format=None):
+        username = request.user.username
+        repo = get_repo(repo_id)
+        if not repo:
+            return api_error(status.HTTP_400_BAD_REQUEST, 'Repo not found.')
+
+        shared_to_user, shared_to_group = self.handle_shared_to_args(request)
+
+        path = request.GET.get('p', '/')
+        if seafile_api.get_dir_id_by_path(repo.id, path) is None:
+            return api_error(status.HTTP_400_BAD_REQUEST, 'Directory not found.')
+
+        if path == '/':
+            shared_repo = repo
+        else:
+            try:
+                sub_repo = self.get_sub_repo_by_path(request, repo, path)
+                if sub_repo:
+                    shared_repo = sub_repo
+                else:
+                    return api_error(status.HTTP_400_BAD_REQUEST, 'No sub repo found')
+            except SearpcError as e:
+                logger.error(e)
+                return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, 'Failed to get sub repo')
+
+        if shared_to_user:
+            shared_to = request.GET.get('username')
+            if shared_to is None or not is_valid_username(shared_to):
+                return api_error(status.HTTP_400_BAD_REQUEST, 'Bad argument.')
+
+            if is_org_context(request):
+                org_id = request.user.org.org_id
+                # org_remove_share(org_id, repo_id, from_email, shared_to)
+            else:
+                seaserv.remove_share(shared_repo.id, username, shared_to)
+
+        if shared_to_group:
+            pass
+
+        return HttpResponse(json.dumps([{'success': True}]), status=200,
+                            content_type=json_content_type)
+
+
 class DirSubRepoView(APIView):
     authentication_classes = (TokenAuthentication, )
     permission_classes = (IsAuthenticated,)
diff --git a/seahub/test_utils.py b/seahub/test_utils.py
index feb71a2fb7..28b56ccb97 100644
--- a/seahub/test_utils.py
+++ b/seahub/test_utils.py
@@ -54,7 +54,9 @@ class Fixtures(Exam):
 
         return User.objects.create_user(password='secret', **kwargs)
 
-    def remove_user(self, email, source="DB"):
+    def remove_user(self, email=None, source="DB"):
+        if not email:
+            email = self.user.username
         ccnet_threaded_rpc.remove_emailuser(email, source)
 
     def create_repo(self, **kwargs):
@@ -62,8 +64,10 @@ class Fixtures(Exam):
                                           'test@test.com', None)
         return repo_id
 
-    def remove_repo(self):
-        return seafile_api.remove_repo(self.repo.id)
+    def remove_repo(self, repo_id=None):
+        if not repo_id:
+            repo_id = self.repo.id
+        return seafile_api.remove_repo(repo_id)
 
     def create_file(self, **kwargs):
         seafile_api.post_empty_file(**kwargs)
diff --git a/tests/api/test_shares.py b/tests/api/test_shares.py
index 267cfceb6f..cbaec300b8 100644
--- a/tests/api/test_shares.py
+++ b/tests/api/test_shares.py
@@ -1,5 +1,12 @@
 #coding: UTF-8
+import json
 
+from django.core.urlresolvers import reverse
+from django.test import TestCase
+
+from seaserv import seafile_api
+
+from seahub.test_utils import Fixtures
 from tests.common.utils import urljoin
 from tests.api.apitestbase import ApiTestBase
 from tests.api.urls import SHARED_LINKS_URL, SHARED_LIBRARIES_URL, \
@@ -28,3 +35,92 @@ class SharesApiTest(ApiTestBase):
                 self.assertIsNotNone(fileshare['token'])
                 self.assertIsNotNone(fileshare['view_cnt'])
                 self.assertIsNotNone(fileshare['path'])
+
+
+class DirSharedItemsTest(TestCase, Fixtures):
+    def setUp(self):
+        self.folder_path = self.folder
+        sub_repo_id = seafile_api.create_virtual_repo(self.repo.id,
+                                                      self.folder_path,
+                                                      self.repo.name, '',
+                                                      self.user.username)
+        # A user shares a folder to admin with permission 'rw.
+        seafile_api.share_repo(sub_repo_id, self.user.username,
+                               self.admin.username, 'rw')
+
+    def tearDown(self):
+        self.remove_repo()
+
+    def _login_as(self, user):
+        self.client.post(
+            reverse('auth_login'), {'username': self.user.username,
+                                    'password': 'secret'}
+        )
+
+    def test_can_list_all(self):
+        self._login_as(self.user)
+
+        resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user,group' % (
+            self.repo.id,
+            self.folder_path))
+
+        self.assertEqual(200, resp.status_code)
+        json_resp = json.loads(resp.content)
+        assert len(json_resp) == 1
+        assert self.admin.username == json_resp[0]['user_info']['name']
+
+    def test_can_list_without_share_type_arg(self):
+        self._login_as(self.user)
+
+        resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s' % (
+            self.repo.id,
+            self.folder_path))
+
+        self.assertEqual(200, resp.status_code)
+        json_resp = json.loads(resp.content)
+        assert len(json_resp) == 1
+        assert self.admin.username == json_resp[0]['user_info']['name']
+
+    def test_can_add(self):
+        self._login_as(self.user)
+
+        resp = self.client.put(
+            '/api2/repos/%s/dir/shared_items/?p=%s' % (self.repo.id,
+                                                       self.folder_path),
+            "share_type=user&username=a@a.com&username=b@b.com",
+            'application/x-www-form-urlencoded',
+        )
+        self.assertEqual(200, resp.status_code)
+        json_resp = json.loads(resp.content)
+        assert 'a@a.com' in json_resp['shared_success']
+        assert 'b@b.com' in json_resp['shared_success']
+
+    def test_can_update(self):
+        self._login_as(self.user)
+
+        resp = self.client.post('/api2/repos/%s/dir/shared_items/?p=%s' % (
+            self.repo.id,
+            self.folder_path), {
+
+            }
+        )
+        print resp
+
+    def test_can_delete(self):
+        self._login_as(self.user)
+
+        resp = self.client.delete('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user&username=%s' % (
+            self.repo.id,
+            self.folder_path,
+            self.admin.username
+        ))
+        self.assertEqual(200, resp.status_code)
+        json_resp = json.loads(resp.content)
+        assert json_resp[0]['success'] is True
+
+        resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user,group' % (
+            self.repo.id,
+            self.folder_path))
+
+        json_resp = json.loads(resp.content)
+        assert len(json_resp) == 0

From 0a13dd88bb7f2782ba1f91dc0d1676d8b76221d4 Mon Sep 17 00:00:00 2001
From: llj <lingjun.li1@gmail.com>
Date: Wed, 1 Jul 2015 18:28:14 +0800
Subject: [PATCH 08/13] [dir private share] dir shared items: modified
 'list/add', add 'delete'

---
 static/scripts/app/views/folder-share-item.js |  23 +++
 static/scripts/app/views/share.js             | 160 ++++++++++--------
 static/scripts/common.js                      |   7 +-
 3 files changed, 119 insertions(+), 71 deletions(-)

diff --git a/static/scripts/app/views/folder-share-item.js b/static/scripts/app/views/folder-share-item.js
index 2af626e6c4..f3623cb833 100644
--- a/static/scripts/app/views/folder-share-item.js
+++ b/static/scripts/app/views/folder-share-item.js
@@ -88,6 +88,29 @@ define([
         },
 
         del: function () {
+            var _this = this;
+            var item_data = this.item_data;
+            var url = Common.getUrl({
+                    name: 'dir_shared_items',
+                    repo_id: this.repo_id
+                }) + '?p=' + encodeURIComponent(this.path);
+            if (item_data.for_user) {
+                url += '&share_type=user&username=' + encodeURIComponent(item_data.user);
+            } else {
+                url += '&share_type=group&username=' + encodeURIComponent(item_data.group_id);
+            }
+            $.ajax({
+                url: url,
+                dataType: 'json',
+                method: 'DELETE',
+                beforeSend: Common.prepareCSRFToken,
+                success: function () {
+                    _this.remove();
+                },
+                error: {
+                    // TODO
+                }
+            });
         }
 
     });
diff --git a/static/scripts/app/views/share.js b/static/scripts/app/views/share.js
index eebd37c48d..c03dcbd7fd 100644
--- a/static/scripts/app/views/share.js
+++ b/static/scripts/app/views/share.js
@@ -474,18 +474,24 @@ define([
                 path = this.dirent_path;
             Common.ajaxGet({
                 'get_url': Common.getUrl({
-                    name: 'get_dir_user_share_items',
+                    name: 'dir_shared_items',
                     repo_id: repo_id
                 }), 
-                'data': {'p': path},
+                'data': {
+                    'p': path,
+                    'share_type': 'user'
+                },
                 'after_op_success': function (data) {
                     $(data).each(function(index, item) {
                         var new_item = new FolderShareItemView({
                             'repo_id': repo_id,
                             'path': path,
-                            'item_data':$.extend(item, {
+                            'item_data': {
+                                "user": item.user_info.name,
+                                "user_name": item.user_info.nickname,
+                                "perm": item.permission,
                                 'for_user': true
-                            })
+                            }
                         }); 
                         $add_item.after(new_item.el);
                     }); 
@@ -516,19 +522,25 @@ define([
                 path = this.dirent_path;
             Common.ajaxGet({
                 'get_url': Common.getUrl({
-                    name: 'get_dir_group_share_items',
+                    name: 'dir_shared_items',
                     repo_id: repo_id
-                }), 
-                'data': {'p': path},
+                }),
+                'data': {
+                    'p': path,
+                    'share_type': 'group'
+                },
                 'after_op_success': function (data) {
                     $(data).each(function(index, item) {
                         var new_item = new FolderShareItemView({
                             'repo_id': repo_id,
                             'path': path,
-                            'item_data': $.extend(item, {
+                            'item_data': {
+                                "group_id": item.group_info.id,
+                                "group_name": item.group_info.name,
+                                "perm": item.permission,
                                 'for_user': false
-                            })
-                        }); 
+                            }
+                        });
                         $add_item.after(new_item.el);
                     });
                 }   
@@ -539,8 +551,7 @@ define([
         },
 
         dirUserShare: function () {
-            var form = this.$('#add-dir-user-share-item'),
-                form_id = form.attr('id');
+            var form = this.$('#add-dir-user-share-item');
 
             var emails_input = $('[name="emails"]', form),
                 emails = emails_input.val(); // string
@@ -552,40 +563,46 @@ define([
             var repo_id = this.repo_id, 
                 path = this.dirent_path;
             var perm = $('[name="permission"]', form).val();
-            var post_data = {
-                'repo_id': repo_id,
-                'path': path,
-                'emails': emails,
-                'perm': perm 
-            };
-            var post_url = Common.getUrl({name: 'private_share_dir'}); // TODO: modify url
-            var after_op_success = function(data) {
-                $(data).each(function(index, item) {
-                    var new_item = new FolderShareItemView({
-                        'repo_id': repo_id,
-                        'path': path,
-                        'item_data': $.extend(item, {
-                            'for_user': false
-                        })
-                    }); 
-                    $add_item.after(new_item.el);
-                });
-                emails_input.select2("val", "");
-            };
 
-            Common.ajaxPost({
-                'form': form,
-                'post_url': post_url,
-                'post_data': post_data,
-                'after_op_success': after_op_success,
-                'form_id': form_id
+            $.ajax({
+                url: Common.getUrl({
+                    name: 'dir_shared_items',
+                    repo_id: repo_id
+                }) + '?p=' + encodeURIComponent(path),
+                dataType: 'json',
+                method: 'PUT',
+                beforeSend: Common.prepareCSRFToken,
+                trandition: true,
+                data: {
+                    'share_type': 'user',
+                    'username': emails.split(','),
+                    'permission': perm
+                },
+                success: function(data) {
+                    // todo: those failed to share to
+                    $(data.success).each(function(index, item) {
+                        var new_item = new FolderShareItemView({
+                            'repo_id': repo_id,
+                            'path': path,
+                            'item_data': {
+                                "user": item.user_info.name,
+                                "user_name": item.user_info.nickname,
+                                "perm": item.permission,
+                                'for_user': true
+                            }
+                        });
+                        $add_item.after(new_item.el);
+                    });
+                    emails_input.select2("val", "");
+                },
+                error: function(xhr) {
+                    // todo
+                }
             });
-            return false;
         },
 
         dirGroupShare: function () {
-            var form = this.$('#add-dir-group-share-item'),
-                form_id = form.attr('id');
+            var form = this.$('#add-dir-group-share-item');
 
             var groups_input = $('[name="groups"]', form),
                 groups = groups_input.val(); // null or [group.id]
@@ -598,35 +615,42 @@ define([
             var repo_id = this.repo_id, 
                 path = this.dirent_path;
             var perm = $('[name="permission"]', form).val();
-            var post_data = {
-                'repo_id': repo_id,
-                'path': path,
-                'groups': groups.join(','),
-                'perm': perm 
-            };
-            var post_url = Common.getUrl({name: 'private_share_dir'}); // TODO: modify url
-            var after_op_success = function(data) {
-                $(data).each(function(index, item) {
-                    var new_item = new FolderShareItemView({
-                        'repo_id': repo_id,
-                        'path': path,
-                        'item_data': $.extend(item, {
-                            'for_user': false
-                        })
-                    }); 
-                    $add_item.after(new_item.el);
-                });
-                groups_input.select2("val", "");
-            };
 
-            Common.ajaxPost({
-                'form': form,
-                'post_url': post_url,
-                'post_data': post_data,
-                'after_op_success': after_op_success,
-                'form_id': form_id
+            $.ajax({
+                url: Common.getUrl({
+                    name: 'dir_shared_items',
+                    repo_id: repo_id
+                }) + '?p=' + encodeURIComponent(path),
+                dataType: 'json',
+                method: 'PUT',
+                beforeSend: Common.prepareCSRFToken,
+                trandition: true,
+                data: {
+                    'share_type': 'group',
+                    'group_id': groups,
+                    'permission': perm
+                },
+                success: function(data) {
+                    // todo: those failed to share to 
+                    $(data.success).each(function(index, item) {
+                        var new_item = new FolderShareItemView({
+                            'repo_id': repo_id,
+                            'path': path,
+                            'item_data': {
+                                "group_id": item.group_info.id,
+                                "group_name": item.group_info.name,
+                                "perm": item.permission,
+                                'for_user': false
+                            }
+                        });
+                        $add_item.after(new_item.el);
+                    });
+                    groups_input.select2("val", "");
+                },
+                error: function(xhr) {
+                    // todo 
+                }
             });
-            return false;
         }
 
     });
diff --git a/static/scripts/common.js b/static/scripts/common.js
index d1c35ae8a4..bcd43a0a08 100644
--- a/static/scripts/common.js
+++ b/static/scripts/common.js
@@ -95,7 +95,7 @@ define([
               case 'send_shared_upload_link': return siteRoot + 'share/upload_link/send/';
               case 'delete_shared_upload_link': return siteRoot + 'share/ajax/upload_link/remove/';
               case 'get_share_upload_link': return siteRoot + 'share/ajax/get-upload-link/';
-              case 'private_share_dir': return siteRoot + 'share/ajax/private-share-dir/';
+              //case 'private_share_dir': return siteRoot + 'share/ajax/private-share-dir/';
               case 'private_share_file': return siteRoot + 'share/ajax/private-share-file/';
               case 'get_popup_notices': return siteRoot + 'ajax/get_popup_notices/';
               case 'set_notices_seen': return siteRoot + 'ajax/set_notices_seen/';
@@ -114,8 +114,9 @@ define([
               case 'shared_repos': return siteRoot + 'api2/shared-repos/' + options.repo_id + '/';
               case 'search_user': return siteRoot + 'api2/search-user/';
               case 'share_permission_admin': return siteRoot + 'share/permission_admin/';
-              case 'get_dir_user_share_items': return siteRoot + 'ajax/lib/' + options.repo_id + '/dir-user-share-items/';
-              case 'get_dir_group_share_items': return siteRoot + 'ajax/lib/' + options.repo_id + '/dir-group-share-items/';
+              //case 'get_dir_user_share_items': return siteRoot + 'ajax/lib/' + options.repo_id + '/dir-user-share-items/';
+              //case 'get_dir_group_share_items': return siteRoot + 'ajax/lib/' + options.repo_id + '/dir-group-share-items/';
+              case 'dir_shared_items': return siteRoot + 'api2/repos/' + options.repo_id + '/dir/shared_items/';
             }
         },
 

From 7d6b84ecc524086f20047e9ce62bea5ab036e2a3 Mon Sep 17 00:00:00 2001
From: zhengxie <xiez1989@gmail.com>
Date: Wed, 1 Jul 2015 15:21:08 +0800
Subject: [PATCH 09/13] WIP: update return fields

---
 seahub/api2/views.py     | 17 ++++++++++++-----
 tests/api/test_shares.py |  6 +++---
 2 files changed, 15 insertions(+), 8 deletions(-)

diff --git a/seahub/api2/views.py b/seahub/api2/views.py
index 46a8abd4c8..2f4e8b261a 100644
--- a/seahub/api2/views.py
+++ b/seahub/api2/views.py
@@ -2270,7 +2270,7 @@ class DirSharedItemsView(APIView):
                     "name": item.user,
                     "nickname": email2nickname(item.user),
                 },
-                "perm": item.perm,
+                "permission": item.perm,
             })
         return ret
 
@@ -2402,7 +2402,14 @@ class DirSharedItemsView(APIView):
                                                        from_user=username,
                                                        to_user=to_user,
                                                        repo=shared_repo)
-                    success.append(to_user)
+                    success.append({
+                        "share_type": "user",
+                        "user_info": {
+                            "name": to_user,
+                            "nickname": email2nickname(to_user),
+                        },
+                        "permission": permission
+                    })
                 except SearpcError as e:
                     logger.error(e)
                     failed.append(to_user)
@@ -2412,8 +2419,8 @@ class DirSharedItemsView(APIView):
             pass
 
         return HttpResponse(json.dumps({
-            "shared_success": success,
-            "shared_failed": failed
+            "success": success,
+            "failed": failed
         }), status=200, content_type=json_content_type)
 
     def delete(self, request, repo_id, format=None):
@@ -2455,7 +2462,7 @@ class DirSharedItemsView(APIView):
         if shared_to_group:
             pass
 
-        return HttpResponse(json.dumps([{'success': True}]), status=200,
+        return HttpResponse(json.dumps({'success': True}), status=200,
                             content_type=json_content_type)
 
 
diff --git a/tests/api/test_shares.py b/tests/api/test_shares.py
index cbaec300b8..f3ad60802c 100644
--- a/tests/api/test_shares.py
+++ b/tests/api/test_shares.py
@@ -92,8 +92,8 @@ class DirSharedItemsTest(TestCase, Fixtures):
         )
         self.assertEqual(200, resp.status_code)
         json_resp = json.loads(resp.content)
-        assert 'a@a.com' in json_resp['shared_success']
-        assert 'b@b.com' in json_resp['shared_success']
+        assert len(json_resp['success']) == 2
+        assert json_resp['success'][0]['permission'] == 'r'
 
     def test_can_update(self):
         self._login_as(self.user)
@@ -116,7 +116,7 @@ class DirSharedItemsTest(TestCase, Fixtures):
         ))
         self.assertEqual(200, resp.status_code)
         json_resp = json.loads(resp.content)
-        assert json_resp[0]['success'] is True
+        assert json_resp['success'] is True
 
         resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user,group' % (
             self.repo.id,

From 69101f41f6a6ff05c75b9525a8f15eb359ac8676 Mon Sep 17 00:00:00 2001
From: llj <lingjun.li1@gmail.com>
Date: Thu, 2 Jul 2015 15:44:50 +0800
Subject: [PATCH 10/13] [dir shared items] modified 'perm edit', bugfix & add
 'error handle' for 'list/add/delete', clean up code

---
 seahub/share/urls.py                          |  1 -
 seahub/urls.py                                |  3 -
 seahub/views/ajax.py                          | 86 +------------------
 static/scripts/app/views/folder-share-item.js | 58 +++++++------
 static/scripts/app/views/share.js             | 29 +++++--
 static/scripts/common.js                      |  4 -
 6 files changed, 58 insertions(+), 123 deletions(-)

diff --git a/seahub/share/urls.py b/seahub/share/urls.py
index 17eb5f4a0a..9f7a1172b3 100644
--- a/seahub/share/urls.py
+++ b/seahub/share/urls.py
@@ -37,6 +37,5 @@ urlpatterns = patterns('',
     url(r'^ajax/get-download-link/$', ajax_get_download_link, name='ajax_get_download_link'),
     url(r'^ajax/get-upload-link/$', ajax_get_upload_link, name='ajax_get_upload_link'),
     url(r'^ajax/private-share-file/$', ajax_private_share_file, name='ajax_private_share_file'),
-
     url(r'^ajax/private-share-dir/$', ajax_private_share_dir, name='ajax_private_share_dir'),
 )
diff --git a/seahub/urls.py b/seahub/urls.py
index 44c0d37e64..e1d3532ec3 100644
--- a/seahub/urls.py
+++ b/seahub/urls.py
@@ -177,11 +177,8 @@ urlpatterns = patterns('',
 
     url(r'^_templates/(?P<template>.*)$', underscore_template, name="underscore_template"),
 
-
     ## ajax lib
     url(r'^ajax/lib/(?P<repo_id>[-0-9a-f]{36})/dir/$', list_lib_dir, name="list_lib_dir"),
-    url(r'^ajax/lib/(?P<repo_id>[-0-9a-f]{36})/dir-user-share-items/$', get_dir_user_share_items, name='get_dir_user_share_items'),
-    url(r'^ajax/lib/(?P<repo_id>[-0-9a-f]{36})/dir-group-share-items/$', get_dir_group_share_items, name='get_dir_group_share_items'),
 
     url(r'^ajax/unset-inner-pub-repo/(?P<repo_id>[-0-9a-f]{36})/$', ajax_unset_inner_pub_repo, name='ajax_unset_inner_pub_repo'),
 
diff --git a/seahub/views/ajax.py b/seahub/views/ajax.py
index 74fa02f7a4..12637748a0 100644
--- a/seahub/views/ajax.py
+++ b/seahub/views/ajax.py
@@ -16,8 +16,7 @@ from django.contrib import messages
 from django.template.defaultfilters import filesizeformat
 
 import seaserv
-from seaserv.api import seafile_api
-from seaserv import seafserv_rpc, is_passwd_set, \
+from seaserv import seafile_api, seafserv_rpc, is_passwd_set, \
     get_related_users_by_repo, get_related_users_by_org_repo, \
     CALC_SHARE_USAGE, seafserv_threaded_rpc, ccnet_threaded_rpc, \
     get_user_quota_usage, get_user_share_usage, edit_repo, \
@@ -2709,86 +2708,3 @@ def ajax_unset_inner_pub_repo(request, repo_id):
     except SearpcError:
         return HttpResponse(json.dumps({"error": _('Internal server error')}),
                 status=500, content_type=content_type)
-
-@login_required_ajax
-def get_dir_user_share_items(request, repo_id):
-    """
-    Get share items for a dir: share to users
-    """
-    content_type = 'application/json; charset=utf-8'
-    result = {}
-
-    repo = get_repo(repo_id)
-    if not repo:
-        result["error"] = _('Library does not exist.')
-        return HttpResponse(json.dumps(result),
-                            status=400, content_type=content_type)
-
-    path = request.GET.get('p', None)
-    if not path:
-        result["error"] = _(u'Argument missing')
-        return HttpResponse(json.dumps(result),
-                status=400, content_type=content_type)
-
-    user = request.user.username
-    try:
-        if path == '/':
-            share_items = seafile_api.list_repo_shared_to(user, repo_id)
-        else:
-            share_items = seafile_api.get_shared_users_for_subdir(repo_id, path, user)
-
-        share_items_ = []
-        for item in share_items:
-            share_item = {
-                "user": item.user,
-                "user_name": email2nickname(item.user),
-                "perm": item.perm,
-            }
-            share_items_.append(share_item)
-        return HttpResponse(json.dumps(share_items_), content_type=content_type)
-    except SearpcError, e:
-        logger.error(e)
-        result["error"] = _('Internal server error')
-        return HttpResponse(json.dumps(result), status=500, content_type=content_type)
-
-@login_required_ajax
-def get_dir_group_share_items(request, repo_id):
-    """
-    Get share items for a dir: share to groups
-
-    """
-    content_type = 'application/json; charset=utf-8'
-    result = {}
-
-    repo = get_repo(repo_id)
-    if not repo:
-        result["error"] = _('Library does not exist.')
-        return HttpResponse(json.dumps(result),
-                            status=400, content_type=content_type)
-
-    path = request.GET.get('p', None)
-    if not path:
-        result["error"] = _(u'Argument missing')
-        return HttpResponse(json.dumps(result),
-                status=400, content_type=content_type)
-
-    user = request.user.username
-    try:
-        if path == '/':
-            share_items = seafile_api.list_repo_shared_group(user, repo_id)
-        else:
-            share_items = seafile_api.get_shared_groups_for_subdir(repo_id, path, user)
-
-        share_items_ = []
-        for item in share_items:
-            share_item = {
-                "group_id": item.group_id,
-                "group_name": get_group(item.group_id).group_name,
-                "perm": item.perm,
-            }
-            share_items_.append(share_item)
-        return HttpResponse(json.dumps(share_items_), content_type=content_type)
-    except SearpcError, e:
-        logger.error(e)
-        result["error"] = _('Internal server error')
-        return HttpResponse(json.dumps(result), status=500, content_type=content_type)
diff --git a/static/scripts/app/views/folder-share-item.js b/static/scripts/app/views/folder-share-item.js
index f3623cb833..f3705148fc 100644
--- a/static/scripts/app/views/folder-share-item.js
+++ b/static/scripts/app/views/folder-share-item.js
@@ -49,39 +49,39 @@ define([
         editPerm: function (e) {
             var _this = this;
             var item_data = this.item_data;
-            var for_user = item_data.for_user;
-            var share_type = for_user ? 'personal' : 'group';
+            var url = Common.getUrl({
+                    name: 'dir_shared_items',
+                    repo_id: this.repo_id
+                }) + '?p=' + encodeURIComponent(this.path);
+            if (item_data.for_user) {
+                url += '&share_type=user&username=' + encodeURIComponent(item_data.user);
+            } else {
+                url += '&share_type=group&group_id=' + encodeURIComponent(item_data.group_id);
+            }
             var perm = $(e.currentTarget).val();
-            var post_data = {
-                repo_id: this.repo_id,
-                email_or_group: for_user ? item_data.user : item_data.group_id,
-                permission: perm 
-            };
-
             $.ajax({
-                url: Common.getUrl({
-                    name: 'share_permission_admin' 
-                }) + '?share_type=' + share_type,
-                type: 'POST',
+                url: url,
                 dataType: 'json',
-                cache: false,
+                method: 'POST',
                 beforeSend: Common.prepareCSRFToken,
-                data: post_data,
-                success: function() {
+                data: {
+                    'permission': perm
+                },
+                success: function () {
                     item_data.perm = perm;
                     _this.render();
                 },
                 error: function(xhr) {
-                    var err;
+                    var err_msg;
                     if (xhr.responseText) {
-                        err = $.parseJSON(xhr.responseText).error;
+                        err_msg = gettext("Edit failed");
                     } else {
-                        err = gettext("Failed. Please check the network.");
+                        err_msg = gettext("Failed. Please check the network.");
                     }
-                    if (share_type == 'personal') {
-                        $('#dir-user-share .error').html(err).removeClass('hide');
+                    if (item_data.for_user) {
+                        $('#dir-user-share .error').html(err_msg).removeClass('hide');
                     } else {
-                        $('#dir-group-group .error').html(err).removeClass('hide');
+                        $('#dir-group-group .error').html(err_msg).removeClass('hide');
                     }
                 }
             });
@@ -97,7 +97,7 @@ define([
             if (item_data.for_user) {
                 url += '&share_type=user&username=' + encodeURIComponent(item_data.user);
             } else {
-                url += '&share_type=group&username=' + encodeURIComponent(item_data.group_id);
+                url += '&share_type=group&group_id=' + encodeURIComponent(item_data.group_id);
             }
             $.ajax({
                 url: url,
@@ -107,8 +107,18 @@ define([
                 success: function () {
                     _this.remove();
                 },
-                error: {
-                    // TODO
+                error: function (xhr) {
+                    var err_msg;
+                    if (xhr.responseText) {
+                        err_msg = gettext("Delete failed");
+                    } else {
+                        err_msg = gettext("Failed. Please check the network.");
+                    }
+                    if (item_data.for_user) {
+                        $('#dir-user-share .error').html(err_msg).removeClass('hide');
+                    } else {
+                        $('#dir-group-group .error').html(err_msg).removeClass('hide');
+                    }
                 }
             });
         }
diff --git a/static/scripts/app/views/share.js b/static/scripts/app/views/share.js
index c03dcbd7fd..dd35710a93 100644
--- a/static/scripts/app/views/share.js
+++ b/static/scripts/app/views/share.js
@@ -551,6 +551,7 @@ define([
         },
 
         dirUserShare: function () {
+            var panel = $('#dir-user-share');
             var form = this.$('#add-dir-user-share-item');
 
             var emails_input = $('[name="emails"]', form),
@@ -572,14 +573,13 @@ define([
                 dataType: 'json',
                 method: 'PUT',
                 beforeSend: Common.prepareCSRFToken,
-                trandition: true,
+                traditional: true,
                 data: {
                     'share_type': 'user',
                     'username': emails.split(','),
                     'permission': perm
                 },
                 success: function(data) {
-                    // todo: those failed to share to
                     $(data.success).each(function(index, item) {
                         var new_item = new FolderShareItemView({
                             'repo_id': repo_id,
@@ -594,14 +594,26 @@ define([
                         $add_item.after(new_item.el);
                     });
                     emails_input.select2("val", "");
+                    if (data.failed) {
+                        var err_msg = gettext("Failed to share to {placeholder}")
+                            .replace('{placeholder}', Common.HTMLescape(data.failed.join(', ')));
+                        $('.error', panel).html(err_msg).removeClass('hide');
+                    }
                 },
                 error: function(xhr) {
-                    // todo
+                    var err_msg;
+                    if (xhr.responseText) {
+                        err_msg = gettext("Share failed");
+                    } else {
+                        err_msg = gettext("Failed. Please check the network.")
+                    }
+                    $('.error', panel).html(err_msg).removeClass('hide');
                 }
             });
         },
 
         dirGroupShare: function () {
+            var panel = $('#dir-group-share');
             var form = this.$('#add-dir-group-share-item');
 
             var groups_input = $('[name="groups"]', form),
@@ -624,14 +636,13 @@ define([
                 dataType: 'json',
                 method: 'PUT',
                 beforeSend: Common.prepareCSRFToken,
-                trandition: true,
+                traditional: true,
                 data: {
                     'share_type': 'group',
                     'group_id': groups,
                     'permission': perm
                 },
                 success: function(data) {
-                    // todo: those failed to share to 
                     $(data.success).each(function(index, item) {
                         var new_item = new FolderShareItemView({
                             'repo_id': repo_id,
@@ -648,7 +659,13 @@ define([
                     groups_input.select2("val", "");
                 },
                 error: function(xhr) {
-                    // todo 
+                    var err_msg;
+                    if (xhr.responseText) {
+                        err_msg = gettext("Share failed");
+                    } else {
+                        err_msg = gettext("Failed. Please check the network.")
+                    }
+                    $('.error', panel).html(err_msg).removeClass('hide');
                 }
             });
         }
diff --git a/static/scripts/common.js b/static/scripts/common.js
index bcd43a0a08..c93c1fc727 100644
--- a/static/scripts/common.js
+++ b/static/scripts/common.js
@@ -95,7 +95,6 @@ define([
               case 'send_shared_upload_link': return siteRoot + 'share/upload_link/send/';
               case 'delete_shared_upload_link': return siteRoot + 'share/ajax/upload_link/remove/';
               case 'get_share_upload_link': return siteRoot + 'share/ajax/get-upload-link/';
-              //case 'private_share_dir': return siteRoot + 'share/ajax/private-share-dir/';
               case 'private_share_file': return siteRoot + 'share/ajax/private-share-file/';
               case 'get_popup_notices': return siteRoot + 'ajax/get_popup_notices/';
               case 'set_notices_seen': return siteRoot + 'ajax/set_notices_seen/';
@@ -113,9 +112,6 @@ define([
               case 'starred_files': return siteRoot + 'api2/starredfiles/';
               case 'shared_repos': return siteRoot + 'api2/shared-repos/' + options.repo_id + '/';
               case 'search_user': return siteRoot + 'api2/search-user/';
-              case 'share_permission_admin': return siteRoot + 'share/permission_admin/';
-              //case 'get_dir_user_share_items': return siteRoot + 'ajax/lib/' + options.repo_id + '/dir-user-share-items/';
-              //case 'get_dir_group_share_items': return siteRoot + 'ajax/lib/' + options.repo_id + '/dir-group-share-items/';
               case 'dir_shared_items': return siteRoot + 'api2/repos/' + options.repo_id + '/dir/shared_items/';
             }
         },

From 1c6475d7d13b811cb4074f80c763f9357867901c Mon Sep 17 00:00:00 2001
From: zhengxie <xiez1989@gmail.com>
Date: Mon, 13 Jul 2015 17:06:54 +0800
Subject: [PATCH 11/13] WIP: finish dir_shared_items

---
 seahub/api2/endpoints/__init__.py         |   0
 seahub/api2/endpoints/dir_shared_items.py | 356 ++++++++++++++++++++++
 seahub/api2/urls.py                       |   3 +-
 seahub/api2/views.py                      | 216 -------------
 tests/api/test_shares.py                  | 162 +++++++---
 5 files changed, 478 insertions(+), 259 deletions(-)
 create mode 100644 seahub/api2/endpoints/__init__.py
 create mode 100644 seahub/api2/endpoints/dir_shared_items.py

diff --git a/seahub/api2/endpoints/__init__.py b/seahub/api2/endpoints/__init__.py
new file mode 100644
index 0000000000..e69de29bb2
diff --git a/seahub/api2/endpoints/dir_shared_items.py b/seahub/api2/endpoints/dir_shared_items.py
new file mode 100644
index 0000000000..6f2e5f2675
--- /dev/null
+++ b/seahub/api2/endpoints/dir_shared_items.py
@@ -0,0 +1,356 @@
+import logging
+import json
+import os
+
+from django.http import HttpResponse
+from pysearpc import SearpcError
+from rest_framework import status
+from rest_framework.authentication import SessionAuthentication
+from rest_framework.permissions import IsAuthenticated
+from rest_framework.throttling import UserRateThrottle
+from rest_framework.views import APIView
+import seaserv
+from seaserv import seafile_api
+
+from seahub.api2.authentication import TokenAuthentication
+from seahub.api2.utils import api_error
+from seahub.base.templatetags.seahub_tags import email2nickname
+from seahub.utils import is_org_context, is_valid_username
+from seahub.share.signals import share_repo_to_user_successful
+
+logger = logging.getLogger(__name__)
+json_content_type = 'application/json; charset=utf-8'
+
+class DirSharedItemsEndpoint(APIView):
+    authentication_classes = (TokenAuthentication, SessionAuthentication)
+    permission_classes = (IsAuthenticated,)
+    throttle_classes = (UserRateThrottle, )
+
+    def list_user_shared_items(self, request, repo_id, path):
+        username = request.user.username
+        if path == '/':
+            share_items = seafile_api.list_repo_shared_to(username, repo_id)
+        else:
+            share_items = seafile_api.get_shared_users_for_subdir(repo_id,
+                                                                  path, username)
+        ret = []
+        for item in share_items:
+            ret.append({
+                "share_type": "user",
+                "user_info": {
+                    "name": item.user,
+                    "nickname": email2nickname(item.user),
+                },
+                "permission": item.perm,
+            })
+        return ret
+
+    def list_group_shared_items(self, request, repo_id, path):
+        username = request.user.username
+        if path == '/':
+            share_items = seafile_api.list_repo_shared_group(username, repo_id)
+        else:
+            share_items = seafile_api.get_shared_groups_for_subdir(repo_id,
+                                                                   path, username)
+        ret = []
+        for item in share_items:
+            ret.append({
+                "share_type": "group",
+                "group_info": {
+                    "id": item.group_id,
+                    "name": seaserv.get_group(item.group_id).group_name,
+                },
+                "permission": item.perm,
+            })
+        return ret
+
+    # def add_user_shared_item(self, request, repo_id, path):
+    #     pass
+
+    def handle_shared_to_args(self, request):
+        share_type = request.GET.get('share_type', None)
+        shared_to_user = False
+        shared_to_group = False
+        if share_type:
+            for e in share_type.split(','):
+                e = e.strip()
+                if e not in ['user', 'group']:
+                    continue
+                if e == 'user':
+                    shared_to_user = True
+                if e == 'group':
+                    shared_to_group = True
+        else:
+            shared_to_user = True
+            shared_to_group = True
+
+        return (shared_to_user, shared_to_group)
+
+    def get_sub_repo_by_path(self, request, repo, path):
+        if path == '/':
+            raise Exception("Invalid path")
+
+        # get or create sub repo
+        username = request.user.username
+        if is_org_context(request):
+            org_id = request.user.org.org_id
+            sub_repo = seaserv.seafserv_threaded_rpc.get_org_virtual_repo(
+                org_id, repo.id, path, username)
+        else:
+            sub_repo = seafile_api.get_virtual_repo(repo.id, path, username)
+
+        return sub_repo
+
+    def get_or_create_sub_repo_by_path(self, request, repo, path):
+        username = request.user.username
+        sub_repo = self.get_sub_repo_by_path(request, repo, path)
+        if not sub_repo:
+            name = os.path.basename(path)
+            # create a sub-lib,
+            # use name as 'repo_name' & 'repo_desc' for sub_repo
+            if is_org_context(request):
+                org_id = request.user.org.org_id
+                sub_repo_id = seaserv.seafserv_threaded_rpc.create_org_virtual_repo(
+                    org_id, repo.id, path, name, name, username)
+            else:
+                sub_repo_id = seafile_api.create_virtual_repo(repo.id, path,
+                                                              name, name, username)
+            sub_repo = seafile_api.get_repo(sub_repo_id)
+
+        return sub_repo
+
+    def get(self, request, repo_id, format=None):
+        repo = seafile_api.get_repo(repo_id)
+        if not repo:
+            return api_error(status.HTTP_400_BAD_REQUEST, 'Repo not found.')
+
+        shared_to_user, shared_to_group = self.handle_shared_to_args(request)
+
+        path = request.GET.get('p', '/')
+        if seafile_api.get_dir_id_by_path(repo.id, path) is None:
+            return api_error(status.HTTP_400_BAD_REQUEST, 'Directory not found.')
+
+        ret = []
+        if shared_to_user:
+            ret += self.list_user_shared_items(request, repo_id, path)
+
+        if shared_to_group:
+            ret += self.list_group_shared_items(request, repo_id, path)
+
+        return HttpResponse(json.dumps(ret), status=200,
+                            content_type=json_content_type)
+
+    def post(self, request, repo_id, format=None):
+        """Update shared item permission.
+        """
+        username = request.user.username
+        repo = seafile_api.get_repo(repo_id)
+        if not repo:
+            return api_error(status.HTTP_400_BAD_REQUEST, 'Repo not found.')
+
+        shared_to_user, shared_to_group = self.handle_shared_to_args(request)
+
+        permission = request.DATA.get('permission', 'r')
+        if permission not in ['r', 'rw']:
+            return api_error(status.HTTP_400_BAD_REQUEST, 'Bad permission')
+
+        path = request.GET.get('p', '/')
+        if seafile_api.get_dir_id_by_path(repo.id, path) is None:
+            return api_error(status.HTTP_400_BAD_REQUEST, 'Directory not found.')
+
+        if path == '/':
+            shared_repo = repo
+        else:
+            try:
+                sub_repo = self.get_sub_repo_by_path(request, repo, path)
+                if sub_repo:
+                    shared_repo = sub_repo
+                else:
+                    return api_error(status.HTTP_400_BAD_REQUEST, 'No sub repo found')
+            except SearpcError as e:
+                logger.error(e)
+                return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, 'Failed to get sub repo')
+
+        if shared_to_user:
+            shared_to = request.GET.get('username')
+            if shared_to is None or not is_valid_username(shared_to):
+                return api_error(status.HTTP_400_BAD_REQUEST, 'Bad username.')
+
+            if is_org_context(request):
+                org_id = request.user.org.org_id
+                seaserv.seafserv_threaded_rpc.org_set_share_permission(
+                    org_id, shared_repo.id, username, shared_to, permission)
+            else:
+                seafile_api.set_share_permission(shared_repo.id, username,
+                                                 shared_to, permission)
+
+        if shared_to_group:
+            gid = request.GET.get('group_id')
+            try:
+                gid = int(gid)
+            except ValueError:
+                return api_error(status.HTTP_400_BAD_REQUEST, 'Bad group id: %s' % gid)
+            group = seaserv.get_group(gid)
+            if not group:
+                return api_error(status.HTTP_400_BAD_REQUEST, 'Group not found: %s' % gid)
+
+            if is_org_context(request):
+                org_id = request.user.org.org_id
+                seaserv.seafserv_threaded_rpc.set_org_group_repo_permission(
+                    org_id, gid, shared_repo.id, permission)
+            else:
+                seafile_api.set_group_repo_permission(gid, shared_repo.id,
+                                                      permission)
+
+        return HttpResponse(json.dumps({'success': True}), status=200,
+                            content_type=json_content_type)
+
+    def put(self, request, repo_id, format=None):
+        username = request.user.username
+        repo = seafile_api.get_repo(repo_id)
+        if not repo:
+            return api_error(status.HTTP_400_BAD_REQUEST, 'Repo not found.')
+
+        # TODO: perm check, quota check
+
+        path = request.GET.get('p', '/')
+        if seafile_api.get_dir_id_by_path(repo.id, path) is None:
+            return api_error(status.HTTP_400_BAD_REQUEST, 'Directory not found.')
+
+        if path != '/':
+            try:
+                sub_repo = self.get_or_create_sub_repo_by_path(request, repo, path)
+            except SearpcError as e:
+                logger.error(e)
+                return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, 'Failed to get sub repo')
+        else:
+            sub_repo = None
+
+        share_type = request.DATA.get('share_type')
+        if share_type != 'user' and share_type != 'group':
+            return api_error(status.HTTP_400_BAD_REQUEST, 'Bad share type')
+
+        permission = request.DATA.get('permission', 'r')
+        if permission not in ['r', 'rw']:
+            return api_error(status.HTTP_400_BAD_REQUEST, 'Bad permission')
+
+        shared_repo = repo if path == '/' else sub_repo
+        success, failed = [], []
+        if share_type == 'user':
+            share_to_users = request.DATA.getlist('username')
+            for to_user in share_to_users:
+                try:
+                    if is_org_context(request):
+                        org_id = request.user.org.org_id
+                        # org_share_repo(org_id, shared_repo.id, username, to_user, permission)
+                    else:
+                        seafile_api.share_repo(shared_repo.repo_id, username, to_user, permission)
+                    # send a signal when sharing repo successful
+                    share_repo_to_user_successful.send(sender=None,
+                                                       from_user=username,
+                                                       to_user=to_user,
+                                                       repo=shared_repo)
+                    success.append({
+                        "share_type": "user",
+                        "user_info": {
+                            "name": to_user,
+                            "nickname": email2nickname(to_user),
+                        },
+                        "permission": permission
+                    })
+                except SearpcError as e:
+                    logger.error(e)
+                    failed.append(to_user)
+                    continue
+
+        if share_type == 'group':
+            group_ids = request.DATA.getlist('group_id')
+            for gid in group_ids:
+                try:
+                    gid = int(gid)
+                except ValueError:
+                    return api_error(status.HTTP_400_BAD_REQUEST, 'Bad group id: %s' % gid)
+                group = seaserv.get_group(gid)
+                if not group:
+                    return api_error(status.HTTP_400_BAD_REQUEST, 'Group not found: %s' % gid)
+
+                try:
+                    if is_org_context(request):
+                        org_id = request.user.org.org_id
+                        seafile_api.add_org_group_repo(shared_repo.repo_id,
+                                                       org_id, gid, username,
+                                                       permission)
+                    else:
+                        seafile_api.set_group_repo(shared_repo.repo_id, gid,
+                                                   username, permission)
+                        # todo: perm audit msg
+
+                    success.append({
+                        "share_type": "group",
+                        "group_info": {
+                            "id": gid,
+                            "name": group.group_name,
+                        },
+                        "permission": permission
+                    })
+                except SearpcError as e:
+                    logger.error(e)
+                    failed.append(group.group_name)
+                    continue
+
+        return HttpResponse(json.dumps({
+            "success": success,
+            "failed": failed
+        }), status=200, content_type=json_content_type)
+
+    def delete(self, request, repo_id, format=None):
+        username = request.user.username
+        repo = seafile_api.get_repo(repo_id)
+        if not repo:
+            return api_error(status.HTTP_400_BAD_REQUEST, 'Repo not found.')
+
+        shared_to_user, shared_to_group = self.handle_shared_to_args(request)
+
+        path = request.GET.get('p', '/')
+        if seafile_api.get_dir_id_by_path(repo.id, path) is None:
+            return api_error(status.HTTP_400_BAD_REQUEST, 'Directory not found.')
+
+        if path == '/':
+            shared_repo = repo
+        else:
+            try:
+                sub_repo = self.get_sub_repo_by_path(request, repo, path)
+                if sub_repo:
+                    shared_repo = sub_repo
+                else:
+                    return api_error(status.HTTP_400_BAD_REQUEST, 'No sub repo found')
+            except SearpcError as e:
+                logger.error(e)
+                return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, 'Failed to get sub repo')
+
+        if shared_to_user:
+            shared_to = request.GET.get('username')
+            if shared_to is None or not is_valid_username(shared_to):
+                return api_error(status.HTTP_400_BAD_REQUEST, 'Bad argument.')
+
+            if is_org_context(request):
+                org_id = request.user.org.org_id
+                # org_remove_share(org_id, repo_id, from_email, shared_to)
+            else:
+                seaserv.remove_share(shared_repo.id, username, shared_to)
+
+        if shared_to_group:
+            group_id = request.GET.get('group_id')
+            try:
+                group_id = int(group_id)
+            except ValueError:
+                return api_error(status.HTTP_400_BAD_REQUEST, 'Bad group id')
+
+            if is_org_context(request):
+                org_id = request.user.org.org_id
+                seaserv.del_org_group_repo(shared_repo.id, org_id, group_id)
+            else:
+                seafile_api.unset_group_repo(shared_repo.id, group_id, username)
+
+        return HttpResponse(json.dumps({'success': True}), status=200,
+                            content_type=json_content_type)
diff --git a/seahub/api2/urls.py b/seahub/api2/urls.py
index 34fdbd45f0..2a16410225 100644
--- a/seahub/api2/urls.py
+++ b/seahub/api2/urls.py
@@ -3,6 +3,7 @@ from django.conf.urls.defaults import *
 from .views import *
 from .views_misc import ServerInfoView
 from .views_auth import LogoutDeviceView, ClientLoginTokenView
+from .endpoints.dir_shared_items import DirSharedItemsEndpoint
 
 
 urlpatterns = patterns('',
@@ -40,7 +41,7 @@ urlpatterns = patterns('',
     url(r'^repos/(?P<repo_id>[-0-9-a-f]{36})/dir/$', DirView.as_view(), name='DirView'),
     url(r'^repos/(?P<repo_id>[-0-9-a-f]{36})/dir/sub_repo/$', DirSubRepoView.as_view()),
     url(r'^repos/(?P<repo_id>[-0-9-a-f]{36})/dir/share/$', DirShareView.as_view()),
-    url(r'^repos/(?P<repo_id>[-0-9-a-f]{36})/dir/shared_items/$', DirSharedItemsView.as_view()),
+    url(r'^repos/(?P<repo_id>[-0-9-a-f]{36})/dir/shared_items/$', DirSharedItemsEndpoint.as_view()),
     url(r'^repos/(?P<repo_id>[-0-9-a-f]{36})/dir/download/$', DirDownloadView.as_view()),
     url(r'^repos/(?P<repo_id>[-0-9-a-f]{36})/thumbnail/$', ThumbnailView.as_view(), name='api2-thumbnail'),
     url(r'^starredfiles/', StarredFileView.as_view(), name='starredfiles'),
diff --git a/seahub/api2/views.py b/seahub/api2/views.py
index 2f4e8b261a..6d91c795f3 100644
--- a/seahub/api2/views.py
+++ b/seahub/api2/views.py
@@ -2250,222 +2250,6 @@ class DirShareView(APIView):
         return HttpResponse(json.dumps({}), status=200, content_type=json_content_type)
 
 
-class DirSharedItemsView(APIView):
-    authentication_classes = (TokenAuthentication, SessionAuthentication)
-    permission_classes = (IsAuthenticated,)
-    throttle_classes = (UserRateThrottle, )
-
-    def list_user_shared_items(self, request, repo_id, path):
-        username = request.user.username
-        if path == '/':
-            share_items = seafile_api.list_repo_shared_to(username, repo_id)
-        else:
-            share_items = seafile_api.get_shared_users_for_subdir(repo_id,
-                                                                  path, username)
-        ret = []
-        for item in share_items:
-            ret.append({
-                "share_type": "user",
-                "user_info": {
-                    "name": item.user,
-                    "nickname": email2nickname(item.user),
-                },
-                "permission": item.perm,
-            })
-        return ret
-
-    def list_group_shared_items(self, request, repo_id, path):
-        return []
-
-    def add_user_shared_item(self, request, repo_id, path):
-        pass
-
-    def handle_shared_to_args(self, request):
-        share_type = request.GET.get('share_type', None)
-        shared_to_user = False
-        shared_to_group = False
-        if share_type:
-            for e in share_type.split(','):
-                e = e.strip()
-                if e not in ['user', 'group']:
-                    continue
-                if e == 'user':
-                    shared_to_user = True
-                if e == 'group':
-                    shared_to_group = True
-        else:
-            shared_to_user = True
-            shared_to_group = True
-
-        return (shared_to_user, shared_to_group)
-
-    def get_sub_repo_by_path(self, request, repo, path):
-        if path == '/':
-            raise Exception("Invalid path")
-
-        # get or create sub repo
-        username = request.user.username
-        if is_org_context(request):
-            org_id = request.user.org.org_id
-            sub_repo = seaserv.seafserv_threaded_rpc.get_org_virtual_repo(
-                org_id, repo.id, path, username)
-        else:
-            sub_repo = seafile_api.get_virtual_repo(repo.id, path, username)
-
-        return sub_repo
-
-    def get_or_create_sub_repo_by_path(self, request, repo, path):
-        username = request.user.username
-        sub_repo = self.get_sub_repo_by_path(request, repo, path)
-        if not sub_repo:
-            name = os.path.basename(path)
-            # create a sub-lib,
-            # use name as 'repo_name' & 'repo_desc' for sub_repo
-            if is_org_context(request):
-                org_id = request.user.org.org_id
-                sub_repo_id = seaserv.seafserv_threaded_rpc.create_org_virtual_repo(
-                    org_id, repo.id, path, name, name, username)
-            else:
-                sub_repo_id = seafile_api.create_virtual_repo(repo.id, path,
-                                                              name, name, username)
-            sub_repo = seafile_api.get_repo(sub_repo_id)
-
-        return sub_repo
-
-    def get(self, request, repo_id, format=None):
-        repo = get_repo(repo_id)
-        if not repo:
-            return api_error(status.HTTP_400_BAD_REQUEST, 'Repo not found.')
-
-        shared_to_user, shared_to_group = self.handle_shared_to_args(request)
-
-        path = request.GET.get('p', '/')
-        if seafile_api.get_dir_id_by_path(repo.id, path) is None:
-            return api_error(status.HTTP_400_BAD_REQUEST, 'Directory not found.')
-
-        ret = []
-        if shared_to_user:
-            ret += self.list_user_shared_items(request, repo_id, path)
-
-        if shared_to_group:
-            ret += self.list_group_shared_items(request, repo_id, path)
-
-        return HttpResponse(json.dumps(ret), status=200,
-                            content_type=json_content_type)
-
-    def post(self, request, repo_id, format=None):
-        return HttpResponse(json.dumps([{'foo': 'bar'}]), status=200,
-                            content_type=json_content_type)
-
-    def put(self, request, repo_id, format=None):
-        username = request.user.username
-        repo = get_repo(repo_id)
-        if not repo:
-            return api_error(status.HTTP_400_BAD_REQUEST, 'Repo not found.')
-
-        # TODO: perm check, quota check
-
-        path = request.GET.get('p', '/')
-        if seafile_api.get_dir_id_by_path(repo.id, path) is None:
-            return api_error(status.HTTP_400_BAD_REQUEST, 'Directory not found.')
-
-        if path != '/':
-            try:
-                sub_repo = self.get_sub_repo_by_path(request, repo, path)
-            except SearpcError as e:
-                logger.error(e)
-                return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, 'Failed to get sub repo')
-        else:
-            sub_repo = None
-
-        share_type = request.DATA.get('share_type')
-        if share_type != 'user' and share_type != 'group':
-            return api_error(status.HTTP_400_BAD_REQUEST, 'Bad share type')
-
-        permission = request.DATA.get('permission', 'r')
-        if permission not in ['r', 'rw']:
-            return api_error(status.HTTP_400_BAD_REQUEST, 'Bad permission')
-
-        shared_repo = repo if path == '/' else sub_repo
-        success, failed = [], []
-        if share_type == 'user':
-            share_to_users = request.DATA.getlist('username')
-            for to_user in share_to_users:
-                try:
-                    if is_org_context(request):
-                        org_id = request.user.org.org_id
-                        # org_share_repo(org_id, shared_repo.id, username, to_user, permission)
-                    else:
-                        seafile_api.share_repo(shared_repo.repo_id, username, to_user, permission)
-                    # send a signal when sharing repo successful
-                    share_repo_to_user_successful.send(sender=None,
-                                                       from_user=username,
-                                                       to_user=to_user,
-                                                       repo=shared_repo)
-                    success.append({
-                        "share_type": "user",
-                        "user_info": {
-                            "name": to_user,
-                            "nickname": email2nickname(to_user),
-                        },
-                        "permission": permission
-                    })
-                except SearpcError as e:
-                    logger.error(e)
-                    failed.append(to_user)
-                    continue
-
-        if share_type == 'group':
-            pass
-
-        return HttpResponse(json.dumps({
-            "success": success,
-            "failed": failed
-        }), status=200, content_type=json_content_type)
-
-    def delete(self, request, repo_id, format=None):
-        username = request.user.username
-        repo = get_repo(repo_id)
-        if not repo:
-            return api_error(status.HTTP_400_BAD_REQUEST, 'Repo not found.')
-
-        shared_to_user, shared_to_group = self.handle_shared_to_args(request)
-
-        path = request.GET.get('p', '/')
-        if seafile_api.get_dir_id_by_path(repo.id, path) is None:
-            return api_error(status.HTTP_400_BAD_REQUEST, 'Directory not found.')
-
-        if path == '/':
-            shared_repo = repo
-        else:
-            try:
-                sub_repo = self.get_sub_repo_by_path(request, repo, path)
-                if sub_repo:
-                    shared_repo = sub_repo
-                else:
-                    return api_error(status.HTTP_400_BAD_REQUEST, 'No sub repo found')
-            except SearpcError as e:
-                logger.error(e)
-                return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, 'Failed to get sub repo')
-
-        if shared_to_user:
-            shared_to = request.GET.get('username')
-            if shared_to is None or not is_valid_username(shared_to):
-                return api_error(status.HTTP_400_BAD_REQUEST, 'Bad argument.')
-
-            if is_org_context(request):
-                org_id = request.user.org.org_id
-                # org_remove_share(org_id, repo_id, from_email, shared_to)
-            else:
-                seaserv.remove_share(shared_repo.id, username, shared_to)
-
-        if shared_to_group:
-            pass
-
-        return HttpResponse(json.dumps({'success': True}), status=200,
-                            content_type=json_content_type)
-
-
 class DirSubRepoView(APIView):
     authentication_classes = (TokenAuthentication, )
     permission_classes = (IsAuthenticated,)
diff --git a/tests/api/test_shares.py b/tests/api/test_shares.py
index f3ad60802c..09c452b384 100644
--- a/tests/api/test_shares.py
+++ b/tests/api/test_shares.py
@@ -1,12 +1,9 @@
 #coding: UTF-8
 import json
 
-from django.core.urlresolvers import reverse
-from django.test import TestCase
-
 from seaserv import seafile_api
 
-from seahub.test_utils import Fixtures
+from seahub.test_utils import BaseTestCase
 from tests.common.utils import urljoin
 from tests.api.apitestbase import ApiTestBase
 from tests.api.urls import SHARED_LINKS_URL, SHARED_LIBRARIES_URL, \
@@ -37,56 +34,52 @@ class SharesApiTest(ApiTestBase):
                 self.assertIsNotNone(fileshare['path'])
 
 
-class DirSharedItemsTest(TestCase, Fixtures):
-    def setUp(self):
-        self.folder_path = self.folder
-        sub_repo_id = seafile_api.create_virtual_repo(self.repo.id,
-                                                      self.folder_path,
-                                                      self.repo.name, '',
-                                                      self.user.username)
-        # A user shares a folder to admin with permission 'rw.
-        seafile_api.share_repo(sub_repo_id, self.user.username,
-                               self.admin.username, 'rw')
-
+class DirSharedItemsTest(BaseTestCase):
     def tearDown(self):
         self.remove_repo()
 
-    def _login_as(self, user):
-        self.client.post(
-            reverse('auth_login'), {'username': self.user.username,
-                                    'password': 'secret'}
-        )
+    def _add_shared_items(self):
+        sub_repo_id = seafile_api.create_virtual_repo(self.repo.id,
+                                                      self.folder,
+                                                      self.repo.name, '',
+                                                      self.user.username)
+        # A user shares a folder to admin with permission 'rw'.
+        seafile_api.share_repo(sub_repo_id, self.user.username,
+                               self.admin.username, 'rw')
+        # A user shares a folder to group with permission 'rw'.
+        seafile_api.set_group_repo(sub_repo_id, self.group.id,
+                                   self.user.username, 'rw')
 
     def test_can_list_all(self):
-        self._login_as(self.user)
+        self._add_shared_items()
+        self.login_as(self.user)
 
         resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user,group' % (
             self.repo.id,
-            self.folder_path))
+            self.folder))
 
         self.assertEqual(200, resp.status_code)
         json_resp = json.loads(resp.content)
-        assert len(json_resp) == 1
-        assert self.admin.username == json_resp[0]['user_info']['name']
+        assert len(json_resp) == 2
 
     def test_can_list_without_share_type_arg(self):
-        self._login_as(self.user)
+        self._add_shared_items()
+        self.login_as(self.user)
 
         resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s' % (
             self.repo.id,
-            self.folder_path))
+            self.folder))
 
         self.assertEqual(200, resp.status_code)
         json_resp = json.loads(resp.content)
-        assert len(json_resp) == 1
-        assert self.admin.username == json_resp[0]['user_info']['name']
+        assert len(json_resp) == 2
 
-    def test_can_add(self):
-        self._login_as(self.user)
+    def test_can_share_folder_to_users(self):
+        self.login_as(self.user)
 
         resp = self.client.put(
             '/api2/repos/%s/dir/shared_items/?p=%s' % (self.repo.id,
-                                                       self.folder_path),
+                                                       self.folder),
             "share_type=user&username=a@a.com&username=b@b.com",
             'application/x-www-form-urlencoded',
         )
@@ -95,32 +88,117 @@ class DirSharedItemsTest(TestCase, Fixtures):
         assert len(json_resp['success']) == 2
         assert json_resp['success'][0]['permission'] == 'r'
 
-    def test_can_update(self):
-        self._login_as(self.user)
+    def test_can_share_root_to_groups(self):
+        self.login_as(self.user)
 
-        resp = self.client.post('/api2/repos/%s/dir/shared_items/?p=%s' % (
+        grp1 = self.group
+        grp2 = self.create_group(group_name="test-grp2",
+                                 username=self.user.username)
+
+        resp = self.client.put(
+            '/api2/repos/%s/dir/shared_items/?p=/' % (self.repo.id),
+            "share_type=group&group_id=%d&group_id=%d&permission=rw" % (grp1.id, grp2.id),
+            'application/x-www-form-urlencoded',
+        )
+        self.assertEqual(200, resp.status_code)
+        json_resp = json.loads(resp.content)
+        assert len(json_resp['success']) == 2
+        assert json_resp['success'][0]['permission'] == 'rw'
+
+    def test_can_share_folder_to_groups(self):
+        self.login_as(self.user)
+
+        grp1 = self.group
+        grp2 = self.create_group(group_name="test-grp2",
+                                 username=self.user.username)
+
+        resp = self.client.put(
+            '/api2/repos/%s/dir/shared_items/?p=%s' % (self.repo.id,
+                                                       self.folder),
+            "share_type=group&group_id=%d&group_id=%d&permission=rw" % (grp1.id, grp2.id),
+            'application/x-www-form-urlencoded',
+        )
+        self.assertEqual(200, resp.status_code)
+        json_resp = json.loads(resp.content)
+        assert len(json_resp['success']) == 2
+        assert json_resp['success'][0]['permission'] == 'rw'
+
+    def test_can_modify_user_shared_repo(self):
+        self._add_shared_items()
+        self.login_as(self.user)
+
+        resp = self.client.post('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user&username=%s' % (
             self.repo.id,
-            self.folder_path), {
-
+            self.folder,
+            self.admin.username), {
+                'permission': 'r'
             }
         )
-        print resp
+        json_resp = json.loads(resp.content)
+        assert json_resp['success'] is True
 
-    def test_can_delete(self):
-        self._login_as(self.user)
+        resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user' % (
+            self.repo.id,
+            self.folder))
+        json_resp = json.loads(resp.content)
+        assert json_resp[0]['permission'] == 'r'
+
+    def test_can_modify_group_shared_repo(self):
+        self._add_shared_items()
+        self.login_as(self.user)
+
+        resp = self.client.post('/api2/repos/%s/dir/shared_items/?p=%s&share_type=group&group_id=%d' % (
+            self.repo.id,
+            self.folder,
+            self.group.id), {
+                'permission': 'r'
+            }
+        )
+        json_resp = json.loads(resp.content)
+        assert json_resp['success'] is True
+
+        resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s&share_type=group' % (
+            self.repo.id,
+            self.folder))
+        json_resp = json.loads(resp.content)
+        assert json_resp[0]['permission'] == 'r'
+
+    def test_can_unshare_repo_to_user(self):
+        self._add_shared_items()
+        self.login_as(self.user)
 
         resp = self.client.delete('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user&username=%s' % (
             self.repo.id,
-            self.folder_path,
+            self.folder,
             self.admin.username
         ))
         self.assertEqual(200, resp.status_code)
         json_resp = json.loads(resp.content)
         assert json_resp['success'] is True
 
-        resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user,group' % (
+        resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user' % (
             self.repo.id,
-            self.folder_path))
+            self.folder))
+
+        json_resp = json.loads(resp.content)
+        assert len(json_resp) == 0
+
+    def test_can_unshare_repo_to_group(self):
+        self._add_shared_items()
+        self.login_as(self.user)
+
+        resp = self.client.delete('/api2/repos/%s/dir/shared_items/?p=%s&share_type=group&group_id=%d' % (
+            self.repo.id,
+            self.folder,
+            self.group.id
+        ))
+        self.assertEqual(200, resp.status_code)
+        json_resp = json.loads(resp.content)
+        assert json_resp['success'] is True
+
+        resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s&share_type=group' % (
+            self.repo.id,
+            self.folder))
 
         json_resp = json.loads(resp.content)
         assert len(json_resp) == 0

From 0b61259b9d4bf5c49406f3fe94e9e606c32bd75b Mon Sep 17 00:00:00 2001
From: zhengxie <xiez1989@gmail.com>
Date: Tue, 14 Jul 2015 11:01:48 +0800
Subject: [PATCH 12/13] Add permission check and quota check

---
 seahub/api2/endpoints/dir_shared_items.py    |  65 +++++--
 seahub/api2/urls.py                          |   2 +-
 seahub/test_utils.py                         |   2 +-
 tests/api/endpoints/test_dir_shared_items.py | 184 +++++++++++++++++++
 tests/api/test_shares.py                     | 175 ------------------
 5 files changed, 240 insertions(+), 188 deletions(-)
 create mode 100644 tests/api/endpoints/test_dir_shared_items.py

diff --git a/seahub/api2/endpoints/dir_shared_items.py b/seahub/api2/endpoints/dir_shared_items.py
index 6f2e5f2675..28e5d85bd9 100644
--- a/seahub/api2/endpoints/dir_shared_items.py
+++ b/seahub/api2/endpoints/dir_shared_items.py
@@ -13,17 +13,24 @@ import seaserv
 from seaserv import seafile_api
 
 from seahub.api2.authentication import TokenAuthentication
+from seahub.api2.permissions import IsRepoAccessible
 from seahub.api2.utils import api_error
 from seahub.base.templatetags.seahub_tags import email2nickname
-from seahub.utils import is_org_context, is_valid_username
 from seahub.share.signals import share_repo_to_user_successful
+from seahub.share.views import check_user_share_quota
+from seahub.utils import (is_org_context, is_valid_username,
+                          send_perm_audit_msg)
+
 
 logger = logging.getLogger(__name__)
 json_content_type = 'application/json; charset=utf-8'
 
 class DirSharedItemsEndpoint(APIView):
+    """Support uniform interface(list, share, unshare, modify) for sharing
+    library/folder to users/groups.
+    """
     authentication_classes = (TokenAuthentication, SessionAuthentication)
-    permission_classes = (IsAuthenticated,)
+    permission_classes = (IsAuthenticated, IsRepoAccessible)
     throttle_classes = (UserRateThrottle, )
 
     def list_user_shared_items(self, request, repo_id, path):
@@ -64,9 +71,6 @@ class DirSharedItemsEndpoint(APIView):
             })
         return ret
 
-    # def add_user_shared_item(self, request, repo_id, path):
-    #     pass
-
     def handle_shared_to_args(self, request):
         share_type = request.GET.get('share_type', None)
         shared_to_user = False
@@ -120,6 +124,8 @@ class DirSharedItemsEndpoint(APIView):
         return sub_repo
 
     def get(self, request, repo_id, format=None):
+        """List shared items(shared to users/groups) for a folder/library.
+        """
         repo = seafile_api.get_repo(repo_id)
         if not repo:
             return api_error(status.HTTP_400_BAD_REQUEST, 'Repo not found.')
@@ -184,6 +190,9 @@ class DirSharedItemsEndpoint(APIView):
                 seafile_api.set_share_permission(shared_repo.id, username,
                                                  shared_to, permission)
 
+            send_perm_audit_msg('modify-repo-perm', username, shared_to,
+                                shared_repo.id, path, permission)
+
         if shared_to_group:
             gid = request.GET.get('group_id')
             try:
@@ -202,6 +211,9 @@ class DirSharedItemsEndpoint(APIView):
                 seafile_api.set_group_repo_permission(gid, shared_repo.id,
                                                       permission)
 
+            send_perm_audit_msg('modify-repo-perm', username, gid,
+                                shared_repo.id, path, permission)
+
         return HttpResponse(json.dumps({'success': True}), status=200,
                             content_type=json_content_type)
 
@@ -211,8 +223,6 @@ class DirSharedItemsEndpoint(APIView):
         if not repo:
             return api_error(status.HTTP_400_BAD_REQUEST, 'Repo not found.')
 
-        # TODO: perm check, quota check
-
         path = request.GET.get('p', '/')
         if seafile_api.get_dir_id_by_path(repo.id, path) is None:
             return api_error(status.HTTP_400_BAD_REQUEST, 'Directory not found.')
@@ -239,12 +249,20 @@ class DirSharedItemsEndpoint(APIView):
         if share_type == 'user':
             share_to_users = request.DATA.getlist('username')
             for to_user in share_to_users:
+                if not check_user_share_quota(username, shared_repo, users=[to_user]):
+                    return api_error(status.HTTP_403_FORBIDDEN,
+                                     'Failed to share: No enough quota.')
+
                 try:
                     if is_org_context(request):
                         org_id = request.user.org.org_id
-                        # org_share_repo(org_id, shared_repo.id, username, to_user, permission)
+                        seaserv.seafserv_threaded_rpc.org_add_share(
+                            org_id, shared_repo.id, username, to_user,
+                            permission)
                     else:
-                        seafile_api.share_repo(shared_repo.repo_id, username, to_user, permission)
+                        seafile_api.share_repo(shared_repo.id, username,
+                                               to_user, permission)
+
                     # send a signal when sharing repo successful
                     share_repo_to_user_successful.send(sender=None,
                                                        from_user=username,
@@ -258,6 +276,9 @@ class DirSharedItemsEndpoint(APIView):
                         },
                         "permission": permission
                     })
+
+                    send_perm_audit_msg('add-repo-perm', username, to_user,
+                                        shared_repo.id, path, permission)
                 except SearpcError as e:
                     logger.error(e)
                     failed.append(to_user)
@@ -274,6 +295,10 @@ class DirSharedItemsEndpoint(APIView):
                 if not group:
                     return api_error(status.HTTP_400_BAD_REQUEST, 'Group not found: %s' % gid)
 
+                if not check_user_share_quota(username, shared_repo, groups=[group]):
+                    return api_error(status.HTTP_403_FORBIDDEN,
+                                     'Failed to share: No enough quota.')
+
                 try:
                     if is_org_context(request):
                         org_id = request.user.org.org_id
@@ -283,7 +308,6 @@ class DirSharedItemsEndpoint(APIView):
                     else:
                         seafile_api.set_group_repo(shared_repo.repo_id, gid,
                                                    username, permission)
-                        # todo: perm audit msg
 
                     success.append({
                         "share_type": "group",
@@ -293,6 +317,9 @@ class DirSharedItemsEndpoint(APIView):
                         },
                         "permission": permission
                     })
+
+                    send_perm_audit_msg('add-repo-perm', username, gid,
+                                        shared_repo.id, path, permission)
                 except SearpcError as e:
                     logger.error(e)
                     failed.append(group.group_name)
@@ -335,10 +362,16 @@ class DirSharedItemsEndpoint(APIView):
 
             if is_org_context(request):
                 org_id = request.user.org.org_id
-                # org_remove_share(org_id, repo_id, from_email, shared_to)
+                seaserv.seafserv_threaded_rpc.org_remove_share(
+                    org_id, shared_repo.id, username, shared_to)
             else:
                 seaserv.remove_share(shared_repo.id, username, shared_to)
 
+            permission = seafile_api.check_permission_by_path(repo.id, path,
+                                                              shared_to)
+            send_perm_audit_msg('delete-repo-perm', username, shared_to,
+                                shared_repo.id, path, permission)
+
         if shared_to_group:
             group_id = request.GET.get('group_id')
             try:
@@ -346,11 +379,21 @@ class DirSharedItemsEndpoint(APIView):
             except ValueError:
                 return api_error(status.HTTP_400_BAD_REQUEST, 'Bad group id')
 
+            # hacky way to get group repo permission
+            permission = ''
+            for e in seafile_api.list_repo_shared_group(username, shared_repo.id):
+                if e.group_id == group_id:
+                    permission = e.perm
+                    break
+
             if is_org_context(request):
                 org_id = request.user.org.org_id
                 seaserv.del_org_group_repo(shared_repo.id, org_id, group_id)
             else:
                 seafile_api.unset_group_repo(shared_repo.id, group_id, username)
 
+            send_perm_audit_msg('delete-repo-perm', username, group_id,
+                                shared_repo.id, path, permission)
+
         return HttpResponse(json.dumps({'success': True}), status=200,
                             content_type=json_content_type)
diff --git a/seahub/api2/urls.py b/seahub/api2/urls.py
index 2a16410225..60d0e55860 100644
--- a/seahub/api2/urls.py
+++ b/seahub/api2/urls.py
@@ -41,7 +41,7 @@ urlpatterns = patterns('',
     url(r'^repos/(?P<repo_id>[-0-9-a-f]{36})/dir/$', DirView.as_view(), name='DirView'),
     url(r'^repos/(?P<repo_id>[-0-9-a-f]{36})/dir/sub_repo/$', DirSubRepoView.as_view()),
     url(r'^repos/(?P<repo_id>[-0-9-a-f]{36})/dir/share/$', DirShareView.as_view()),
-    url(r'^repos/(?P<repo_id>[-0-9-a-f]{36})/dir/shared_items/$', DirSharedItemsEndpoint.as_view()),
+    url(r'^repos/(?P<repo_id>[-0-9-a-f]{36})/dir/shared_items/$', DirSharedItemsEndpoint.as_view(), name="api2-dir-shared-items"),
     url(r'^repos/(?P<repo_id>[-0-9-a-f]{36})/dir/download/$', DirDownloadView.as_view()),
     url(r'^repos/(?P<repo_id>[-0-9-a-f]{36})/thumbnail/$', ThumbnailView.as_view(), name='api2-thumbnail'),
     url(r'^starredfiles/', StarredFileView.as_view(), name='starredfiles'),
diff --git a/seahub/test_utils.py b/seahub/test_utils.py
index 28b56ccb97..e8221e12c2 100644
--- a/seahub/test_utils.py
+++ b/seahub/test_utils.py
@@ -61,7 +61,7 @@ class Fixtures(Exam):
 
     def create_repo(self, **kwargs):
         repo_id = seafile_api.create_repo('test-repo', '',
-                                          'test@test.com', None)
+                                          self.user.username, None)
         return repo_id
 
     def remove_repo(self, repo_id=None):
diff --git a/tests/api/endpoints/test_dir_shared_items.py b/tests/api/endpoints/test_dir_shared_items.py
new file mode 100644
index 0000000000..41d396385e
--- /dev/null
+++ b/tests/api/endpoints/test_dir_shared_items.py
@@ -0,0 +1,184 @@
+import json
+
+from seaserv import seafile_api
+
+from seahub.test_utils import BaseTestCase
+
+class DirSharedItemsTest(BaseTestCase):
+    def tearDown(self):
+        self.remove_repo()
+
+    def _add_shared_items(self):
+        sub_repo_id = seafile_api.create_virtual_repo(self.repo.id,
+                                                      self.folder,
+                                                      self.repo.name, '',
+                                                      self.user.username)
+        # A user shares a folder to admin with permission 'rw'.
+        seafile_api.share_repo(sub_repo_id, self.user.username,
+                               self.admin.username, 'rw')
+        # A user shares a folder to group with permission 'rw'.
+        seafile_api.set_group_repo(sub_repo_id, self.group.id,
+                                   self.user.username, 'rw')
+
+    def test_can_list_all(self):
+        self._add_shared_items()
+        self.login_as(self.user)
+
+        resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user,group' % (
+            self.repo.id,
+            self.folder))
+
+        self.assertEqual(200, resp.status_code)
+        json_resp = json.loads(resp.content)
+        assert len(json_resp) == 2
+
+    def test_list_without_repo_permission(self):
+        self._add_shared_items()
+        self.login_as(self.admin)
+
+        resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user,group' % (
+            self.repo.id,
+            self.folder))
+
+        self.assertEqual(403, resp.status_code)
+
+    def test_can_list_without_share_type_arg(self):
+        self._add_shared_items()
+        self.login_as(self.user)
+
+        resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s' % (
+            self.repo.id,
+            self.folder))
+
+        self.assertEqual(200, resp.status_code)
+        json_resp = json.loads(resp.content)
+        assert len(json_resp) == 2
+
+    def test_can_share_folder_to_users(self):
+        self.login_as(self.user)
+
+        resp = self.client.put(
+            '/api2/repos/%s/dir/shared_items/?p=%s' % (self.repo.id,
+                                                       self.folder),
+            "share_type=user&username=a@a.com&username=b@b.com",
+            'application/x-www-form-urlencoded',
+        )
+        self.assertEqual(200, resp.status_code)
+        json_resp = json.loads(resp.content)
+        assert len(json_resp['success']) == 2
+        assert json_resp['success'][0]['permission'] == 'r'
+
+    def test_can_share_root_to_groups(self):
+        self.login_as(self.user)
+
+        grp1 = self.group
+        grp2 = self.create_group(group_name="test-grp2",
+                                 username=self.user.username)
+
+        resp = self.client.put(
+            '/api2/repos/%s/dir/shared_items/?p=/' % (self.repo.id),
+            "share_type=group&group_id=%d&group_id=%d&permission=rw" % (grp1.id, grp2.id),
+            'application/x-www-form-urlencoded',
+        )
+        self.assertEqual(200, resp.status_code)
+        json_resp = json.loads(resp.content)
+        assert len(json_resp['success']) == 2
+        assert json_resp['success'][0]['permission'] == 'rw'
+
+    def test_can_share_folder_to_groups(self):
+        self.login_as(self.user)
+
+        grp1 = self.group
+        grp2 = self.create_group(group_name="test-grp2",
+                                 username=self.user.username)
+
+        resp = self.client.put(
+            '/api2/repos/%s/dir/shared_items/?p=%s' % (self.repo.id,
+                                                       self.folder),
+            "share_type=group&group_id=%d&group_id=%d&permission=rw" % (grp1.id, grp2.id),
+            'application/x-www-form-urlencoded',
+        )
+        self.assertEqual(200, resp.status_code)
+        json_resp = json.loads(resp.content)
+        assert len(json_resp['success']) == 2
+        assert json_resp['success'][0]['permission'] == 'rw'
+
+    def test_can_modify_user_shared_repo(self):
+        self._add_shared_items()
+        self.login_as(self.user)
+
+        resp = self.client.post('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user&username=%s' % (
+            self.repo.id,
+            self.folder,
+            self.admin.username), {
+                'permission': 'r'
+            }
+        )
+        json_resp = json.loads(resp.content)
+        assert json_resp['success'] is True
+
+        resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user' % (
+            self.repo.id,
+            self.folder))
+        json_resp = json.loads(resp.content)
+        assert json_resp[0]['permission'] == 'r'
+
+    def test_can_modify_group_shared_repo(self):
+        self._add_shared_items()
+        self.login_as(self.user)
+
+        resp = self.client.post('/api2/repos/%s/dir/shared_items/?p=%s&share_type=group&group_id=%d' % (
+            self.repo.id,
+            self.folder,
+            self.group.id), {
+                'permission': 'r'
+            }
+        )
+        json_resp = json.loads(resp.content)
+        assert json_resp['success'] is True
+
+        resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s&share_type=group' % (
+            self.repo.id,
+            self.folder))
+        json_resp = json.loads(resp.content)
+        assert json_resp[0]['permission'] == 'r'
+
+    def test_can_unshare_repo_to_user(self):
+        self._add_shared_items()
+        self.login_as(self.user)
+
+        resp = self.client.delete('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user&username=%s' % (
+            self.repo.id,
+            self.folder,
+            self.admin.username
+        ))
+        self.assertEqual(200, resp.status_code)
+        json_resp = json.loads(resp.content)
+        assert json_resp['success'] is True
+
+        resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user' % (
+            self.repo.id,
+            self.folder))
+
+        json_resp = json.loads(resp.content)
+        assert len(json_resp) == 0
+
+    def test_can_unshare_repo_to_group(self):
+        self._add_shared_items()
+        self.login_as(self.user)
+
+        resp = self.client.delete('/api2/repos/%s/dir/shared_items/?p=%s&share_type=group&group_id=%d' % (
+            self.repo.id,
+            self.folder,
+            self.group.id
+        ))
+        self.assertEqual(200, resp.status_code)
+        json_resp = json.loads(resp.content)
+        assert json_resp['success'] is True
+
+        resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s&share_type=group' % (
+            self.repo.id,
+            self.folder))
+
+        json_resp = json.loads(resp.content)
+        assert len(json_resp) == 0
diff --git a/tests/api/test_shares.py b/tests/api/test_shares.py
index 09c452b384..438462bafa 100644
--- a/tests/api/test_shares.py
+++ b/tests/api/test_shares.py
@@ -1,9 +1,4 @@
 #coding: UTF-8
-import json
-
-from seaserv import seafile_api
-
-from seahub.test_utils import BaseTestCase
 from tests.common.utils import urljoin
 from tests.api.apitestbase import ApiTestBase
 from tests.api.urls import SHARED_LINKS_URL, SHARED_LIBRARIES_URL, \
@@ -32,173 +27,3 @@ class SharesApiTest(ApiTestBase):
                 self.assertIsNotNone(fileshare['token'])
                 self.assertIsNotNone(fileshare['view_cnt'])
                 self.assertIsNotNone(fileshare['path'])
-
-
-class DirSharedItemsTest(BaseTestCase):
-    def tearDown(self):
-        self.remove_repo()
-
-    def _add_shared_items(self):
-        sub_repo_id = seafile_api.create_virtual_repo(self.repo.id,
-                                                      self.folder,
-                                                      self.repo.name, '',
-                                                      self.user.username)
-        # A user shares a folder to admin with permission 'rw'.
-        seafile_api.share_repo(sub_repo_id, self.user.username,
-                               self.admin.username, 'rw')
-        # A user shares a folder to group with permission 'rw'.
-        seafile_api.set_group_repo(sub_repo_id, self.group.id,
-                                   self.user.username, 'rw')
-
-    def test_can_list_all(self):
-        self._add_shared_items()
-        self.login_as(self.user)
-
-        resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user,group' % (
-            self.repo.id,
-            self.folder))
-
-        self.assertEqual(200, resp.status_code)
-        json_resp = json.loads(resp.content)
-        assert len(json_resp) == 2
-
-    def test_can_list_without_share_type_arg(self):
-        self._add_shared_items()
-        self.login_as(self.user)
-
-        resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s' % (
-            self.repo.id,
-            self.folder))
-
-        self.assertEqual(200, resp.status_code)
-        json_resp = json.loads(resp.content)
-        assert len(json_resp) == 2
-
-    def test_can_share_folder_to_users(self):
-        self.login_as(self.user)
-
-        resp = self.client.put(
-            '/api2/repos/%s/dir/shared_items/?p=%s' % (self.repo.id,
-                                                       self.folder),
-            "share_type=user&username=a@a.com&username=b@b.com",
-            'application/x-www-form-urlencoded',
-        )
-        self.assertEqual(200, resp.status_code)
-        json_resp = json.loads(resp.content)
-        assert len(json_resp['success']) == 2
-        assert json_resp['success'][0]['permission'] == 'r'
-
-    def test_can_share_root_to_groups(self):
-        self.login_as(self.user)
-
-        grp1 = self.group
-        grp2 = self.create_group(group_name="test-grp2",
-                                 username=self.user.username)
-
-        resp = self.client.put(
-            '/api2/repos/%s/dir/shared_items/?p=/' % (self.repo.id),
-            "share_type=group&group_id=%d&group_id=%d&permission=rw" % (grp1.id, grp2.id),
-            'application/x-www-form-urlencoded',
-        )
-        self.assertEqual(200, resp.status_code)
-        json_resp = json.loads(resp.content)
-        assert len(json_resp['success']) == 2
-        assert json_resp['success'][0]['permission'] == 'rw'
-
-    def test_can_share_folder_to_groups(self):
-        self.login_as(self.user)
-
-        grp1 = self.group
-        grp2 = self.create_group(group_name="test-grp2",
-                                 username=self.user.username)
-
-        resp = self.client.put(
-            '/api2/repos/%s/dir/shared_items/?p=%s' % (self.repo.id,
-                                                       self.folder),
-            "share_type=group&group_id=%d&group_id=%d&permission=rw" % (grp1.id, grp2.id),
-            'application/x-www-form-urlencoded',
-        )
-        self.assertEqual(200, resp.status_code)
-        json_resp = json.loads(resp.content)
-        assert len(json_resp['success']) == 2
-        assert json_resp['success'][0]['permission'] == 'rw'
-
-    def test_can_modify_user_shared_repo(self):
-        self._add_shared_items()
-        self.login_as(self.user)
-
-        resp = self.client.post('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user&username=%s' % (
-            self.repo.id,
-            self.folder,
-            self.admin.username), {
-                'permission': 'r'
-            }
-        )
-        json_resp = json.loads(resp.content)
-        assert json_resp['success'] is True
-
-        resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user' % (
-            self.repo.id,
-            self.folder))
-        json_resp = json.loads(resp.content)
-        assert json_resp[0]['permission'] == 'r'
-
-    def test_can_modify_group_shared_repo(self):
-        self._add_shared_items()
-        self.login_as(self.user)
-
-        resp = self.client.post('/api2/repos/%s/dir/shared_items/?p=%s&share_type=group&group_id=%d' % (
-            self.repo.id,
-            self.folder,
-            self.group.id), {
-                'permission': 'r'
-            }
-        )
-        json_resp = json.loads(resp.content)
-        assert json_resp['success'] is True
-
-        resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s&share_type=group' % (
-            self.repo.id,
-            self.folder))
-        json_resp = json.loads(resp.content)
-        assert json_resp[0]['permission'] == 'r'
-
-    def test_can_unshare_repo_to_user(self):
-        self._add_shared_items()
-        self.login_as(self.user)
-
-        resp = self.client.delete('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user&username=%s' % (
-            self.repo.id,
-            self.folder,
-            self.admin.username
-        ))
-        self.assertEqual(200, resp.status_code)
-        json_resp = json.loads(resp.content)
-        assert json_resp['success'] is True
-
-        resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user' % (
-            self.repo.id,
-            self.folder))
-
-        json_resp = json.loads(resp.content)
-        assert len(json_resp) == 0
-
-    def test_can_unshare_repo_to_group(self):
-        self._add_shared_items()
-        self.login_as(self.user)
-
-        resp = self.client.delete('/api2/repos/%s/dir/shared_items/?p=%s&share_type=group&group_id=%d' % (
-            self.repo.id,
-            self.folder,
-            self.group.id
-        ))
-        self.assertEqual(200, resp.status_code)
-        json_resp = json.loads(resp.content)
-        assert json_resp['success'] is True
-
-        resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s&share_type=group' % (
-            self.repo.id,
-            self.folder))
-
-        json_resp = json.loads(resp.content)
-        assert len(json_resp) == 0

From eaa93960f066776da2c910c0967ca0134788fdbb Mon Sep 17 00:00:00 2001
From: llj <lingjun.li1@gmail.com>
Date: Wed, 15 Jul 2015 14:55:23 +0800
Subject: [PATCH 13/13] [dir shared items] modification

---
 seahub/templates/js/templates.html |  2 +-
 static/scripts/app/views/share.js  | 11 ++++++++++-
 2 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/seahub/templates/js/templates.html b/seahub/templates/js/templates.html
index af1e6bfb80..dc5e339d83 100644
--- a/seahub/templates/js/templates.html
+++ b/seahub/templates/js/templates.html
@@ -639,7 +639,7 @@
 <script type="text/template" id="folder-perm-item-tmpl">
     <% if (for_user) { %>
     <td>
-        <a href="{{ SITE_ROOT }}profile/<% print(encodeURIComponent(user)); %>/" target="_blank" title="<%- user %>"><%- user_name %></a>
+        <a href="{{ SITE_ROOT }}profile/<% print(encodeURIComponent(user)); %>/" target="_blank"><%- user_name %></a>
     </td>
     <% } else { %>
     <td>
diff --git a/static/scripts/app/views/share.js b/static/scripts/app/views/share.js
index dd35710a93..e51033d754 100644
--- a/static/scripts/app/views/share.js
+++ b/static/scripts/app/views/share.js
@@ -48,6 +48,15 @@ define([
                 if (!this.is_virtual && this.is_repo_owner) {
                     this.dirUserSharePanelInit();
                     this.dirGroupSharePanelInit();
+
+                    var _this = this;
+                    $(document).on('click', function(e) {
+                        var target = e.target || event.srcElement;
+                        if (!_this.$('.perm-edit-icon, .perm-toggle-select').is(target)) {
+                            _this.$('.perm').removeClass('hide');
+                            _this.$('.perm-toggle-select').addClass('hide');
+                        }
+                    });
                 }
             }
         },
@@ -594,7 +603,7 @@ define([
                         $add_item.after(new_item.el);
                     });
                     emails_input.select2("val", "");
-                    if (data.failed) {
+                    if (data.failed.length > 0) {
                         var err_msg = gettext("Failed to share to {placeholder}")
                             .replace('{placeholder}', Common.HTMLescape(data.failed.join(', ')));
                         $('.error', panel).html(err_msg).removeClass('hide');