update view shared file/folder (#2391)

use SHARE_LINK_LOGIN_REQUIRED to control both preview and edit share link

seahub/share/decorators.py

@@ -5,7 +5,7 @@ from django.http import Http404
 from django.shortcuts import render
 
 from seahub.share.models import FileShare, UploadLinkShare
-from seahub.utils import normalize_cache_key, is_pro_version
+from seahub.utils import normalize_cache_key, is_pro_version, redirect_to_login
 
 def share_link_audit(func):
     def _decorated(request, token, *args, **kwargs):
@@ -56,3 +56,14 @@ def share_link_audit(func):
             assert False, 'TODO'
 
     return _decorated
+
+def share_link_login_required(func):
+
+    def _decorated(request, *args, **kwargs):
+        if not request.user.is_authenticated() \
+                and settings.SHARE_LINK_LOGIN_REQUIRED:
+            return redirect_to_login(request)
+        else:
+            return func(request, *args, **kwargs)
+
+    return _decorated

seahub/views/file.py

@@ -44,7 +44,7 @@ from seahub.auth.decorators import login_required
 from seahub.base.decorators import repo_passwd_set_required
 from seahub.base.accounts import ANONYMOUS_EMAIL
 from seahub.share.models import FileShare, check_share_link_common
-from seahub.share.decorators import share_link_audit
+from seahub.share.decorators import share_link_audit, share_link_login_required
 from seahub.wiki.utils import get_wiki_dirent
 from seahub.wiki.models import WikiDoesNotExist, WikiPageMissing
 from seahub.utils import render_error, is_org_context, \
@@ -54,8 +54,7 @@ from seahub.utils import render_error, is_org_context, \
     user_traffic_over_limit, get_file_audit_events_by_path, \
     generate_file_audit_event_type, FILE_AUDIT_ENABLED, \
     get_conf_text_ext, HAS_OFFICE_CONVERTER, PREVIEW_FILEEXT, \
-    normalize_file_path, get_service_url, redirect_to_login, \
-    OFFICE_PREVIEW_MAX_SIZE
+    normalize_file_path, get_service_url, OFFICE_PREVIEW_MAX_SIZE
 
 from seahub.utils.ip import get_remote_ip
 from seahub.utils.timeutils import utc_to_local
@@ -81,8 +80,7 @@ if HAS_OFFICE_CONVERTER:
 
 import seahub.settings as settings
 from seahub.settings import FILE_ENCODING_LIST, FILE_PREVIEW_MAX_SIZE, \
-    FILE_ENCODING_TRY_LIST, MEDIA_URL, SEAFILE_COLLAB_SERVER, ENABLE_WATERMARK, \
-    SHARE_LINK_LOGIN_REQUIRED
+    FILE_ENCODING_TRY_LIST, MEDIA_URL, SEAFILE_COLLAB_SERVER, ENABLE_WATERMARK
 
 try:
     from seahub.settings import ENABLE_OFFICE_WEB_APP
@@ -955,6 +953,7 @@ def _download_file_from_share_link(request, fileshare):
     return HttpResponseRedirect(gen_file_get_url(dl_token, filename))
 
 @share_link_audit
+@share_link_login_required
 def view_shared_file(request, fileshare):
     """
     View file via shared link.
@@ -962,14 +961,6 @@ def view_shared_file(request, fileshare):
     View raw share file if `raw` in request param.
     """
 
-    # get share link permission
-    can_download = fileshare.get_permissions()['can_download']
-    can_edit = fileshare.get_permissions()['can_edit']
-
-    if not request.user.is_authenticated():
-        if SHARE_LINK_LOGIN_REQUIRED or can_edit:
-            return redirect_to_login(request)
-
     token = fileshare.token
 
     # check if share link is encrypted
@@ -1002,6 +993,10 @@ def view_shared_file(request, fileshare):
     file_size = seafile_api.get_file_size(repo.store_id, repo.version, obj_id)
     send_file_access_msg(request, repo, path, 'share-link')
 
+    # get share link permission
+    can_download = fileshare.get_permissions()['can_download']
+    can_edit = fileshare.get_permissions()['can_edit']
+
     # download shared file
     if request.GET.get('dl', '') == '1':
         if can_download is False:
@@ -1115,13 +1110,9 @@ def view_shared_file(request, fileshare):
             })
 
 @share_link_audit
+@share_link_login_required
 def view_file_via_shared_dir(request, fileshare):
 
-    # no edit permission for folder share link
-    if not request.user.is_authenticated() \
-            and SHARE_LINK_LOGIN_REQUIRED:
-        return redirect_to_login(request)
-
     token = fileshare.token
 
     # argument check

seahub/views/repo.py

@@ -4,7 +4,6 @@ import os
 import posixpath
 import logging
 
-from django.core.urlresolvers import reverse
 from django.db.models import F
 from django.http import Http404, HttpResponseRedirect
 from django.shortcuts import render
@@ -16,7 +15,7 @@ from seaserv import seafile_api
 
 from seahub.auth.decorators import login_required
 from seahub.options.models import UserOptions, CryptoOptionNotSetError
-from seahub.share.decorators import share_link_audit
+from seahub.share.decorators import share_link_audit, share_link_login_required
 from seahub.share.models import FileShare, UploadLinkShare, \
     check_share_link_common
 from seahub.views import gen_path_link, get_repo_dirents, \
@@ -24,11 +23,11 @@ from seahub.views import gen_path_link, get_repo_dirents, \
 
 from seahub.utils import  gen_dir_share_link, \
     gen_shared_upload_link, user_traffic_over_limit, render_error, \
-    get_file_type_and_ext, redirect_to_login
+    get_file_type_and_ext
 from seahub.settings import ENABLE_UPLOAD_FOLDER, \
     ENABLE_RESUMABLE_FILEUPLOAD, ENABLE_THUMBNAIL, \
     THUMBNAIL_ROOT, THUMBNAIL_DEFAULT_SIZE, THUMBNAIL_SIZE_FOR_GRID, \
-    MAX_NUMBER_OF_FILES_FOR_FILEUPLOAD, SHARE_LINK_LOGIN_REQUIRED
+    MAX_NUMBER_OF_FILES_FOR_FILEUPLOAD
 from seahub.utils.file_types import IMAGE, VIDEO
 from seahub.thumbnail.utils import get_share_link_thumbnail_src
 from seahub.constants import HASH_URLS
@@ -154,13 +153,9 @@ def repo_history_view(request, repo_id):
 
 ########## shared dir/uploadlink
 @share_link_audit
+@share_link_login_required
 def view_shared_dir(request, fileshare):
 
-    # no edit permission for folder share link
-    if not request.user.is_authenticated() \
-            and SHARE_LINK_LOGIN_REQUIRED:
-        return redirect_to_login(request)
-
     token = fileshare.token
 
     password_check_passed, err_msg = check_share_link_common(request, fileshare)