haiwen/seahub
1
0
Fork 0
mirror of https://github.com/haiwen/seahub.git synced 2025-09-14 14:21:23 +00:00
Code Issues Releases Wiki Activity

Merge pull request #855 from haiwen/get-post

Browse Source 
[sys-admin] change http request from "GET" to "POST"
This commit is contained in:
xiez
2015-10-22 11:37:40 +08:00
parent a9fdd106d8 3a47c427bb
commit 08f922f356
10 changed files with 147 additions and 72 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
seahub/share/templates/share/list_priv_shared_folders.html
View File

@@ -33,7 +33,7 @@
<option value="r">{% trans "Read-Only"%}</option>
{% else %}
<option value="rw">{% trans "Read-Write"%}</option>
{% endif %}
{% endif %}
</select>
</td>
<td>
@@ -45,7 +45,7 @@
{% endif %}
{% if repo.props.share_type == 'public' %}
{% if not org %}
<a href="{% url 'unsetinnerpub' repo.repo_id %}?permission={{ repo.props.permission }}" class="op-icon sf2-icon-delete vh" title="{% trans "Unshare"%}"></a>
<a href="#" data-url="{% url 'unsetinnerpub' repo.repo_id %}?permission={{ repo.props.permission }}" class="cancel-public-share op-icon sf2-icon-delete vh" title="{% trans "Unshare"%}"></a>
{% else %}
<a href="{{ SITE_ROOT }}organizations/{{ org.url_prefix }}/innerpubrepo/unset/{{ repo.props.repo_id }}" class="op-icon sf2-icon-delete vh" title="{% trans "Unshare" %}"></a>
{% endif %}
@@ -64,6 +64,7 @@
{% block extra_script %}{{block.super}}
<script type="text/javascript">
addFormPost($('.cancel-public-share'));
{% if shared_folders %}
$('.share-permission-edit-icon').click(function() {
$(this).parent().addClass('hide');
@@ -97,7 +98,7 @@ $('.share-permission-select').change(function() {
feedback("{% trans "Edit failed." %}", 'error');
select.addClass('hide');
select.prev().removeClass('hide');
}
}
});
});
// select shows, but the user doesn't select a value, or doesn't change the permission, click other place to hide the select

11
seahub/share/templates/share/repos.html
View File

@@ -20,9 +20,9 @@
{% for repo in out_repos %}
<tr data-repo_name="{{repo.props.repo_name}}" data-type="{{repo.props.share_type}}" data-repoid="{{ repo.props.repo_id }}" data-user="{{repo.props.user_info}}">
{% if repo.encrypted %}
<td><img src="{{MEDIA_URL}}img/sync-folder-encrypt-20.png" title="{% trans "Read-Write"%}" alt="{% trans "directory icon" %}" /></td>
<td><img src="{{MEDIA_URL}}img/sync-folder-encrypt-20.png" title="{% trans "Read-Write"%}" alt="{% trans "directory icon" %}" /></td>
{% else %}
<td><img src="{{MEDIA_URL}}img/sync-folder-20.png?t=1387267140" title="{% trans "Read-Write"%}" alt="{% trans "directory icon" %}" /></td>
<td><img src="{{MEDIA_URL}}img/sync-folder-20.png?t=1387267140" title="{% trans "Read-Write"%}" alt="{% trans "directory icon" %}" /></td>
{% endif %}
<td><a href="{% url 'view_common_lib_dir' repo.props.repo_id '' %}">{{ repo.props.repo_name }}</a></td>
<td title="{{ repo.props.user }}">{{ repo.props.user | email2nickname }}</td>
@@ -37,7 +37,7 @@
<option value="r">{% trans "Read-Only"%}</option>
{% else %}
<option value="rw">{% trans "Read-Write"%}</option>
{% endif %}
{% endif %}
</select>
</td>
<td>
@@ -48,7 +48,7 @@
<a href="{% url 'repo_remove_share' %}?repo_id={{ repo.props.repo_id }}&from={{ request.user.username|urlencode }}&to={{ repo.props.user|urlencode }}&permission={{ repo.props.permission }}" class="cancel-share op-icon sf2-icon-delete vh" title="{% trans "Unshare"%}"></a>
{% endif %}
{% if repo.props.share_type == 'public' %}
<a href="{% url 'unsetinnerpub' repo.repo_id %}?permission={{ repo.props.permission }}" class="cancel-share op-icon sf2-icon-delete vh" title="{% trans "Unshare"%}"></a>
<a href="#" data-url="{% url 'unsetinnerpub' repo.repo_id %}?permission={{ repo.props.permission }}" class="cancel-public-share op-icon sf2-icon-delete vh" title="{% trans "Unshare"%}"></a>
{% endif %}
</td>
</tr>
@@ -64,6 +64,7 @@
{% block extra_script %}{{block.super}}
<script type="text/javascript">
addFormPost($('.cancel-public-share'));
{% if out_repos %}
$('.share-permission-edit-icon').click(function() {
var cur_perm = $(this).parent(),
@@ -104,7 +105,7 @@ $('.share-permission-select').change(function() {
feedback("{% trans "Edit failed." %}", 'error');
select.addClass('hide');
cur_perm.removeClass('hide');
}
}
});
});
// select shows, but the user doesn't select a value, or doesn't change the permission, click other place to hide the select

22
seahub/templates/snippets/repo_del_js.html
View File

@@ -4,28 +4,28 @@ $("tr:gt(0)", $('.repo-list')).unbind().hover(
if ($('.repo-del-cfm:visible', $('.repo-list')).length == 0) {
$(this).addClass('hl');
$(this).find('.op-icon, .op').removeClass('vh');
}
},
}
},
function() {
if ($('.repo-del-cfm:visible', $('.repo-list')).length == 0) {
$(this).find('.op-icon, .op').addClass('vh');
$(this).removeClass('hl');
}
}
}
}
);
$('.repo-delete-btn').click(function() {
var op = $(this);
var cont = op.parent().css({'position': 'relative'}),
cfm;
// only show 1 popup each time.
$('.repo-del-cfm', op.parents('table')).addClass('hide');
if (cont.find('.repo-del-cfm').length == 1) {
cfm = cont.find('.repo-del-cfm');
} else {
cfm = $('#repo-del-cfm-popup').clone().removeAttr('id');
cfm = $('#repo-del-cfm-popup').clone().removeAttr('id');
cont.append(cfm);
cfm.css({'left': op.position().left, 'top': op.position().top + op.height() + 2, 'width':202});
}
@@ -37,14 +37,16 @@ $('.repo-delete-btn').click(function() {
});
$('.yes', cfm).click(function() {
$.ajax({
type: 'POST',
url: '{{ SITE_ROOT }}ajax/repo/' + op.parents('td').data('id') + '/remove/',
dataType: 'json',
beforeSend: prepareCSRFToken,
success: function(data) {
op.parents('tr').remove();
feedback("{% trans "Delete succeeded." %}", 'success');
},
},
error: ajaxErrorHandler
});
});
});
});
return false; // for <a> in some pages
});
});

20
seahub/templates/sysadmin/sys_publink_admin.html
View File

@@ -22,7 +22,7 @@
<td>{{ publink.ctime|translate_seahub_time }} </td>
<td>{{ publink.view_cnt }}</td>
<td>
<a class="op vh" href="{% url 'sys_publink_remove' %}?t={{ publink.token }}">{% trans "Remove" %}</a>
<a class="op vh rm-link" href="#" data-token="{{ publink.token }}">{% trans "Remove" %}</a>
</td>
</tr>
{% endfor %}
@@ -36,7 +36,21 @@
{% block extra_script %}
<script type="text/javascript">
$('.rm-link').click(function() {
var _this = $(this);
$.ajax({
url: '{% url 'sys_publink_remove' %}',
type: 'POST',
data: {'t': _this.attr('data-token')},
cache: false,
dataType: 'json',
beforeSend: prepareCSRFToken,
success: function() {
_this.closest('tr').remove();
},
error: ajaxErrorHandler
});
return false;
});
</script>
{% endblock %}

12
seahub/templates/sysadmin/sys_repo_trash.html
View File

@@ -59,21 +59,25 @@
{% if search_owner %}
addConfirmTo($('#repo-trash-clear'), {
'title':"{% trans 'Delete Library By Owner' %}",
'con':"{% trans "Are you sure you want to delete all %s's libraries?" %}"
'con':"{% trans "Are you sure you want to delete all %s's libraries?" %}",
'post': true // post request
});
{% else %}
addConfirmTo($('#repo-trash-clear'), {
'title':"{% trans 'Clear Trash' %}",
'con':"{% trans "Are you sure you want to clear trash?" %}"
'con':"{% trans "Are you sure you want to clear trash?" %}",
'post': true // post request
});
{% endif %}
addConfirmTo($('.repo-restore-btn'), {
'title':"{% trans 'Restore Library' %}",
'con':"{% trans "Are you sure you want to restore %s?" %}"
'con':"{% trans "Are you sure you want to restore %s?" %}",
'post': true // post request
});
addConfirmTo($('.repo-delete-btn'), {
'title':"{% trans 'Delete Library' %}",
'con':"{% trans "Are you sure you want to delete %s completely?" %}"
'con':"{% trans "Are you sure you want to delete %s completely?" %}",
'post': true // post request
});
</script>
{% endblock %}

18
seahub/templates/sysadmin/sys_virus_scan_records.html
View File

@@ -20,7 +20,7 @@
<td>{{ r.file_path }}</td>
<td>
{% if not r.has_handle %}
<a href="{% url "sys_delete_virus_scan_records" r.vid %}">{% trans "Delete" %}</a>
<a class="op vh rm-record" href="#" data-url="{% url "sys_delete_virus_scan_records" r.vid %}">{% trans "Delete" %}</a>
{% else %}
<span style="color: green;">{% trans "Handled" %}</span>
{% endif %}
@@ -35,6 +35,22 @@
{% block extra_script %}
<script>
$('.rm-record').click(function() {
var _this = $(this),
url = _this.attr('data-url');
$.ajax({
url: url,
type: 'POST',
cache: false,
dataType: 'json',
beforeSend: prepareCSRFToken,
success: function() {
_this.closest('tr').remove();
},
error: ajaxErrorHandler
});
return false;
});
</script>
{% endblock %}

29
seahub/templates/sysadmin/useradmin_js.html
View File

@@ -15,8 +15,9 @@ addConfirmTo($('.revoke-admin-btn'), {
'post': true // post request
});
addConfirmTo($('.unset-trial'), {
'title':"{% trans "Remove Trial" %}",
'con':"{% trans "Are you sure you want to remove trial for %s ?" %}"
'title':"{% trans "Remove Trial" %}",
'con':"{% trans "Are you sure you want to remove trial for %s ?" %}",
'post': true // post request
});
$('tr:gt(0)').hover(
@@ -35,26 +36,28 @@ $('.user-status-select, .user-role-select').change(function() {
var select = $(this),
select_val = select.val(),
uid = select.parents('tr').attr('data-userid'),
url;
url, data;
if (select.hasClass('user-status-select')) {
url = "{{ SITE_ROOT }}useradmin/toggle_status/" + uid + "/?s=" + select_val;
url = "{{ SITE_ROOT }}useradmin/toggle_status/" + uid + "/";
data = {'s': select_val};
} else {
url = "{{ SITE_ROOT }}useradmin/toggle_role/" + uid + "/?r=" + select_val;
url = "{{ SITE_ROOT }}useradmin/toggle_role/" + uid + "/";
data = {'r': select_val};
}
if (select_val == 1) {
// show activating popup
$('#activate-msg').modal();
$('#simplemodal-container').css({'height':'auto'});
}
$.ajax({
url: url,
type: 'GET',
type: 'POST',
dataType: 'json',
data: data,
cache: false,
beforeSend: function() {
if (select_val == 1) {
// show activating popup
$('#activate-msg').modal();
$('#simplemodal-container').css({'height':'auto'});
}
},
beforeSend: prepareCSRFToken,
success: function(data) {
if (data['email_sent']) {
feedback("{% trans "Edit succeeded, an email has been sent." %}", 'success');

21
seahub/templates/sysadmin/userinfo.html
View File

@@ -171,7 +171,7 @@
<td>{% trans "Download" %}</td>
<td>{{ link.view_cnt }}</td>
<td>
<a class="op vh" href="{% url 'sys_publink_remove' %}?t={{ link.token }}">{% trans "Remove"%}</a>
<a class="op vh rm-link" href="#" data-url="{% url 'sys_publink_remove' %}" data-token="{{ link.token }}">{% trans "Remove"%}</a>
</td>
{% else %}
<td class="alc"><img src="{{ MEDIA_URL }}img/folder-icon-24.png" alt="{% trans "Directory icon"%}" /></td>
@@ -180,7 +180,7 @@
<td>{% trans "Upload" %}</td>
<td>{{ link.view_cnt }}</td>
<td>
<a class="op vh" href="{% url 'sys_upload_link_remove' %}?t={{ link.token }}">{% trans "Remove"%}</a>
<a class="op vh rm-link" href="#" data-url="{% url 'sys_upload_link_remove' %}" data-token="{{ link.token }}">{% trans "Remove"%}</a>
</td>
{% endif %}
</tr>
@@ -199,6 +199,23 @@
{% block extra_script %}
<script type="text/javascript">
$('.rm-link').click(function() {
var _this = $(this);
$.ajax({
url: _this.attr('data-url'),
type: 'POST',
data: {'t': _this.attr('data-token')},
cache: false,
dataType: 'json',
beforeSend: prepareCSRFToken,
success: function() {
_this.closest('tr').remove();
},
error: ajaxErrorHandler
});
return false;
});
$('#set-quota').click(function() {
$("#set-quota-form").modal({appendTo: "#main"});
return false;

69
seahub/views/sysadmin.py
View File

@@ -33,7 +33,8 @@ from seahub.constants import GUEST_USER, DEFAULT_USER
from seahub.utils import IS_EMAIL_CONFIGURED, string2list, is_valid_username, \
is_pro_version, send_html_email, get_user_traffic_list, get_server_id, \
clear_token, gen_file_get_url, is_org_context
clear_token, gen_file_get_url, is_org_context, handle_virus_record, \
get_virus_record_by_id, get_virus_record
from seahub.utils.rpc import mute_seafile_api
from seahub.utils.licenseparse import parse_license
from seahub.utils.sysinfo import get_platform_name
@@ -332,6 +333,7 @@ def sys_repo_trash(request):
@login_required
@sys_staff_required
@require_POST
def sys_repo_trash_restore(request, repo_id):
"""Restore deleted repo by id"""
@@ -349,6 +351,7 @@ def sys_repo_trash_restore(request, repo_id):
@login_required
@sys_staff_required
@require_POST
def sys_repo_trash_remove(request, repo_id):
"""Remove deleted repo by id"""
@@ -366,11 +369,12 @@ def sys_repo_trash_remove(request, repo_id):
@login_required
@sys_staff_required
@require_POST
def sys_repo_trash_clear(request):
"""Clear repo trash (by owner)"""
next = reverse('sys_repo_trash')
owner = request.GET.get('owner', '')
owner = request.POST.get('owner', '')
try:
if owner:
if is_valid_username(owner):
@@ -927,6 +931,7 @@ def user_remove(request, email):
@login_required
@sys_staff_required
@require_POST
def remove_trial(request, user_or_org):
"""Remove trial account.
@@ -1024,6 +1029,7 @@ def email_user_on_activation(user):
@login_required_ajax
@sys_staff_required
@require_POST
def user_toggle_status(request, email):
content_type = 'application/json; charset=utf-8'
@@ -1032,7 +1038,7 @@ def user_toggle_status(request, email):
content_type=content_type)
try:
user_status = int(request.GET.get('s', 0))
user_status = int(request.POST.get('s', 0))
except ValueError:
user_status = 0
@@ -1065,6 +1071,7 @@ def user_toggle_status(request, email):
@login_required_ajax
@sys_staff_required
@require_POST
def user_toggle_role(request, email):
content_type = 'application/json; charset=utf-8'
@@ -1077,7 +1084,7 @@ def user_toggle_role(request, email):
content_type=content_type)
try:
user_role = request.GET.get('r', DEFAULT_USER)
user_role = request.POST.get('r', DEFAULT_USER)
except ValueError:
user_role = DEFAULT_USER
@@ -1617,35 +1624,41 @@ def sys_publink_admin(request):
},
context_instance=RequestContext(request))
@login_required
@login_required_ajax
@sys_staff_required
@require_POST
def sys_publink_remove(request):
"""Remove share links.
"""
token = request.GET.get('t')
content_type = 'application/json; charset=utf-8'
result = {}
token = request.POST.get('t')
if not token:
result = {'error': _(u"Argument missing")}
return HttpResponse(json.dumps(result), status=400, content_type=content_type)
FileShare.objects.filter(token=token).delete()
next = request.META.get('HTTP_REFERER', None)
if not next:
next = reverse('share_admin')
result = {'success': True}
return HttpResponse(json.dumps(result), content_type=content_type)
messages.success(request, _(u'Removed successfully'))
return HttpResponseRedirect(next)
@login_required
@login_required_ajax
@sys_staff_required
@require_POST
def sys_upload_link_remove(request):
"""Remove shared upload links.
"""
token = request.GET.get('t')
content_type = 'application/json; charset=utf-8'
result = {}
token = request.POST.get('t')
if not token:
result = {'error': _(u"Argument missing")}
return HttpResponse(json.dumps(result), status=400, content_type=content_type)
UploadLinkShare.objects.filter(token=token).delete()
next = request.META.get('HTTP_REFERER', None)
if not next:
next = reverse('share_admin')
messages.success(request, _(u'Removed successfully'))
return HttpResponseRedirect(next)
result = {'success': True}
return HttpResponse(json.dumps(result), content_type=content_type)
@login_required
@sys_staff_required
@@ -1818,7 +1831,6 @@ def sys_virus_scan_records(request):
current_page = 1
per_page = 100
from seahub.utils import get_virus_record
records_all = get_virus_record(start=per_page * (current_page - 1),
limit=per_page + 1)
if len(records_all) == per_page + 1:
@@ -1846,10 +1858,13 @@ def sys_virus_scan_records(request):
'page_next': page_next,
}, context_instance=RequestContext(request))
@login_required
@login_required_ajax
@sys_staff_required
@require_POST
def sys_delete_virus_scan_records(request, vid):
from seahub.utils import handle_virus_record, get_virus_record_by_id
content_type = 'application/json; charset=utf-8'
result = {}
r = get_virus_record_by_id(vid)
parent_dir = os.path.dirname(r.file_path)
@@ -1859,12 +1874,12 @@ def sys_delete_virus_scan_records(request, vid):
seafile_api.del_file(r.repo_id, parent_dir, dirent_name,
request.user.username)
handle_virus_record(vid)
messages.success(request, _('Successfully deleted.'))
result = {'success': True}
return HttpResponse(json.dumps(result), content_type=content_type)
except SearpcError as e:
logger.error(e)
messages.error(request, _('Failed to delete, please try again later.'))
return HttpResponseRedirect(reverse('sys_virus_scan_records'))
result = {'error': _(u"Failed to delete, please try again later.")}
return HttpResponse(json.dumps(result), status=500, content_type=content_type)
@login_required_ajax
@sys_staff_required

10
tests/seahub/views/test_sysadmin.py
View File

@@ -12,8 +12,9 @@ class UserToggleStatusTest(BaseTestCase):
def test_can_activate(self):
old_passwd = self.user.enc_password
resp = self.client.get(
reverse('user_toggle_status', args=[self.user.username]) + '?s=1',
resp = self.client.post(
reverse('user_toggle_status', args=[self.user.username]),
{'s': 1},
HTTP_X_REQUESTED_WITH='XMLHttpRequest'
)
self.assertEqual(200, resp.status_code)
@@ -25,8 +26,9 @@ class UserToggleStatusTest(BaseTestCase):
def test_can_deactivate(self):
old_passwd = self.user.enc_password
resp = self.client.get(
reverse('user_toggle_status', args=[self.user.username]) + '?s=0',
resp = self.client.post(
reverse('user_toggle_status', args=[self.user.username]),
{'s': 0},
HTTP_X_REQUESTED_WITH='XMLHttpRequest'
)
self.assertEqual(200, resp.status_code)