From 09a0640481ea018d07127c9bac41be460004bf7d Mon Sep 17 00:00:00 2001 From: xiez Date: Sat, 4 Aug 2012 11:00:04 +0800 Subject: [PATCH] Fix bug in orgadmin remove group --- group/views.py | 22 ++++--------- .../organizations/org_group_admin.html | 2 +- organizations/urls.py | 1 + organizations/views.py | 31 +++++++++++++++++-- thirdpart/seaserv/__init__.py | 2 +- thirdpart/seaserv/service.py | 14 ++++++++- 6 files changed, 51 insertions(+), 21 deletions(-) diff --git a/group/views.py b/group/views.py index 27e30a5d1d..1933042f53 100644 --- a/group/views.py +++ b/group/views.py @@ -50,9 +50,13 @@ def group_list(request): @login_required def group_remove(request, group_id): """ - Remove group from groupadmin page. Only sys admin or org admin can perform - this operation. + Remove group from groupadmin page. Only system admin can perform this + operation. """ + # Check whether user is system admin. + if not request.user.is_staff: + return render_permission_error(request, u'只有管理员有权删除小组') + # Request header may missing HTTP_REFERER, we need to handle that case. next = request.META.get('HTTP_REFERER', None) if not next: @@ -63,23 +67,9 @@ def group_remove(request, group_id): except ValueError: return HttpResponseRedirect(next) - # Check whether user is sys_admin or org_admin - is_sys_staff = request.user.is_staff - if request.user.org and request.user.org['is_staff']: - is_org_staff = True - else: - is_org_staff = False - - if not is_sys_staff and not is_org_staff: - return render_permission_error(request, u'只有管理员有权删除小组') - try: ccnet_threaded_rpc.remove_group(group_id_int, request.user.username) seafserv_threaded_rpc.remove_repo_group(group_id_int, None) - - if request.user.org: - org_id = request.user.org['org_id'] - ccnet_threaded_rpc.remove_org_group(org_id, group_id_int) except SearpcError, e: return render_error(request, e.msg) diff --git a/organizations/templates/organizations/org_group_admin.html b/organizations/templates/organizations/org_group_admin.html index 0f28fab920..3d2d344dca 100644 --- a/organizations/templates/organizations/org_group_admin.html +++ b/organizations/templates/organizations/org_group_admin.html @@ -18,7 +18,7 @@ {{ group.props.group_name }} {{ group.props.creator_name }} {{ group.props.timestamp|tsstr_sec }} - + {% endfor %} diff --git a/organizations/urls.py b/organizations/urls.py index b10d46b08b..70efb10055 100644 --- a/organizations/urls.py +++ b/organizations/urls.py @@ -17,4 +17,5 @@ urlpatterns = patterns('', url(r'^(?P[^/]+)/useradmin/$', org_useradmin, name='org_useradmin'), url(r'^(?P[^/]+)/useradmin/remove/(?P[^/]+)/$', org_user_remove, name='org_user_remove'), url(r'^(?P[^/]+)/groupadmin/$', org_group_admin, name='org_groupadmin'), + url(r'^(?P[^/]+)/group/remove/(?P[\d]+)/$', org_group_remove, name='org_group_remove'), ) diff --git a/organizations/views.py b/organizations/views.py index f4f90d78b5..83cc8b5d67 100644 --- a/organizations/views.py +++ b/organizations/views.py @@ -12,10 +12,11 @@ from django.template import Context, loader, RequestContext from auth.decorators import login_required from pysearpc import SearpcError -from seaserv import ccnet_threaded_rpc, get_orgs_by_user, get_org_repos, \ +from seaserv import ccnet_threaded_rpc, seafserv_threaded_rpc, \ + get_orgs_by_user, get_org_repos, \ get_org_by_url_prefix, create_org, get_user_current_org, add_org_user, \ get_ccnetuser, remove_org_user, get_org_groups, is_valid_filename, \ - create_org_repo + create_org_repo, is_org_group from decorators import org_staff_required from forms import OrgCreateForm @@ -345,3 +346,29 @@ def org_group_admin(request, url_prefix): 'page_next': page_next, }, context_instance=RequestContext(request)) +@login_required +@org_staff_required +def org_group_remove(request, url_prefix, group_id): + # Request header may missing HTTP_REFERER, we need to handle that case. + next = request.META.get('HTTP_REFERER', None) + if not next: + next = seahub_settings.SITE_ROOT + + try: + group_id_int = int(group_id) + except ValueError: + return HttpResponseRedirect(next) + + # Check whether is the org group. + org_id = is_org_group(group_id_int) + if request.user.org['org_id'] != org_id: + return render_permission_error('该小组不属于当前团体') + + try: + ccnet_threaded_rpc.remove_group(group_id_int, request.user.username) + seafserv_threaded_rpc.remove_repo_group(group_id_int, None) + ccnet_threaded_rpc.remove_org_group(org_id, group_id_int) + except SearpcError, e: + return render_error(request, e.msg) + + return HttpResponseRedirect(next) diff --git a/thirdpart/seaserv/__init__.py b/thirdpart/seaserv/__init__.py index 6a5b3dffcd..b09e4a56b1 100644 --- a/thirdpart/seaserv/__init__.py +++ b/thirdpart/seaserv/__init__.py @@ -5,7 +5,7 @@ from service import ccnet_rpc, monitor_rpc, seafserv_rpc, \ from service import send_command from service import get_ccnetuser, get_emailusers from service import get_org_groups, get_personal_groups, get_group_repoids, \ - check_group_staff, remove_group_user, get_group + check_group_staff, remove_group_user, get_group, is_org_group from service import get_repos, get_repo, get_commits, get_branches, \ get_org_repos, is_repo_owner, create_org_repo from service import get_binding_peerids, is_valid_filename diff --git a/thirdpart/seaserv/service.py b/thirdpart/seaserv/service.py index b8f9f41bc3..2a272d7280 100644 --- a/thirdpart/seaserv/service.py +++ b/thirdpart/seaserv/service.py @@ -168,7 +168,19 @@ def get_personal_groups(email): personal_groups.append(group) return personal_groups - + +def is_org_group(group_id): + """ + If a group is org group, returns org id which is > 0. + Arguments: + - `group_id`: + """ + try: + org_id = ccnet_threaded_rpc.is_org_group(group_id) + except SearpcError: + org_id = 0 + return org_id + def create_org(org_name, url_prefix, username): ccnet_threaded_rpc.create_org(org_name, url_prefix, username)