Fix bug in orgadmin remove group

group/views.py

@@ -50,9 +50,13 @@ def group_list(request):
 @login_required
 def group_remove(request, group_id):
     """
-    Remove group from groupadmin page. Only sys admin or org admin can perform
-    this operation.
+    Remove group from groupadmin page. Only system admin can perform this
+    operation.
     """
+    # Check whether user is system admin.
+    if not request.user.is_staff:
+        return render_permission_error(request, u'只有管理员有权删除小组')
+        
     # Request header may missing HTTP_REFERER, we need to handle that case.
     next = request.META.get('HTTP_REFERER', None)
     if not next:
@@ -63,23 +67,9 @@ def group_remove(request, group_id):
     except ValueError:
         return HttpResponseRedirect(next)
 
-    # Check whether user is sys_admin or org_admin
-    is_sys_staff = request.user.is_staff
-    if request.user.org and request.user.org['is_staff']:
-        is_org_staff = True
-    else:
-        is_org_staff = False
-        
-    if not is_sys_staff and not is_org_staff:
-        return render_permission_error(request, u'只有管理员有权删除小组')
-
     try:
         ccnet_threaded_rpc.remove_group(group_id_int, request.user.username)
         seafserv_threaded_rpc.remove_repo_group(group_id_int, None)
-
-        if request.user.org:
-            org_id = request.user.org['org_id']
-            ccnet_threaded_rpc.remove_org_group(org_id, group_id_int)
     except SearpcError, e:
         return render_error(request, e.msg)
 

organizations/templates/organizations/org_group_admin.html

@@ -18,7 +18,7 @@
         <td><a href="{{ SITE_ROOT }}group/{{ group.props.id }}/">{{ group.props.group_name }}</a></td>
         <td>{{ group.props.creator_name }}</td>
         <td>{{ group.props.timestamp|tsstr_sec }}</td>
-        <td><button data="{{ SITE_ROOT}}group/{{ group.id }}/?op=delete&src=orggroupadmin" class="group-remove-btn">删除</button></td>
+        <td><button data="{{ SITE_ROOT}}organizations/{{ org.url_prefix }}/group/remove/{{ group.id }}/" class="group-remove-btn">删除</button></td>
     </tr>
     {% endfor %}
 </table>

organizations/urls.py

@@ -17,4 +17,5 @@ urlpatterns = patterns('',
     url(r'^(?P<url_prefix>[^/]+)/useradmin/$', org_useradmin, name='org_useradmin'),
     url(r'^(?P<url_prefix>[^/]+)/useradmin/remove/(?P<user>[^/]+)/$', org_user_remove, name='org_user_remove'),
     url(r'^(?P<url_prefix>[^/]+)/groupadmin/$', org_group_admin, name='org_groupadmin'),
+    url(r'^(?P<url_prefix>[^/]+)/group/remove/(?P<group_id>[\d]+)/$', org_group_remove, name='org_group_remove'),
 )

organizations/views.py

@@ -12,10 +12,11 @@ from django.template import Context, loader, RequestContext
 
 from auth.decorators import login_required
 from pysearpc import SearpcError
-from seaserv import ccnet_threaded_rpc, get_orgs_by_user, get_org_repos, \
+from seaserv import ccnet_threaded_rpc, seafserv_threaded_rpc, \
+    get_orgs_by_user, get_org_repos, \
     get_org_by_url_prefix, create_org, get_user_current_org, add_org_user, \
     get_ccnetuser, remove_org_user, get_org_groups, is_valid_filename, \
-    create_org_repo
+    create_org_repo, is_org_group
 
 from decorators import org_staff_required
 from forms import OrgCreateForm
@@ -345,3 +346,29 @@ def org_group_admin(request, url_prefix):
             'page_next': page_next,
             }, context_instance=RequestContext(request))
 
+@login_required
+@org_staff_required
+def org_group_remove(request, url_prefix, group_id):
+    # Request header may missing HTTP_REFERER, we need to handle that case.
+    next = request.META.get('HTTP_REFERER', None)
+    if not next:
+        next = seahub_settings.SITE_ROOT
+        
+    try:
+        group_id_int = int(group_id)
+    except ValueError:
+        return HttpResponseRedirect(next)
+
+    # Check whether is the org group.
+    org_id = is_org_group(group_id_int)
+    if request.user.org['org_id'] != org_id:
+        return render_permission_error('该小组不属于当前团体')
+
+    try:
+        ccnet_threaded_rpc.remove_group(group_id_int, request.user.username)
+        seafserv_threaded_rpc.remove_repo_group(group_id_int, None)
+        ccnet_threaded_rpc.remove_org_group(org_id, group_id_int)
+    except SearpcError, e:
+        return render_error(request, e.msg)
+        
+    return HttpResponseRedirect(next)

thirdpart/seaserv/__init__.py

@@ -5,7 +5,7 @@ from service import ccnet_rpc, monitor_rpc, seafserv_rpc, \
 from service import send_command
 from service import get_ccnetuser, get_emailusers
 from service import get_org_groups, get_personal_groups, get_group_repoids, \
-    check_group_staff, remove_group_user, get_group
+    check_group_staff, remove_group_user, get_group, is_org_group
 from service import get_repos, get_repo, get_commits, get_branches, \
     get_org_repos, is_repo_owner, create_org_repo
 from service import get_binding_peerids, is_valid_filename

thirdpart/seaserv/service.py

@@ -168,7 +168,19 @@ def get_personal_groups(email):
             personal_groups.append(group)
             
     return personal_groups
-    
+
+def is_org_group(group_id):
+    """
+    If a group is org group, returns org id which is > 0.
+    Arguments:
+    - `group_id`:
+    """
+    try:
+        org_id = ccnet_threaded_rpc.is_org_group(group_id)
+    except SearpcError:
+        org_id = 0
+    return org_id
+
 def create_org(org_name, url_prefix, username):
     ccnet_threaded_rpc.create_org(org_name, url_prefix, username)