From 0eabacf35f80fe40983f1715d86bbfb45b339738 Mon Sep 17 00:00:00 2001 From: lian Date: Thu, 20 Dec 2018 16:36:14 +0800 Subject: [PATCH] update unshare public repo api system admin can also ushare a public repo --- seahub/api2/endpoints/shared_repos.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/seahub/api2/endpoints/shared_repos.py b/seahub/api2/endpoints/shared_repos.py index b670ea6884..100b112a4e 100644 --- a/seahub/api2/endpoints/shared_repos.py +++ b/seahub/api2/endpoints/shared_repos.py @@ -220,7 +220,7 @@ class SharedRepo(APIView): """ Unshare a repo. Permission checking: - 1. Only repo owner can unshare a library. + 1. Only repo owner and system admin can unshare a publib library. """ # argument check @@ -245,7 +245,7 @@ class SharedRepo(APIView): else: repo_owner = seafile_api.get_repo_owner(repo_id) - if username != repo_owner: + if not request.user.is_staff and not username == repo_owner: error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg)