{% if is_staff or repo.share_from_me %}
-
+
{% endif %}
diff --git a/group/views.py b/group/views.py
index c37c1b0527..21dfbbea9b 100644
--- a/group/views.py
+++ b/group/views.py
@@ -6,7 +6,7 @@ from django.template import RequestContext
from auth.decorators import login_required
from seaserv import ccnet_rpc, seafserv_threaded_rpc, get_repo, \
- get_group_repoids
+ get_group_repoids, check_group_staff
from pysearpc import SearpcError
from seahub.contacts.models import Contact
@@ -53,8 +53,7 @@ def group_remove(request, group_id):
except ValueError:
return HttpResponseRedirect(reverse('group_list', args=[]))
- # Check whether use is the group staff
- if not ccnet_rpc.check_group_staff(group_id_int, request.user.username):
+ if not check_group_staff(group_id_int, request.user):
return go_permission_error(request, u'只有小组管理员有权解散小组')
try:
@@ -100,7 +99,7 @@ def group_info(request, group_id):
if not group:
return HttpResponseRedirect(reverse('group_list', args=[]))
- if ccnet_rpc.check_group_staff(group.props.id, request.user.username):
+ if check_group_staff(group.id, request.user):
is_staff = True
else:
is_staff = False
@@ -146,8 +145,7 @@ def group_members(request, group_id):
except ValueError:
return go_error(request, u'group id 不是有效参数')
- # Check whether user is the group staff
- if not ccnet_rpc.check_group_staff(group_id_int, request.user.username):
+ if not check_group_staff(group_id_int, request.user):
return go_permission_error(request, u'只有小组管理员有权管理小组')
group = ccnet_rpc.get_group(group_id_int)
@@ -207,8 +205,7 @@ def group_remove_member(request, group_id, user_name):
except ValueError:
return go_error(request, u'group id 不是有效参数')
- # Check whether user is the group staff
- if not ccnet_rpc.check_group_staff(group_id_int, request.user.username):
+ if not check_group_staff(group_id_int, request.user):
return go_permission_error(request, u'只有小组管理员有权删除成员')
if not validate_emailuser(user_name):
@@ -270,7 +267,7 @@ def group_unshare_repo(request, repo_id, group_id, from_email):
return go_error(request, u'共享失败:未加入该小组')
# Check whether user is group staff or the one share the repo
- if not ccnet_rpc.check_group_staff(group_id, from_email) and \
+ if not check_group_staff(group_id, from_email) and \
seafserv_threaded_rpc.get_group_repo_share_from(repo_id) != from_email:
return go_permission_error(request, u'取消共享失败:只有小组管理员或共享目录发布者有权取消共享')
diff --git a/templates/group.html b/templates/group.html
deleted file mode 100644
index 438c4285f9..0000000000
--- a/templates/group.html
+++ /dev/null
@@ -1,77 +0,0 @@
-{% extends "base.html" %}
-
-{% block title %}Group{% endblock %}
-
-{% block left_panel %}
-
diff --git a/thirdpart/seaserv/__init__.py b/thirdpart/seaserv/__init__.py
index 9feab701ad..09286a28eb 100644
--- a/thirdpart/seaserv/__init__.py
+++ b/thirdpart/seaserv/__init__.py
@@ -12,7 +12,7 @@ from service import get_users, get_user, get_events, count_event
from service import get_repos, get_repo, get_commits, get_branches
from service import get_binding_peerids
from service import get_ccnetuser
-from service import get_group_repoids
+from service import get_group_repoids, check_group_staff
from service import CCNET_CONF_PATH
diff --git a/thirdpart/seaserv/service.py b/thirdpart/seaserv/service.py
index a199f019d3..2455f327ab 100644
--- a/thirdpart/seaserv/service.py
+++ b/thirdpart/seaserv/service.py
@@ -412,4 +412,10 @@ def get_group_repoids(group_id=None):
repoid_list.append(repo_id)
return repoid_list
-
+def check_group_staff(group_id_int, user_or_username):
+ """Check where user is group staff"""
+ from seahub.base.accounts import CcnetUser
+ if isinstance(user_or_username, CcnetUser):
+ user_or_username = user_or_username.username
+
+ return ccnet_rpc.check_group_staff(group_id_int, user_or_username)
diff --git a/views.py b/views.py
index ef6fd055df..3ddbf62e89 100644
--- a/views.py
+++ b/views.py
@@ -16,7 +16,7 @@ from auth.tokens import default_token_generator
from seaserv import ccnet_rpc, get_groups, get_users, get_repos, \
get_repo, get_commits, get_branches, \
seafserv_threaded_rpc, seafserv_rpc, get_binding_peerids, get_ccnetuser, \
- get_group_repoids
+ get_group_repoids, check_group_staff
from pysearpc import SearpcError
from seahub.base.accounts import CcnetUser
@@ -448,7 +448,8 @@ def myhome(request):
owned_repos = seafserv_threaded_rpc.list_owned_repos(email)
# Repos that are share to me
- in_repos = seafserv_threaded_rpc.list_share_repos(request.user.username, 'to_email', -1, -1)
+ in_repos = seafserv_threaded_rpc.list_share_repos(request.user.username,
+ 'to_email', -1, -1)
# handle share repo request
if request.method == 'POST':
@@ -681,21 +682,33 @@ def seafile_access_check(request):
@login_required
def repo_remove_share(request):
+ """
+ If repo is shared from one person to another person, only these two peson
+ can remove share.
+ If repo is shared from one person to a group, then only the one share the
+ repo and group staff can remove share.
+ """
repo_id = request.GET.get('repo_id', '')
group_id = request.GET.get('gid')
- from_email = request.user.username
+ from_email = request.GET.get('from', '')
# if request params don't have 'gid', then remove repos that share to
# to other person; else, remove repos that share to groups
if not group_id:
- to_email = request.GET.get('to_email', '')
+ to_email = request.GET.get('to', '')
+ if request.user.username != from_email and \
+ request.user.username != to_email:
+ return go_permission_error(request, u'取消共享失败')
seafserv_threaded_rpc.remove_share(repo_id, from_email, to_email)
else:
try:
group_id_int = int(group_id)
except:
return go_error(request, u'group id 不是有效参数')
-
+
+ if not check_group_staff(group_id_int, request.user) \
+ and request.user.username != from_email:
+ return go_permission_error(request, u'取消共享失败')
from seahub.group.views import group_unshare_repo
group_unshare_repo(request, repo_id, group_id_int, from_email)