From 24ee9fe98311ca9041a20b5f6becb9ebf7ba1198 Mon Sep 17 00:00:00 2001
From: lian <imwhatiam123@gmail.com>
Date: Wed, 15 Jul 2015 11:30:00 +0800
Subject: [PATCH] [web-api] update share link api

not use 'type' argument when create share download link
---
 seahub/api2/views.py     | 42 ++++++++++++++++++++--------------------
 seahub/views/__init__.py | 15 ++++++++++++++
 tests/api/test_shares.py | 10 ----------
 3 files changed, 36 insertions(+), 31 deletions(-)

diff --git a/seahub/api2/views.py b/seahub/api2/views.py
index 2abfab16df..082c391bff 100644
--- a/seahub/api2/views.py
+++ b/seahub/api2/views.py
@@ -78,7 +78,8 @@ from seahub.utils.file_types import IMAGE, DOCUMENT
 from seahub.utils.timeutils import utc_to_local
 from seahub.views import validate_owner, is_registered_user, \
     group_events_data, get_diff, create_default_library, get_owned_repo_list, \
-    list_inner_pub_repos, get_virtual_repos_by_owner, check_folder_permission
+    list_inner_pub_repos, get_virtual_repos_by_owner, \
+    check_folder_permission, check_file_permission
 from seahub.views.ajax import get_share_in_repo_list, get_groups_by_user, \
     get_group_repos
 from seahub.views.file import get_file_view_path_and_perm, send_file_download_msg
@@ -1961,16 +1962,10 @@ class FileSharedLinkView(APIView):
 
         if share_type.lower() == 'download':
 
-            if check_folder_permission(request, repo_id, path) is None:
+            if check_file_permission(request, repo_id, path) is None:
                 return api_error(status.HTTP_403_FORBIDDEN, 'permission denied')
 
-            # generate download link
-            link_type = request.DATA.get('type', 'f')
             expire = request.DATA.get('expire', None)
-
-            if link_type not in ('d', 'f'):
-                return api_error(status.HTTP_400_BAD_REQUEST, 'Invalid type')
-
             if expire:
                 try:
                     expire_days = int(expire)
@@ -1981,20 +1976,14 @@ class FileSharedLinkView(APIView):
             else:
                 expire_date = None
 
-            if link_type == 'f':
-                if not seafile_api.get_file_id_by_path(repo_id, path):
-                    return api_error(status.HTTP_400_BAD_REQUEST, 'Invalid path')
+            try:
+                dirent = seafile_api.get_dirent_by_path(repo_id, path)
+            except Exception as e:
+                logger.error(e)
+                return api_error(status.HTTP_400_BAD_REQUEST, 'Invalid path')
 
-                fs = FileShare.objects.get_file_link_by_path(username, repo_id, path)
-                if fs is None:
-                    fs = FileShare.objects.create_file_link(username, repo_id, path,
-                                                            password, expire_date)
-                    if is_org_context(request):
-                        org_id = request.user.org.org_id
-                        OrgFileShare.objects.set_org_file_share(org_id, fs)
-            else:
-                if not seafile_api.get_dir_id_by_path(repo_id, path):
-                    return api_error(status.HTTP_400_BAD_REQUEST, 'Invalid path')
+            if stat.S_ISDIR(dirent.mode):
+                # generate dir download link
 
                 fs = FileShare.objects.get_dir_link_by_path(username, repo_id, path)
                 if fs is None:
@@ -2004,6 +1993,17 @@ class FileSharedLinkView(APIView):
                         org_id = request.user.org.org_id
                         OrgFileShare.objects.set_org_file_share(org_id, fs)
 
+            else:
+                # generate file download link
+
+                fs = FileShare.objects.get_file_link_by_path(username, repo_id, path)
+                if fs is None:
+                    fs = FileShare.objects.create_file_link(username, repo_id, path,
+                                                            password, expire_date)
+                    if is_org_context(request):
+                        org_id = request.user.org.org_id
+                        OrgFileShare.objects.set_org_file_share(org_id, fs)
+
             token = fs.token
             shared_link = gen_shared_link(token, fs.s_type)
 
diff --git a/seahub/views/__init__.py b/seahub/views/__init__.py
index 5bf4c6aacc..e981e0357a 100644
--- a/seahub/views/__init__.py
+++ b/seahub/views/__init__.py
@@ -114,6 +114,21 @@ def check_folder_permission(request, repo_id, path):
 
     return seafile_api.check_permission_by_path(repo_id, path, username)
 
+def check_file_permission(request, repo_id, path):
+    """Check file access permission of a user, always return 'rw'
+    when repo is system repo and user is admin.
+
+    Arguments:
+    - `request`:
+    - `repo_id`:
+    - `path`:
+    """
+    username = request.user.username
+    if get_system_default_repo_id() == repo_id and request.user.is_staff:
+        return 'rw'
+
+    return seafile_api.check_permission_by_path(repo_id, path, username)
+
 def check_repo_access_permission(repo_id, user):
     """Check repo access permission of a user, always return 'rw' when repo is
     system repo and user is admin.
diff --git a/tests/api/test_shares.py b/tests/api/test_shares.py
index 4b9d84ed76..1bdfe6a3da 100644
--- a/tests/api/test_shares.py
+++ b/tests/api/test_shares.py
@@ -36,16 +36,6 @@ class FileSharedLinkApiTest(BaseTestCase):
     def tearDown(self):
         self.remove_repo()
 
-    def test_create_file_shared_link_with_invalid_type(self):
-        self.login_as(self.user)
-
-        resp = self.client.put(
-            '/api2/repos/%s/file/shared-link/' % (self.repo.id),
-            "p=%s&type=sf" % (self.file),
-            'application/x-www-form-urlencoded',
-        )
-        self.assertEqual(400, resp.status_code)
-
     def test_create_file_shared_link_with_invalid_path(self):
         self.login_as(self.user)