haiwen/seahub
1
0
Fork 0
mirror of https://github.com/haiwen/seahub.git synced 2025-09-26 07:22:34 +00:00
Code Issues Releases Wiki Activity

[web-api] update share link api

Browse Source 
not use 'type' argument when create share download link
This commit is contained in:
lian
2015-07-15 11:30:00 +08:00
parent 986a07d0cf
commit 24ee9fe983
3 changed files with 36 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
seahub/api2/views.py
View File

@@ -78,7 +78,8 @@ from seahub.utils.file_types import IMAGE, DOCUMENT
from seahub.utils.timeutils import utc_to_local from seahub.utils.timeutils import utc_to_local
from seahub.views import validate_owner, is_registered_user, \ from seahub.views import validate_owner, is_registered_user, \
group_events_data, get_diff, create_default_library, get_owned_repo_list, \ group_events_data, get_diff, create_default_library, get_owned_repo_list, \
list_inner_pub_repos, get_virtual_repos_by_owner, check_folder_permission list_inner_pub_repos, get_virtual_repos_by_owner, \
check_folder_permission, check_file_permission
from seahub.views.ajax import get_share_in_repo_list, get_groups_by_user, \ from seahub.views.ajax import get_share_in_repo_list, get_groups_by_user, \
get_group_repos get_group_repos
from seahub.views.file import get_file_view_path_and_perm, send_file_download_msg from seahub.views.file import get_file_view_path_and_perm, send_file_download_msg
@@ -1961,16 +1962,10 @@ class FileSharedLinkView(APIView):
if share_type.lower() == 'download': if share_type.lower() == 'download':
if check_folder_permission(request, repo_id, path) is None: if check_file_permission(request, repo_id, path) is None:
return api_error(status.HTTP_403_FORBIDDEN, 'permission denied') return api_error(status.HTTP_403_FORBIDDEN, 'permission denied')
# generate download link
link_type = request.DATA.get('type', 'f')
expire = request.DATA.get('expire', None) expire = request.DATA.get('expire', None)
if link_type not in ('d', 'f'):
return api_error(status.HTTP_400_BAD_REQUEST, 'Invalid type')
if expire: if expire:
try: try:
expire_days = int(expire) expire_days = int(expire)
@@ -1981,20 +1976,14 @@ class FileSharedLinkView(APIView):
else: else:
expire_date = None expire_date = None
if link_type == 'f': try:
if not seafile_api.get_file_id_by_path(repo_id, path): dirent = seafile_api.get_dirent_by_path(repo_id, path)
return api_error(status.HTTP_400_BAD_REQUEST, 'Invalid path') except Exception as e:
logger.error(e)
return api_error(status.HTTP_400_BAD_REQUEST, 'Invalid path')
fs = FileShare.objects.get_file_link_by_path(username, repo_id, path) if stat.S_ISDIR(dirent.mode):
if fs is None: # generate dir download link
fs = FileShare.objects.create_file_link(username, repo_id, path,
password, expire_date)
if is_org_context(request):
org_id = request.user.org.org_id
OrgFileShare.objects.set_org_file_share(org_id, fs)
else:
if not seafile_api.get_dir_id_by_path(repo_id, path):
return api_error(status.HTTP_400_BAD_REQUEST, 'Invalid path')
fs = FileShare.objects.get_dir_link_by_path(username, repo_id, path) fs = FileShare.objects.get_dir_link_by_path(username, repo_id, path)
if fs is None: if fs is None:
@@ -2004,6 +1993,17 @@ class FileSharedLinkView(APIView):
org_id = request.user.org.org_id org_id = request.user.org.org_id
OrgFileShare.objects.set_org_file_share(org_id, fs) OrgFileShare.objects.set_org_file_share(org_id, fs)
else:
# generate file download link
fs = FileShare.objects.get_file_link_by_path(username, repo_id, path)
if fs is None:
fs = FileShare.objects.create_file_link(username, repo_id, path,
password, expire_date)
if is_org_context(request):
org_id = request.user.org.org_id
OrgFileShare.objects.set_org_file_share(org_id, fs)
token = fs.token token = fs.token
shared_link = gen_shared_link(token, fs.s_type) shared_link = gen_shared_link(token, fs.s_type)

15
seahub/views/__init__.py
View File

@@ -114,6 +114,21 @@ def check_folder_permission(request, repo_id, path):
return seafile_api.check_permission_by_path(repo_id, path, username) return seafile_api.check_permission_by_path(repo_id, path, username)
def check_file_permission(request, repo_id, path):
"""Check file access permission of a user, always return 'rw'
when repo is system repo and user is admin.
Arguments:
- `request`:
- `repo_id`:
- `path`:
"""
username = request.user.username
if get_system_default_repo_id() == repo_id and request.user.is_staff:
return 'rw'
return seafile_api.check_permission_by_path(repo_id, path, username)
def check_repo_access_permission(repo_id, user): def check_repo_access_permission(repo_id, user):
"""Check repo access permission of a user, always return 'rw' when repo is """Check repo access permission of a user, always return 'rw' when repo is
system repo and user is admin. system repo and user is admin.

10
tests/api/test_shares.py
View File

@@ -36,16 +36,6 @@ class FileSharedLinkApiTest(BaseTestCase):
def tearDown(self): def tearDown(self):
self.remove_repo() self.remove_repo()
def test_create_file_shared_link_with_invalid_type(self):
self.login_as(self.user)
resp = self.client.put(
'/api2/repos/%s/file/shared-link/' % (self.repo.id),
"p=%s&type=sf" % (self.file),
'application/x-www-form-urlencoded',
)
self.assertEqual(400, resp.status_code)
def test_create_file_shared_link_with_invalid_path(self): def test_create_file_shared_link_with_invalid_path(self):
self.login_as(self.user) self.login_as(self.user)