haiwen/seahub
1
0
Fork 0
mirror of https://github.com/haiwen/seahub.git synced 2025-09-19 18:29:23 +00:00
Code Issues Releases Wiki Activity

Change wiki perm (#2269)

Browse Source
This commit is contained in:
C_Q
2018-08-10 17:21:32 +08:00
committed by Daniel Pan
parent 7bd164f0e1
commit 2d688db5e2
6 changed files with 21 additions and 106 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
frontend/src/wiki.js
View File

@@ -103,7 +103,7 @@ class Wiki extends Component {
}) })
}) })
let fileUrl = '/wikis/' + slug + filePath; let fileUrl = siteRoot + 'wikis/' + slug + filePath;
window.history.pushState({urlPath: fileUrl, filePath: filePath}, filePath, fileUrl); window.history.pushState({urlPath: fileUrl, filePath: filePath}, filePath, fileUrl);
} }

4
seahub/api2/endpoints/wiki_pages.py
View File

@@ -220,7 +220,7 @@ class WikiPagesDirView(APIView):
return api_error(status.HTTP_404_NOT_FOUND, error_msg) return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# perm check # perm check
if not wiki.has_read_perm(request.user): if not wiki.check_access_wiki(request):
error_msg = "Permission denied" error_msg = "Permission denied"
return api_error(status.HTTP_403_FORBIDDEN, error_msg) return api_error(status.HTTP_403_FORBIDDEN, error_msg)
@@ -261,7 +261,7 @@ class WikiPageContentView(APIView):
return api_error(status.HTTP_404_NOT_FOUND, error_msg) return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# perm check # perm check
if not wiki.has_read_perm(request.user): if not wiki.check_access_wiki(request):
error_msg = 'Permission denied.' error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg) return api_error(status.HTTP_403_FORBIDDEN, error_msg)

8
seahub/api2/endpoints/wikis.py
View File

@@ -86,19 +86,13 @@ class WikisView(APIView):
msg = _('Name can only contain letters, numbers, blank, hyphen or underscore.') msg = _('Name can only contain letters, numbers, blank, hyphen or underscore.')
return api_error(status.HTTP_400_BAD_REQUEST, msg) return api_error(status.HTTP_400_BAD_REQUEST, msg)
permission = request.POST.get('permission', '').lower()
if permission not in [x[0] for x in Wiki.PERM_CHOICES]:
msg = 'Permission invalid'
return api_error(status.HTTP_400_BAD_REQUEST, msg)
org_id = -1 org_id = -1
if is_org_context(request): if is_org_context(request):
org_id = request.user.org.org_id org_id = request.user.org.org_id
username = request.user.username username = request.user.username
try: try:
wiki = Wiki.objects.add(name, username, permission=permission, wiki = Wiki.objects.add(name, username, org_id=org_id)
org_id=org_id)
except DuplicateWikiNameError: except DuplicateWikiNameError:
msg = _('%s is taken by others, please try another name.') % name msg = _('%s is taken by others, please try another name.') % name
return api_error(status.HTTP_400_BAD_REQUEST, msg) return api_error(status.HTTP_400_BAD_REQUEST, msg)

93
seahub/templates/wiki/wiki_list.html
View File

@@ -15,8 +15,7 @@
<table class="wiki-list hide"> <table class="wiki-list hide">
<thead> <thead>
<tr> <tr>
<td width="30%">{% trans "Name" %}</td> <td width="50%">{% trans "Name" %}</td>
<td width="20%">{% trans "Permission" %}</td>
<td width="20%">{% trans "Owner" %}</td> <td width="20%">{% trans "Owner" %}</td>
<td width="20%">{% trans "Last Update" %}</td> <td width="20%">{% trans "Last Update" %}</td>
<td width="10%"><!-- operation --></td> <td width="10%"><!-- operation --></td>
@@ -34,12 +33,6 @@
<h3 id="dialogTitle">{% trans "New Wiki" %}</h3> <h3 id="dialogTitle">{% trans "New Wiki" %}</h3>
<label for="wiki-name">{% trans "Name" %}</label><br/> <label for="wiki-name">{% trans "Name" %}</label><br/>
<input type="text" name="name" value="" maxlength="{{max_file_name}}" class="input" id="wiki-name" /><br /> <input type="text" name="name" value="" maxlength="{{max_file_name}}" class="input" id="wiki-name" /><br />
<label for="wiki-permission">{% trans "Permission" %}</label><br/>
<select name="permission" id="wiki-permission" class="w100">
<option value="private" selected="selected">{% trans "private" %}</option>
<option value="login-user">{% trans "logged-in users" %}</option>
<option value="public">{% trans "public" %}</option>
</select><br />
<p class="error hide"></p> <p class="error hide"></p>
<button type="submit" class="submit">{% trans "Submit" %}</button> <button type="submit" class="submit">{% trans "Submit" %}</button>
</form> </form>
@@ -51,15 +44,6 @@
<a href="<%= link %>"><%- name %></a> <a href="<%= link %>"><%- name %></a>
<span> <span>
</td> </td>
<td>
<span class="cur-perm"><%= permission_text %></span>
<a href="#" title="{% trans "Edit" %}" class="perm-edit-icon sf2-icon-edit op-icon vh"></a>
<select class="perm-select select-white hide">
<option value="private" <% if (permission == 'private') { %>selected="selected"<% } %>>{% trans "private" %}</option>
<option value="login-user" <% if (permission == 'login-user') { %>selected="selected"<% } %>>{% trans "logged-in users" %}</option>
<option value="public" <% if (permission == 'public') { %>selected="selected"<% } %>>{% trans "public" %}</option>
</select>
</td>
<td><a href="<%= owner_profile_url %>"><%- owner_nickname %></a></td> <td><a href="<%= owner_profile_url %>"><%- owner_nickname %></a></td>
<td title="<%= update_time %>"><%= update_time_from_now %></td> <td title="<%= update_time %>"><%= update_time_from_now %></td>
<td class="wiki-op"> <td class="wiki-op">
@@ -130,8 +114,7 @@ $('#new-wiki').on('click', function() {
$('#new-wiki-form').on('submit', function () { $('#new-wiki-form').on('submit', function () {
var $form = $(this), var $form = $(this),
$error = $('.error', $form), $error = $('.error', $form),
name = $('[name="name"]', $form).val(), name = $('[name="name"]', $form).val();
permission = $('[name="permission"]', $form).val();
var $table = $('table'), var $table = $('table'),
$tbody = $('tbody'), $tbody = $('tbody'),
$emptyTips = $('.empty-tips'); $emptyTips = $('.empty-tips');
@@ -152,7 +135,6 @@ $('#new-wiki-form').on('submit', function () {
beforeSend: prepareCSRFToken, beforeSend: prepareCSRFToken,
data: { data: {
'name': name, 'name': name,
'permission': permission
}, },
success: function(data) { success: function(data) {
$.modal.close(); $.modal.close();
@@ -193,13 +175,6 @@ var wiki = {
tmpl: _.template($('#wiki-tmpl').html()), tmpl: _.template($('#wiki-tmpl').html()),
render: function(obj) { render: function(obj) {
var getPermText = function(data) {
switch(data) {
case 'private': return "{% trans "private" %}";
case 'login-user': return "{% trans "logged-in users" %}";
case 'public': return "{% trans "public" %}";
}
};
var update_time, update_time_from_now; var update_time, update_time_from_now;
if (obj.updated_at) { if (obj.updated_at) {
@@ -212,7 +187,6 @@ var wiki = {
} }
var data = $.extend({}, obj, { var data = $.extend({}, obj, {
'permission_text': getPermText(obj.permission),
'owner_profile_url': '{{SITE_ROOT}}profile/' + encodeURIComponent(obj.owner) + '/', 'owner_profile_url': '{{SITE_ROOT}}profile/' + encodeURIComponent(obj.owner) + '/',
'update_time': update_time, 'update_time': update_time,
'update_time_from_now': update_time_from_now 'update_time_from_now': update_time_from_now
@@ -249,36 +223,6 @@ var wiki = {
}); });
}, },
editPerm: function(options) {
var slug = options.slug,
perm = options.perm,
$el = options.$el;
$.ajax({
url: '{{SITE_ROOT}}api/v2.1/wikis/' + encodeURIComponent(slug) + '/',
type: 'PUT',
cache: false,
data: {'permission': perm},
beforeSend: prepareCSRFToken,
success: function(data) {
$el.replaceWith(wiki.render(data));
feedback("{% trans "Successfully edited the permission." %}", 'success');
},
error: function(xhr) {
var error_msg;
if (xhr.responseText) {
try {
error_msg = JSON.parse(xhr.responseText).error_msg;
} catch(e) {
error_msg = "{% trans "Error" %}";
}
} else {
error_msg = "{% trans "Please check the network." %}";
}
feedback(error_msg, 'error');
}
});
},
setLocale: function() { setLocale: function() {
var lang_code = '{{LANGUAGE_CODE}}'; var lang_code = '{{LANGUAGE_CODE}}';
var m_lang_code; var m_lang_code;
@@ -316,8 +260,6 @@ var wikiListController = {
$wikiList.on('click', '.wiki-dropdown-toggle', $.proxy(_this.showWikiMenu, _this)); $wikiList.on('click', '.wiki-dropdown-toggle', $.proxy(_this.showWikiMenu, _this));
$wikiList.on('click', '.delete-wiki', $.proxy(_this.deleteCurrentWiki, _this)); $wikiList.on('click', '.delete-wiki', $.proxy(_this.deleteCurrentWiki, _this));
$wikiList.on('click', '.rename-wiki', $.proxy(_this.showRenameTmpl, _this)); $wikiList.on('click', '.rename-wiki', $.proxy(_this.showRenameTmpl, _this));
$wikiList.on('click', '.perm-edit-icon', $.proxy(_this.showPremSelection, _this));
$wikiList.on('change', '.perm-select', $.proxy(_this.changePermSelected, _this));
//handle menu event; //handle menu event;
$(document).on('click', function(event){ $(document).on('click', function(event){
@@ -333,41 +275,10 @@ var wikiListController = {
} }
return true; return true;
}) })
//handle perm event
$(document).on('click', function(e) {
var target = e.target || event.srcElement;
if (!$('.perm-edit-icon, .perm-select', $wikiList).is(target)) {
$('.cur-perm, .perm-edit-icon', $wikiList).show();
$('.perm-select', $wikiList).hide();
}
});
}, },
showOwnerInfo: function(){}, showOwnerInfo: function(){},
showPremSelection: function(event) {
var target = event.target || event.srcElement;
var $el = $(target).closest('tr');
$('.cur-perm, .perm-edit-icon', $el).hide();
$('.perm-select', $el).show();
return false;
},
changePermSelected: function(event) {
var target = event.target || event.srcElement;
var perm = $(target).val();
var $el = $(target).closest('tr');
var slug = $el.attr('data-slug');
wiki.editPerm({
$el: $el,
slug: slug,
perm: perm
});
},
showWikiMenu: function(event) { showWikiMenu: function(event) {
var target = event.target || event.srcElement; var target = event.target || event.srcElement;
var $wikiMenu = $(target).parent().find('.sf-dropdown-menu'); var $wikiMenu = $(target).parent().find('.sf-dropdown-menu');

11
seahub/wiki/models.py
View File

@@ -11,7 +11,6 @@ from seahub.utils import get_site_scheme_and_netloc
from seahub.utils.timeutils import (timestamp_to_isoformat_timestr, from seahub.utils.timeutils import (timestamp_to_isoformat_timestr,
datetime_to_isoformat_timestr) datetime_to_isoformat_timestr)
class WikiDoesNotExist(Exception): class WikiDoesNotExist(Exception):
pass pass
@@ -134,6 +133,16 @@ class Wiki(models.Model):
else: # private else: # private
return True if user.username == self.username else False return True if user.username == self.username else False
def check_access_wiki(self, request):
from seahub.views import check_folder_permission
if request.user.is_authenticated() and check_folder_permission(
request, self.repo_id, '/') is not None:
return True
else:
return False
def to_dict(self): def to_dict(self):
return { return {
'id': self.pk, 'id': self.pk,

9
seahub/wiki/views.py
View File

@@ -48,11 +48,12 @@ def slug(request, slug, file_path="home.md"):
# perm check # perm check
req_user = request.user.username req_user = request.user.username
if not req_user and not wiki.has_read_perm(request.user):
if not req_user:
return redirect('auth_login') return redirect('auth_login')
else:
if not wiki.has_read_perm(request.user): if not wiki.check_access_wiki(request):
return render_permission_error(request, _(u'Unable to view wiki')) return render_permission_error(request, _(u'Unable to view wiki'))
file_type, ext = get_file_type_and_ext(posixpath.basename(file_path)) file_type, ext = get_file_type_and_ext(posixpath.basename(file_path))
if file_type == IMAGE: if file_type == IMAGE: