From 2fe5db8c767a60eef49d96b6ce5361d374f13793 Mon Sep 17 00:00:00 2001 From: lian Date: Wed, 27 Dec 2017 15:03:47 +0800 Subject: [PATCH] update lock feature Don't allow delete/rename/move a file when it is locked --- seahub/api2/endpoints/copy_move_task.py | 25 +++++-- seahub/api2/endpoints/file.py | 90 +++++++++++++++++++++---- seahub/api2/views.py | 61 +++++++++++------ seahub/templates/js/templates.html | 8 +++ seahub/utils/file_op.py | 40 +++++++++++ seahub/utils/repo.py | 25 +++++++ seahub/views/__init__.py | 35 ++-------- seahub/views/ajax.py | 65 ++++++++++++++++-- seahub/views/file.py | 35 ++++++---- seahub/wopi/views.py | 13 +++- static/scripts/app/views/dir.js | 2 +- static/scripts/app/views/dirent.js | 2 +- 12 files changed, 311 insertions(+), 90 deletions(-) create mode 100644 seahub/utils/file_op.py diff --git a/seahub/api2/endpoints/copy_move_task.py b/seahub/api2/endpoints/copy_move_task.py index cf5201ba7b..299e60c78d 100644 --- a/seahub/api2/endpoints/copy_move_task.py +++ b/seahub/api2/endpoints/copy_move_task.py @@ -17,6 +17,7 @@ from seahub.signals import rename_dirent_successful from seahub.views import check_folder_permission from seahub.utils import check_filename_with_rename +from seahub.utils.file_op import check_file_lock from seahub.settings import MAX_PATH from seaserv import seafile_api @@ -118,10 +119,15 @@ class CopyMoveTaskView(APIView): return api_error(status.HTTP_403_FORBIDDEN, error_msg) new_dirent_name = check_filename_with_rename(dst_repo_id, - dst_parent_dir, src_dirent_name) + dst_parent_dir, src_dirent_name) username = request.user.username if operation == 'move': + # permission check for src parent dir + if check_folder_permission(request, src_repo_id, src_parent_dir) != 'rw': + error_msg = 'Permission denied.' + return api_error(status.HTTP_403_FORBIDDEN, error_msg) + if dirent_type == 'dir' and src_repo_id == dst_repo_id and \ dst_parent_dir.startswith(src_dirent_path + '/'): @@ -129,10 +135,19 @@ class CopyMoveTaskView(APIView): % {'src': escape(src_dirent_path), 'des': escape(dst_parent_dir)} return api_error(status.HTTP_400_BAD_REQUEST, error_msg) - # permission check for src parent dir - if check_folder_permission(request, src_repo_id, src_parent_dir) != 'rw': - error_msg = 'Permission denied.' - return api_error(status.HTTP_403_FORBIDDEN, error_msg) + if dirent_type == 'file': + # check file lock + try: + is_locked, locked_by_me = check_file_lock(src_repo_id, + src_dirent_path, username) + except Exception as e: + logger.error(e) + error_msg = 'Internal Server Error' + return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) + + if is_locked and not locked_by_me: + error_msg = _("File is locked") + return api_error(status.HTTP_403_FORBIDDEN, error_msg) try: res = seafile_api.move_file(src_repo_id, src_parent_dir, diff --git a/seahub/api2/endpoints/file.py b/seahub/api2/endpoints/file.py index fa1af6fc8b..321f25f3a2 100644 --- a/seahub/api2/endpoints/file.py +++ b/seahub/api2/endpoints/file.py @@ -18,9 +18,11 @@ from seahub.api2.utils import api_error from seahub.signals import rename_dirent_successful from seahub.utils import check_filename_with_rename, is_pro_version, \ - gen_file_upload_url, is_valid_dirent_name + gen_file_upload_url, is_valid_dirent_name, normalize_file_path, \ + normalize_dir_path from seahub.utils.timeutils import timestamp_to_isoformat_timestr -from seahub.views import check_folder_permission, check_file_lock +from seahub.views import check_folder_permission +from seahub.utils.file_op import check_file_lock from seahub.settings import MAX_UPLOAD_FILE_NAME_LEN, \ FILE_LOCK_EXPIRATION_DAYS, OFFICE_TEMPLATE_ROOT @@ -44,7 +46,13 @@ class FileView(APIView): def get_file_info(self, username, repo_id, file_path): file_obj = seafile_api.get_dirent_by_path(repo_id, file_path) - is_locked, locked_by_me = check_file_lock(repo_id, file_path, username) + + try: + is_locked, locked_by_me = check_file_lock(repo_id, file_path, username) + except Exception as e: + logger.error(e) + is_locked = False + file_info = { 'type': 'file', 'repo_id': repo_id, @@ -110,10 +118,12 @@ class FileView(APIView): # argument check path = request.GET.get('p', None) - if not path or path[0] != '/': + if not path: error_msg = 'p invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) + path = normalize_file_path(path) + operation = request.data.get('operation', None) if not operation: error_msg = 'operation invalid.' @@ -240,6 +250,18 @@ class FileView(APIView): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) + # check file lock + try: + is_locked, locked_by_me = check_file_lock(repo_id, path, username) + except Exception as e: + logger.error(e) + error_msg = 'Internal Server Error' + return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) + + if is_locked and not locked_by_me: + error_msg = _("File is locked") + return api_error(status.HTTP_403_FORBIDDEN, error_msg) + # rename file new_file_name = check_filename_with_rename(repo_id, parent_dir, new_file_name) @@ -271,6 +293,8 @@ class FileView(APIView): error_msg = 'dst_dir invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) + dst_dir = normalize_dir_path(dst_dir) + # resource check for source file try: file_id = seafile_api.get_file_id_by_path(repo_id, path) @@ -306,10 +330,19 @@ class FileView(APIView): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) - # move file - if dst_dir[-1] != '/': # Append '/' to the end of directory if necessary - dst_dir += '/' + # check file lock + try: + is_locked, locked_by_me = check_file_lock(repo_id, path, username) + except Exception as e: + logger.error(e) + error_msg = 'Internal Server Error' + return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) + if is_locked and not locked_by_me: + error_msg = _("File is locked") + return api_error(status.HTTP_403_FORBIDDEN, error_msg) + + # move file if src_repo_id == dst_repo_id and src_dir == dst_dir: file_info = self.get_file_info(username, repo_id, path) return Response(file_info) @@ -345,6 +378,8 @@ class FileView(APIView): error_msg = 'dst_dir invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) + dst_dir = normalize_dir_path(dst_dir) + # resource check for source file try: file_id = seafile_api.get_file_id_by_path(repo_id, path) @@ -381,9 +416,6 @@ class FileView(APIView): return api_error(status.HTTP_403_FORBIDDEN, error_msg) # copy file - if dst_dir[-1] != '/': # Append '/' to the end of directory if necessary - dst_dir += '/' - if src_repo_id == dst_repo_id and src_dir == dst_dir: file_info = self.get_file_info(username, repo_id, path) return Response(file_info) @@ -414,9 +446,12 @@ class FileView(APIView): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) - is_locked, locked_by_me = check_file_lock(repo_id, path, username) - if (is_locked, locked_by_me) == (None, None): - error_msg = _("Check file lock error") + # check file lock + try: + is_locked, locked_by_me = check_file_lock(repo_id, path, username) + except Exception as e: + logger.error(e) + error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) if is_locked and not locked_by_me: @@ -454,6 +489,7 @@ class FileView(APIView): if not path: error_msg = 'p invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) + path = normalize_file_path(path) operation = request.data.get('operation', None) if not operation: @@ -483,7 +519,13 @@ class FileView(APIView): return api_error(status.HTTP_403_FORBIDDEN, error_msg) username = request.user.username - is_locked, locked_by_me = check_file_lock(repo_id, path, username) + try: + is_locked, locked_by_me = check_file_lock(repo_id, path, username) + except Exception as e: + logger.error(e) + error_msg = 'Internal Server Error' + return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) + if operation == 'lock': if not is_locked: # lock file @@ -494,6 +536,10 @@ class FileView(APIView): logger.error(e) error_msg = 'Internal Server Error' return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) + else: + if not locked_by_me: + error_msg = _("File is locked") + return api_error(status.HTTP_400_BAD_REQUEST, error_msg) if operation == 'unlock': if is_locked: @@ -525,6 +571,8 @@ class FileView(APIView): error_msg = 'p invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) + path = normalize_file_path(path) + # resource check repo = seafile_api.get_repo(repo_id) if not repo: @@ -537,10 +585,24 @@ class FileView(APIView): # permission check parent_dir = os.path.dirname(path) + + username = request.user.username if check_folder_permission(request, repo_id, parent_dir) != 'rw': error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) + # check file lock + try: + is_locked, locked_by_me = check_file_lock(repo_id, path, username) + except Exception as e: + logger.error(e) + error_msg = 'Internal Server Error' + return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) + + if is_locked and not locked_by_me: + error_msg = _("File is locked") + return api_error(status.HTTP_403_FORBIDDEN, error_msg) + # delete file file_name = os.path.basename(path) try: diff --git a/seahub/api2/views.py b/seahub/api2/views.py index d3b6f43145..1283aa7d9a 100644 --- a/seahub/api2/views.py +++ b/seahub/api2/views.py @@ -73,14 +73,15 @@ from seahub.utils import gen_file_get_url, gen_token, gen_file_upload_url, \ from seahub.utils.file_revisions import get_file_revisions_after_renamed from seahub.utils.devices import do_unlink_device -from seahub.utils.repo import get_repo_owner, get_library_storages +from seahub.utils.repo import get_repo_owner, get_library_storages, \ + get_locked_files_by_dir from seahub.utils.star import star_file, unstar_file from seahub.utils.file_types import DOCUMENT from seahub.utils.file_size import get_file_size_unit +from seahub.utils.file_op import check_file_lock from seahub.utils.timeutils import utc_to_local, datetime_to_isoformat_timestr -from seahub.views import is_registered_user, check_file_lock, \ - group_events_data, get_diff, create_default_library, \ - list_inner_pub_repos, check_folder_permission +from seahub.views import is_registered_user, check_folder_permission, \ + create_default_library, list_inner_pub_repos from seahub.views.ajax import get_groups_by_user, get_group_repos from seahub.views.file import get_file_view_path_and_perm, send_file_access_msg if HAS_FILE_SEARCH: @@ -1817,27 +1818,34 @@ class OpDeleteView(APIView): permission_classes = (IsAuthenticated, ) def post(self, request, repo_id, format=None): + + parent_dir = request.GET.get('p') + file_names = request.POST.get("file_names") + if not parent_dir or not file_names: + return api_error(status.HTTP_404_NOT_FOUND, + 'File or directory not found.') + repo = get_repo(repo_id) if not repo: return api_error(status.HTTP_404_NOT_FOUND, 'Library not found.') username = request.user.username - if check_folder_permission(request, repo_id, '/') != 'rw': + if check_folder_permission(request, repo_id, parent_dir) != 'rw': return api_error(status.HTTP_403_FORBIDDEN, 'You do not have permission to delete this file.') - if not check_folder_permission(request, repo_id, '/'): - return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') - - parent_dir = request.GET.get('p') - file_names = request.POST.get("file_names") - - if not parent_dir or not file_names: - return api_error(status.HTTP_404_NOT_FOUND, - 'File or directory not found.') + allowed_file_names = [] + locked_files = get_locked_files_by_dir(request, repo_id, parent_dir) + for file_name in file_names.split(':'): + if file_name not in locked_files.keys(): + # file is not locked + allowed_file_names.append(file_name) + elif locked_files[file_name] == username: + # file is locked by current user + allowed_file_names.append(file_name) try: - multi_files = "\t".join(file_names.split(':')) + multi_files = "\t".join(allowed_file_names) seafile_api.del_file(repo_id, parent_dir, multi_files, username) except SearpcError as e: @@ -1899,8 +1907,18 @@ class OpMoveView(APIView): return api_error(status.HTTP_403_FORBIDDEN, 'You do not have permission to move file to destination folder.') + allowed_obj_names = [] + locked_files = get_locked_files_by_dir(request, repo_id, parent_dir) + for file_name in obj_names.split(':'): + if file_name not in locked_files.keys(): + # file is not locked + allowed_obj_names.append(file_name) + elif locked_files[file_name] == username: + # file is locked by current user + allowed_obj_names.append(file_name) + # check if all file/dir existes - obj_names = obj_names.strip(':').split(':') + obj_names = allowed_obj_names dirents = seafile_api.list_dir_by_path(repo_id, parent_dir) exist_obj_names = [dirent.obj_name for dirent in dirents] if not set(obj_names).issubset(exist_obj_names): @@ -2481,10 +2499,16 @@ class FileView(APIView): if check_folder_permission(request, repo_id, parent_dir) != 'rw': return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') + # check file lock + try: + is_locked, locked_by_me = check_file_lock(repo_id, path, username) + except Exception as e: + logger.error(e) + error_msg = 'Internal Server Error' + return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg) + operation = request.data.get('operation', '') if operation.lower() == 'lock': - - is_locked, locked_by_me = check_file_lock(repo_id, path, username) if is_locked: return api_error(status.HTTP_403_FORBIDDEN, 'File is already locked') @@ -2498,7 +2522,6 @@ class FileView(APIView): return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, 'Internal error') if operation.lower() == 'unlock': - is_locked, locked_by_me = check_file_lock(repo_id, path, username) if not is_locked: return api_error(status.HTTP_403_FORBIDDEN, 'File is not locked') if not locked_by_me: diff --git a/seahub/templates/js/templates.html b/seahub/templates/js/templates.html index cca557039d..d28a834074 100644 --- a/seahub/templates/js/templates.html +++ b/seahub/templates/js/templates.html @@ -604,16 +604,20 @@ <% } %> <% if (dirent.perm == 'rw') { %> + <% if (!dirent.is_locked || (dirent.is_locked && dirent.locked_by_me)) { %> <% } %> + <% } %> <% if (dirent.perm == 'rw') { %>
    + <% if (!dirent.is_locked || (dirent.is_locked && dirent.locked_by_me)) { %>
  • {% trans "Rename" %}
  • {% trans "Move" %}
    • + <% } %>
  • {% trans "Copy" %}
    • <% if (is_pro) { %> <% if (dirent.is_locked) { %> @@ -726,9 +730,11 @@
    • <% } %> <% if (dirent.perm == 'rw') { %> + <% if (!dirent.is_locked || (dirent.is_locked && dirent.locked_by_me)) { %>
  • {% trans "Delete" %}
  • {% trans "Rename" %}
  • {% trans "Move" %}
    • + <% } %>
  • {% trans "Copy" %}
    • <% if (is_pro) { %> <% if (dirent.is_locked) { %> @@ -807,9 +813,11 @@
    • <% } %> <% if (dirent.perm == 'rw') { %> + <% if (!dirent.is_locked || (dirent.is_locked && dirent.locked_by_me)) { %>
  • {% trans "Delete" %}
  • {% trans "Rename" %}
  • {% trans "Move" %}
    • + <% } %>
  • {% trans "Copy" %}
    • <% if (is_pro) { %> <% if (dirent.is_locked) { %> diff --git a/seahub/utils/file_op.py b/seahub/utils/file_op.py new file mode 100644 index 0000000000..cd69953abf --- /dev/null +++ b/seahub/utils/file_op.py @@ -0,0 +1,40 @@ +# Copyright (c) 2012-2016 Seafile Ltd. +# encoding: utf-8 + +import logging +from seaserv import seafile_api +from pysearpc import SearpcError + +from seahub.utils import is_pro_version +from seahub.settings import ENABLE_FOLDER_PERM + +# Get an instance of a logger +logger = logging.getLogger(__name__) + +def check_file_lock(repo_id, file_path, username): + """ Check if file is locked to current user + + According to returned value of seafile_api.check_file_lock: + 0: not locked + 1: locked by other + 2: locked by me + -1: error + + Return (is_locked, locked_by_me) + """ + + if not is_pro_version() or not ENABLE_FOLDER_PERM: + return (False, False) + + return_value = seafile_api.check_file_lock(repo_id, + file_path.lstrip('/'), username) + + if return_value == 0: + return (False, False) + elif return_value == 1: + return (True , False) + elif return_value == 2: + return (True, True) + else: + raise SearpcError('check file lock error') + diff --git a/seahub/utils/repo.py b/seahub/utils/repo.py index 89d51b97e2..9d78695833 100644 --- a/seahub/utils/repo.py +++ b/seahub/utils/repo.py @@ -89,3 +89,28 @@ def get_library_storages(request): return user_role_storages +def get_locked_files_by_dir(request, repo_id, folder_path): + """ Get locked files in a folder + + Returns: + A dict contains locked file name and locker owner. + + locked_files = { + 'file_name': 'lock_owner'; + ... + } + """ + + username = request.user.username + + # get lock files + dir_id = seafile_api.get_dir_id_by_path(repo_id, folder_path) + dirents = seafile_api.list_dir_with_perm(repo_id, + folder_path, dir_id, username, -1, -1) + + locked_files = {} + for dirent in dirents: + if dirent.is_locked: + locked_files[dirent.obj_name] = dirent.lock_owner + + return locked_files diff --git a/seahub/views/__init__.py b/seahub/views/__init__.py index ab0a2ea75f..e7d57810a3 100644 --- a/seahub/views/__init__.py +++ b/seahub/views/__init__.py @@ -47,6 +47,7 @@ from seahub.utils import render_permission_error, render_error, \ is_org_repo_creation_allowed, is_windows_operating_system from seahub.utils.star import get_dir_starred_files from seahub.utils.repo import get_library_storages +from seahub.utils.file_op import check_file_lock from seahub.utils.timeutils import utc_to_local from seahub.views.modules import MOD_PERSONAL_WIKI, enable_mod_for_user, \ disable_mod_for_user @@ -104,33 +105,6 @@ def check_folder_permission(request, repo_id, path): username = request.user.username return seafile_api.check_permission_by_path(repo_id, path, username) -def check_file_lock(repo_id, file_path, username): - """ check if file is locked to current user - according to returned value of seafile_api.check_file_lock: - - 0: not locked - 1: locked by other - 2: locked by me - -1: error - - return (is_locked, locked_by_me) - """ - try: - return_value = seafile_api.check_file_lock(repo_id, - file_path.lstrip('/'), username) - except SearpcError as e: - logger.error(e) - return (None, None) - - if return_value == 0: - return (False, False) - elif return_value == 1: - return (True , False) - elif return_value == 2: - return (True, True) - else: - return (None, None) - def gen_path_link(path, repo_name): """ Generate navigate paths and links in repo page. @@ -873,7 +847,12 @@ def file_revisions(request, repo_id): can_revert_file = True username = request.user.username - is_locked, locked_by_me = check_file_lock(repo_id, path, username) + try: + is_locked, locked_by_me = check_file_lock(repo_id, path, username) + except Exception as e: + logger.error(e) + is_locked, locked_by_me = False, False + if seafile_api.check_permission_by_path(repo_id, path, username) != 'rw' or \ (is_locked and not locked_by_me): can_revert_file = False diff --git a/seahub/views/ajax.py b/seahub/views/ajax.py index faf6b564ba..f14ab32eab 100644 --- a/seahub/views/ajax.py +++ b/seahub/views/ajax.py @@ -45,9 +45,11 @@ from seahub.utils import check_filename_with_rename, EMPTY_SHA1, \ get_repo_last_modify, gen_file_upload_url, is_org_context, \ get_file_type_and_ext, is_pro_version from seahub.utils.star import get_dir_starred_files +from seahub.utils.file_types import IMAGE, VIDEO +from seahub.utils.file_op import check_file_lock +from seahub.utils.repo import get_locked_files_by_dir from seahub.base.accounts import User from seahub.thumbnail.utils import get_thumbnail_src -from seahub.utils.file_types import IMAGE, VIDEO from seahub.share.utils import is_repo_admin from seahub.base.templatetags.seahub_tags import translate_seahub_time, \ email2nickname, tsstr_sec @@ -420,6 +422,19 @@ def rename_dirent(request, repo_id): err_msg = _('Permission denied') return HttpResponse(json.dumps({'error': err_msg}), status=403, content_type=content_type) + # check file lock + try: + is_locked, locked_by_me = check_file_lock(repo_id, full_path, username) + except Exception as e: + logger.error(e) + err_msg = 'Internal Server Error' + return HttpResponse(json.dumps({'error': err_msg}), status=500, + content_type=content_type) + + if is_locked and not locked_by_me: + err_msg = _("File is locked") + return HttpResponse(json.dumps({'error': err_msg}), status=403, + content_type=content_type) if newname == oldname: return HttpResponse(json.dumps({'success': True}), @@ -478,6 +493,20 @@ def delete_dirent(request, repo_id): return HttpResponse(json.dumps({'error': err_msg}), status=403, content_type=content_type) + # check file lock + try: + is_locked, locked_by_me = check_file_lock(repo_id, full_path, username) + except Exception as e: + logger.error(e) + err_msg = 'Internal Server Error' + return HttpResponse(json.dumps({'error': err_msg}), status=500, + content_type=content_type) + + if is_locked and not locked_by_me: + err_msg = _("File is locked") + return HttpResponse(json.dumps({'error': err_msg}), status=403, + content_type=content_type) + # delete file/dir try: seafile_api.del_file(repo_id, parent_dir, dirent_name, username) @@ -512,12 +541,29 @@ def delete_dirents(request, repo_id): status=400, content_type=content_type) # permission checking - username = request.user.username deleted = [] undeleted = [] + allowed_dirents_names = [] + username = request.user.username + + locked_files = get_locked_files_by_dir(request, repo_id, parent_dir) + + # check parent dir perm for files + if check_folder_permission(request, repo_id, parent_dir) != 'rw': + undeleted += dirents_names + else: + for dirent_name in dirents_names: + if dirent_name not in locked_files.keys(): + # file is not locked + allowed_dirents_names.append(dirent_name) + elif locked_files[dirent_name] == username: + # file is locked by current user + allowed_dirents_names.append(dirent_name) + else: + undeleted.append(dirent_name) multi_files = '' - for dirent_name in dirents_names: + for dirent_name in allowed_dirents_names: full_path = posixpath.join(parent_dir, dirent_name) if check_folder_permission(request, repo.id, full_path) != 'rw': undeleted.append(dirent_name) @@ -648,12 +694,21 @@ def mv_dirents(request, src_repo_id, src_path, dst_repo_id, dst_path, allowed_files = [] allowed_dirs = [] + locked_files = get_locked_files_by_dir(request, src_repo_id, src_path) + # check parent dir perm for files if check_folder_permission(request, src_repo_id, src_path) != 'rw': - allowed_files = [] failed += obj_file_names else: - allowed_files = obj_file_names + for file_name in obj_file_names: + if file_name not in locked_files.keys(): + # file is not locked + allowed_files.append(file_name) + elif locked_files[file_name] == username: + # file is locked by current user + allowed_files.append(file_name) + else: + failed.append(file_name) for obj_name in obj_dir_names: src_dir = posixpath.join(src_path, obj_name) diff --git a/seahub/views/file.py b/seahub/views/file.py index 9dddef8b6d..ea908c57e0 100644 --- a/seahub/views/file.py +++ b/seahub/views/file.py @@ -34,7 +34,6 @@ from django.utils.translation import ugettext as _ from django.views.decorators.http import require_POST from django.template.defaultfilters import filesizeformat from django.views.decorators.csrf import csrf_exempt -from constance import config from seaserv import seafile_api from seaserv import get_repo, send_message, get_commits, \ @@ -43,7 +42,6 @@ from seaserv import get_repo, send_message, get_commits, \ from pysearpc import SearpcError from seahub.wopi.utils import get_wopi_dict -from seahub.avatar.templatetags.group_avatar_tags import grp_avatar from seahub.auth.decorators import login_required from seahub.base.decorators import repo_passwd_set_required from seahub.share.models import FileShare, check_share_link_common @@ -55,17 +53,20 @@ from seahub.utils import render_error, is_org_context, \ render_permission_error, is_pro_version, is_textual_file, \ mkstemp, EMPTY_SHA1, HtmlDiff, gen_inner_file_get_url, \ user_traffic_over_limit, get_file_audit_events_by_path, \ - generate_file_audit_event_type, FILE_AUDIT_ENABLED, gen_token, \ - get_site_scheme_and_netloc, get_conf_text_ext + generate_file_audit_event_type, FILE_AUDIT_ENABLED, \ + get_site_scheme_and_netloc, get_conf_text_ext, \ + HAS_OFFICE_CONVERTER, FILEEXT_TYPE_MAP + from seahub.utils.ip import get_remote_ip from seahub.utils.timeutils import utc_to_local -from seahub.utils.file_types import (IMAGE, PDF, DOCUMENT, SPREADSHEET, AUDIO, - MARKDOWN, TEXT, VIDEO) +from seahub.utils.file_types import (IMAGE, PDF, + DOCUMENT, SPREADSHEET, AUDIO, MARKDOWN, TEXT, VIDEO) from seahub.utils.star import is_file_starred -from seahub.utils import HAS_OFFICE_CONVERTER, FILEEXT_TYPE_MAP -from seahub.utils.http import json_response, int_param, BadRequestException, RequestForbbiddenException -from seahub.views import check_folder_permission, check_file_lock, \ - get_unencry_rw_repos_by_user +from seahub.utils.http import json_response, int_param, \ + BadRequestException, RequestForbbiddenException +from seahub.utils.file_op import check_file_lock +from seahub.views import check_folder_permission, \ + get_unencry_rw_repos_by_user if HAS_OFFICE_CONVERTER: from seahub.utils import ( @@ -450,7 +451,11 @@ def _file_view(request, repo_id, path): raw_path, inner_path, user_perm = get_file_view_path_and_perm( request, repo_id, obj_id, path) - is_locked, locked_by_me = check_file_lock(repo_id, path, username) + try: + is_locked, locked_by_me = check_file_lock(repo_id, path, username) + except Exception as e: + logger.error(e) + is_locked, locked_by_me = False, False # check if use office web app to view/edit file if not repo.encrypted and ENABLE_OFFICE_WEB_APP: @@ -1159,9 +1164,11 @@ def file_edit_submit(request, repo_id): if check_folder_permission(request, repo_id, parent_dir) != 'rw': return error_json(_(u'Permission denied')) - is_locked, locked_by_me = check_file_lock(repo_id, path, username) - if (is_locked, locked_by_me) == (None, None): - return error_json(_(u'Check file lock error')) + try: + is_locked, locked_by_me = check_file_lock(repo_id, path, username) + except Exception as e: + logger.error(e) + return error_json(_(u'Internal Server Error')) if is_locked and not locked_by_me: return error_json(_(u'File is locked')) diff --git a/seahub/wopi/views.py b/seahub/wopi/views.py index a6a1068bc8..d8fe2bfad9 100644 --- a/seahub/wopi/views.py +++ b/seahub/wopi/views.py @@ -19,9 +19,9 @@ from pysearpc import SearpcError from seaserv import seafile_api from seahub.base.accounts import User -from seahub.views import check_file_lock from seahub.utils import gen_inner_file_get_url, \ gen_file_upload_url, get_file_type_and_ext, is_pro_version +from seahub.utils.file_op import check_file_lock from seahub.base.templatetags.seahub_tags import email2nickname from seahub.settings import SITE_ROOT @@ -174,8 +174,15 @@ class WOPIFilesView(APIView): filename = os.path.basename(file_path) filetype, fileext = get_file_type_and_ext(filename) - is_locked, locked_by_me = check_file_lock(repo_id, - file_path, request_user) + + try: + is_locked, locked_by_me = check_file_lock(repo_id, + file_path, request_user) + except Exception as e: + logger.error(e) + return HttpResponse(json.dumps({}), + status=500, content_type=json_content_type) + perm = seafile_api.check_permission_by_path(repo_id, file_path, request_user) diff --git a/static/scripts/app/views/dir.js b/static/scripts/app/views/dir.js index 0257fa590c..163813172b 100644 --- a/static/scripts/app/views/dir.js +++ b/static/scripts/app/views/dir.js @@ -1321,7 +1321,7 @@ define([ error: function(xhr) { var err; if (xhr.responseText) { - err = $.parseJSON(xhr.responseText).error; + err = $.parseJSON(xhr.responseText).error||$.parseJSON(xhr.responseText).error_msg; } else { err = gettext("Failed. Please check the network."); } diff --git a/static/scripts/app/views/dirent.js b/static/scripts/app/views/dirent.js index 00fe12d7fd..8af7f10fab 100644 --- a/static/scripts/app/views/dirent.js +++ b/static/scripts/app/views/dirent.js @@ -281,7 +281,7 @@ define([ }, error: function(xhr) { if (xhr.responseText) { - Common.feedback($.parseJSON(xhr.responseText).error); + Common.feedback($.parseJSON(xhr.responseText).error||$.parseJSON(xhr.responseText).error_msg, 'error'); } else { Common.feedback(gettext("Please check the network."), 'error'); }