haiwen/seahub
1
0
Fork 0
mirror of https://github.com/haiwen/seahub.git synced 2025-09-22 03:47:09 +00:00
Code Issues Releases Wiki Activity

[ajax] added decorator 'login_required_ajax', improved ajax related code, removed 'client_mgmt'

Browse Source
This commit is contained in:
llj
2014-07-01 15:21:49 +08:00
parent 3e6f5665ac
commit 3a5ef8bfda
20 changed files with 272 additions and 501 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
media/js/base.js
View File

@@ -72,7 +72,7 @@ $(function() {
},
error: function (xhr, textStatus, errorThrown) {
if (xhr.responseText) {
var error = jQuery.parseJSON(xhr.responseText).error;
var error = $.parseJSON(xhr.responseText).error;
loading_tip.hide();
if ($('.error', popup).length == 0) {
loading_tip.after('<p class="error alc">' + error + '</p>');
@@ -126,7 +126,7 @@ $(function() {
},
error: function (xhr, textStatus, errorThrown) {
if (xhr.responseText) {
var error = jQuery.parseJSON(xhr.responseText).error;
var error = $.parseJSON(xhr.responseText).error;
loading_tip.hide();
if ($('.error', popup).length == 0) {
loading_tip.after('<p class="error alc">' + error + '</p>');

29
seahub/auth/decorators.py
View File

@@ -8,6 +8,7 @@ from django.http import HttpResponseRedirect, HttpResponse
from django.utils.decorators import available_attrs
from django.utils.http import urlquote
import simplejson as json
from django.utils.translation import ugettext as _
def user_passes_test(test_func, login_url=None, redirect_field_name=REDIRECT_FIELD_NAME):
"""
@@ -50,3 +51,31 @@ def permission_required(perm, login_url=None):
enabled, redirecting to the log-in page if necessary.
"""
return user_passes_test(lambda u: u.has_perm(perm), login_url=login_url)
def login_required_ajax(function=None,redirect_field_name=None):
"""
Just make sure the user is authenticated to access a certain ajax view
Otherwise return a HttpResponse 401 - authentication required
instead of the 302 redirect of the original Django decorator
"""
def _decorator(view_func):
def _wrapped_view(request, *args, **kwargs):
if not request.is_ajax():
raise Http404
if request.user.is_authenticated():
return view_func(request, *args, **kwargs)
else:
content_type = 'application/json; charset=utf-8'
return HttpResponse(json.dumps({
'error': _('Please log in.')
}), status=401, content_type=content_type)
return _wrapped_view
if function is None:
return _decorator
else:
return _decorator(function)

2
seahub/group/templates/group/grpmember_add_js.html
View File

@@ -9,7 +9,7 @@ $("#group-member-add, #group-admin-add").click(function() {
$('#enter .tip').addClass('hide');
form.data('post_url', '{% url 'group_add_admin' group.id %}');
} else {
form.data('post_url', '{% url 'group_manage' group.id %}');
form.data('post_url', '{% url 'group_add_member' group.id %}');
}
addAutocomplete('#added-member-name', '#enter', contact_list);
});

6
seahub/group/urls.py
View File

@@ -7,7 +7,7 @@ from views import group_info, group_members, group_member_operations, group_add_
group_wiki_page_new, group_wiki_page_edit, group_wiki_pages, \
group_wiki_page_delete, group_wiki_use_lib, group_remove, group_dismiss, group_quit, \
group_make_public, group_revoke_public, group_transfer, group_toggle_modules, \
group_add_discussion, group_rename, group_add
group_add_discussion, group_rename, group_add, ajax_add_group_member
urlpatterns = patterns('',
url(r'^(?P<group_id>\d+)/$', group_info, name='group_info'),
@@ -37,11 +37,13 @@ urlpatterns = patterns('',
url(r'^(?P<group_id>\d+)/admin/add/$', group_add_admin, name='group_add_admin'),
url(r'^(?P<group_id>\d+)/admin/remove/$', group_remove_admin, name='group_remove_admin'),
url(r'^recommend/$', group_recommend, name='group_recommend'),
url(r'^attention/$', attention, name='group_attention'),
#url(r'^attention/$', attention, name='group_attention'),
url(r'^joinrequest/(?P<group_id>[\d]+)/$', group_joinrequest, name='group_joinrequest'),
url(r'^(?P<group_id>\d+)/modules/toggle/$', group_toggle_modules, name='group_toggle_modules'),
url(r'^(?P<group_id>\d+)/discussion/add/$', group_add_discussion, name='group_add_discussion'),
url(r'^add/$', group_add, name='group_add'),
url(r'^ajax/(?P<group_id>\d+)/member/add/$', ajax_add_group_member, name='group_add_member'),
)
import seahub.settings as settings

134
seahub/group/views.py
View File

@@ -17,7 +17,7 @@ from django.utils.http import urlquote
from django.utils.translation import ugettext as _
from django.utils.translation import ungettext
from seahub.auth.decorators import login_required
from seahub.auth.decorators import login_required, login_required_ajax
import seaserv
from seaserv import ccnet_threaded_rpc, seafserv_threaded_rpc, \
web_get_access_token, seafile_api, get_repo, get_group_repos, get_commits, \
@@ -146,10 +146,10 @@ def group_check(func):
return _decorated
########## views
@login_required
@login_required_ajax
def group_add(request):
"""Add a new group"""
if not request.is_ajax() or request.method != 'POST':
if request.method != 'POST':
raise Http404
username = request.user.username
@@ -453,56 +453,56 @@ def group_message_remove(request, group_id, msg_id):
def msg_reply(request, msg_id):
"""Show group message replies, and process message reply in ajax"""
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
if request.is_ajax():
ctx = {}
try:
group_msg = GroupMessage.objects.get(id=msg_id)
except GroupMessage.DoesNotExist:
return HttpResponseBadRequest(content_type=content_type)
ctx = {}
try:
group_msg = GroupMessage.objects.get(id=msg_id)
except GroupMessage.DoesNotExist:
return HttpResponseBadRequest(content_type=content_type)
if request.method == 'POST':
if not request.user.is_authenticated():
return HttpResponseBadRequest(json.dumps({
"error": "login required"}), content_type=content_type)
if request.method == 'POST':
if not request.user.is_authenticated():
return HttpResponseBadRequest(json.dumps({
"error": "login required"}), content_type=content_type)
form = MessageReplyForm(request.POST)
r_status = request.GET.get('r_status')
# TODO: invalid form
if form.is_valid():
msg = form.cleaned_data['message']
form = MessageReplyForm(request.POST)
r_status = request.GET.get('r_status')
# TODO: invalid form
if form.is_valid():
msg = form.cleaned_data['message']
msg_reply = MessageReply()
msg_reply.reply_to = group_msg
msg_reply.from_email = request.user.username
msg_reply.message = msg
msg_reply.save()
msg_reply = MessageReply()
msg_reply.reply_to = group_msg
msg_reply.from_email = request.user.username
msg_reply.message = msg
msg_reply.save()
# send signal if reply other's message
if group_msg.from_email != request.user.username:
grpmsg_reply_added.send(sender=MessageReply,
msg_id=msg_id,
from_email=request.user.username,
reply_msg=msg)
replies = MessageReply.objects.filter(reply_to=group_msg)
r_num = len(replies)
if r_num < 4 or r_status == 'show':
ctx['replies'] = replies
else:
ctx['replies'] = replies[r_num - 3:]
html = render_to_string("group/group_reply_list.html", ctx)
serialized_data = json.dumps({"r_num": r_num, "html": html})
return HttpResponse(serialized_data, content_type=content_type)
else:
# send signal if reply other's message
if group_msg.from_email != request.user.username:
grpmsg_reply_added.send(sender=MessageReply,
msg_id=msg_id,
from_email=request.user.username,
reply_msg=msg)
replies = MessageReply.objects.filter(reply_to=group_msg)
r_num = len(replies)
ctx['replies'] = replies
if r_num < 4 or r_status == 'show':
ctx['replies'] = replies
else:
ctx['replies'] = replies[r_num - 3:]
html = render_to_string("group/group_reply_list.html", ctx)
serialized_data = json.dumps({"r_num": r_num, "html": html})
return HttpResponse(serialized_data, content_type=content_type)
else:
return HttpResponseBadRequest(content_type=content_type)
replies = MessageReply.objects.filter(reply_to=group_msg)
r_num = len(replies)
ctx['replies'] = replies
html = render_to_string("group/group_reply_list.html", ctx)
serialized_data = json.dumps({"r_num": r_num, "html": html})
return HttpResponse(serialized_data, content_type=content_type)
@login_required
def msg_reply_new(request):
@@ -662,11 +662,20 @@ def send_group_member_add_mail(request, group, from_user, to_user):
subject = _(u'You are invited to join a group on %s') % SITE_NAME
send_html_email(subject, 'group/add_member_email.html', c, None, [to_user])
def ajax_add_group_member(request, group):
@login_required_ajax
@group_staff_required
def ajax_add_group_member(request, group_id):
"""Add user to group in ajax.
"""
result = {}
content_type = 'application/json; charset=utf-8'
group = get_group(group_id)
if not group:
result['error'] = _(u'The group does not exist.')
return HttpResponse(json.dumps(result), status=400,
content_type=content_type)
username = request.user.username
member_name_str = request.POST.get('user_name', '')
@@ -780,13 +789,6 @@ def group_manage(request, group_id):
if not group:
return HttpResponseRedirect(reverse('group_list', args=[]))
if request.method == 'POST':
"""
Add group members.
"""
return ajax_add_group_member(request, group)
### GET ###
members_all = ccnet_threaded_rpc.get_group_members(group.id)
admins = [ m for m in members_all if m.is_staff ]
@@ -811,7 +813,7 @@ def group_manage(request, group_id):
"mods_available": mods_available,
}, context_instance=RequestContext(request))
@login_required
@login_required_ajax
@group_staff_required
def group_add_admin(request, group_id):
"""
@@ -819,7 +821,7 @@ def group_add_admin(request, group_id):
"""
group_id = int(group_id) # Checked by URL Conf
if request.method != 'POST' or not request.is_ajax():
if request.method != 'POST':
raise Http404
result = {}
@@ -927,7 +929,7 @@ def group_remove_member(request, group_id, user_name):
return HttpResponseRedirect(reverse('group_manage', args=[group_id]))
@login_required
@login_required_ajax
def group_recommend(request):
"""
Recommend a file or directory to a group.
@@ -954,12 +956,12 @@ def group_recommend(request):
try:
group_id = int(group_id)
except ValueError:
result['err'] = _(u'Error: wrong group id')
result['error'] = _(u'Error: wrong group id')
return HttpResponse(json.dumps(result), status=400, content_type=content_type)
group = get_group(group_id)
if not group:
result['err'] = _(u'Error: the group does not exist.')
result['error'] = _(u'Error: the group does not exist.')
return HttpResponse(json.dumps(result), status=400, content_type=content_type)
# TODO: Check whether repo is in the group and Im in the group
@@ -994,10 +996,10 @@ def group_recommend(request):
result['success'] = _(u'Successfully posted to %(groups)s.') % {'groups': ', '.join(groups_posted_to)}
if len(groups_not_in) > 0:
result['err'] = _(u'Error: you are not in group %s.') % (', '.join(groups_not_in))
result['error'] = _(u'Error: you are not in group %s.') % (', '.join(groups_not_in))
else:
result['err'] = str(form.errors)
result['error'] = str(form.errors)
return HttpResponse(json.dumps(result), status=400, content_type=content_type)
# request.method == 'GET'
@@ -1006,10 +1008,10 @@ def group_recommend(request):
path = request.GET.get('path', None)
repo = get_repo(repo_id)
if not repo:
result['err'] = _(u'Error: the library does not exist.')
result['error'] = _(u'Error: the library does not exist.')
return HttpResponse(json.dumps(result), status=400, content_type=content_type)
if path is None:
result['err'] = _(u'Error: no path.')
result['error'] = _(u'Error: no path.')
return HttpResponse(json.dumps(result), status=400, content_type=content_type)
# get discussions & replies
@@ -1034,7 +1036,7 @@ def group_recommend(request):
return HttpResponse(json.dumps(result), content_type=content_type)
@login_required
@login_required_ajax
def create_group_repo(request, group_id):
"""Create a repo and share it to current group"""
@@ -1113,12 +1115,12 @@ def create_group_repo(request, group_id):
return HttpResponse(json.dumps({'success': True}),
content_type=content_type)
@login_required
@login_required_ajax
def group_joinrequest(request, group_id):
"""
Handle post request to join a group.
"""
if not request.is_ajax() or request.method != 'POST':
if request.method != 'POST':
raise Http404
result = {}
@@ -1152,14 +1154,12 @@ def group_joinrequest(request, group_id):
else:
return HttpResponseBadRequest(json.dumps(form.errors),
content_type=content_type)
@login_required_ajax
def attention(request):
"""
Handle ajax request to query group members used in autocomplete.
"""
if not request.is_ajax():
raise Http404
user = request.user.username
name_str = request.GET.get('name_startsWith')
gids = request.GET.get('gids', '')
@@ -1201,7 +1201,6 @@ def attention(request):
content_type = 'application/json; charset=utf-8'
return HttpResponse(json.dumps(result), content_type=content_type)
@group_check
def group_add_discussion(request, group):
@@ -1480,6 +1479,7 @@ def group_wiki_pages(request, group):
"mods_available": mods_available,
}, context_instance=RequestContext(request))
@login_required_ajax
@group_check
def group_wiki_create(request, group):
if group.view_perm == "pub":

10
seahub/message/templates/message/all_msg_list.html
View File

@@ -110,8 +110,14 @@ $('#add-msg').click(function() {
popup.html('<p>' + "{% trans "please add contacts at first" %}" + '</p>');
}
},
error: function() {
popup.html('<p class="error">' + "{% trans "Failed to get your contacts for sending a message." %}" + '</p>');
error: function(jqXHR, textStatus, errorThrown) {
var error;
if (jqXHR.responseText) {
error = $.parseJSON(jqXHR.responseText).error;
} else {
error = "{% trans "Please check the network." %}";
}
popup.html('<p class="error alc">' + error + '</p>');
}
});
});

17
seahub/message/views.py
View File

@@ -9,11 +9,10 @@ from django.core.urlresolvers import reverse
from django.template import RequestContext
from django.core.paginator import EmptyPage, InvalidPage
from django.utils.translation import ugettext as _
from django.views.decorators.http import require_POST
from models import UserMessage, UserMsgAttachment
from message import msg_info_list
from seahub.auth.decorators import login_required
from seahub.auth.decorators import login_required, login_required_ajax
from seahub.base.accounts import User
from seahub.base.decorators import user_mods_check
from seahub.views import is_registered_user
@@ -108,7 +107,7 @@ def user_msg_list(request, id_or_email):
"to_email": to_email,
}, context_instance=RequestContext(request))
@login_required
@login_required_ajax
def user_msg_remove(request, msg_id):
"""Remove sent message.
"""
@@ -134,7 +133,7 @@ def user_msg_remove(request, msg_id):
'err_msg': _(u"You don't have the permission.")
}), content_type=json_ct)
@login_required
@login_required_ajax
def user_received_msg_remove(request, msg_id):
"""Remove received message.
"""
@@ -160,13 +159,12 @@ def user_received_msg_remove(request, msg_id):
'err_msg': _(u"You don't have the permission."),
}), content_type=json_ct)
@login_required
@require_POST
@login_required_ajax
def message_send(request):
"""Handle POST request to send message to user(s).
"""
if not request.is_ajax() or request.method != 'POST':
if request.method != 'POST':
raise Http404
content_type = 'application/json; charset=utf-8'
@@ -251,13 +249,10 @@ def message_send(request):
return HttpResponse(json.dumps({"html": html, "error": errors}), status=400, content_type=content_type)
@login_required
@login_required_ajax
def msg_count(request):
"""Count user's unread message.
"""
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
username = request.user.username

7
seahub/notifications/views.py
View File

@@ -10,7 +10,7 @@ from django.utils.translation import ugettext as _
import seaserv
from seahub.auth.decorators import login_required
from seahub.auth.decorators import login_required, login_required_ajax
from seahub.notifications.models import Notification, NotificationForm, \
UserNotification
from seahub.notifications.utils import refresh_cache
@@ -78,7 +78,7 @@ def user_notification_list(request):
'notices_more': notices_more,
}, context_instance=RequestContext(request))
@login_required
@login_required_ajax
def user_notification_more(request):
"""Fetch next ``limit`` notifications starts from ``start``.
@@ -87,9 +87,6 @@ def user_notification_more(request):
- `start`:
- `limit`:
"""
if not request.is_ajax():
return Http404
username = request.user.username
start = int(request.GET.get('start', 0))
limit = int(request.GET.get('limit', 0))

6
seahub/share/urls.py
View File

@@ -14,11 +14,17 @@ urlpatterns = patterns('',
url(r'^link/get/$', get_shared_link, name='get_shared_link'),
url(r'^link/remove/$', remove_shared_link, name='remove_shared_link'),
url(r'^ajax/link/remove/$', ajax_remove_shared_link, name='ajax_remove_shared_link'),
url(r'^link/send/$', send_shared_link, name='send_shared_link'),
url(r'^link/save/$', save_shared_link, name='save_shared_link'),
url(r'^upload_link/get/$', get_shared_upload_link, name='get_shared_upload_link'),
url(r'^upload_link/remove/$', remove_shared_upload_link, name='remove_shared_upload_link'),
url(r'^ajax/upload_link/remove/$', ajax_remove_shared_upload_link, name='ajax_remove_shared_upload_link'),
url(r'^upload_link/send/$', send_shared_upload_link, name='send_shared_upload_link'),
url(r'^permission_admin/$', share_permission_admin, name='share_permission_admin'),

60
seahub/share/views.py
View File

@@ -27,7 +27,7 @@ from seahub.share.models import FileShare, PrivateFileDirShare, \
from seahub.share.signals import share_repo_to_user_successful
# from settings import ANONYMOUS_SHARE_COOKIE_TIMEOUT
# from tokens import anon_share_token_generator
from seahub.auth.decorators import login_required
from seahub.auth.decorators import login_required, login_required_ajax
from seahub.base.accounts import User
from seahub.base.decorators import user_mods_check
from seahub.contacts.models import Contact
@@ -542,7 +542,7 @@ def view_priv_shared_folder(request, repo_id):
url = reverse('repo', args=[repo.origin_repo_id]) + '?p=' + repo.origin_path
return HttpResponseRedirect(url)
@login_required
@login_required_ajax
def share_permission_admin(request):
"""Change repo share permission in ShareAdmin.
"""
@@ -692,14 +692,11 @@ def share_permission_admin(request):
# return HttpResponseRedirect(next)
########## share link
@login_required
@login_required_ajax
def get_shared_link(request):
"""
Handle ajax request to generate file or dir shared link.
"""
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
repo_id = request.GET.get('repo_id', '')
@@ -744,19 +741,24 @@ def remove_shared_link(request):
"""
token = request.GET.get('t')
if not request.is_ajax():
FileShare.objects.filter(token=token).delete()
next = request.META.get('HTTP_REFERER', None)
if not next:
next = reverse('share_admin')
FileShare.objects.filter(token=token).delete()
next = request.META.get('HTTP_REFERER', None)
if not next:
next = reverse('share_admin')
messages.success(request, _(u'Removed successfully'))
messages.success(request, _(u'Removed successfully'))
return HttpResponseRedirect(next)
return HttpResponseRedirect(next)
@login_required_ajax
def ajax_remove_shared_link(request):
content_type = 'application/json; charset=utf-8'
result = {}
token = request.GET.get('t')
if not token:
result = {'error': _(u"Argument missing")}
return HttpResponse(json.dumps(result), status=400, content_type=content_type)
@@ -770,6 +772,7 @@ def remove_shared_link(request):
result = {'error': _(u"The link doesn't exist")}
return HttpResponse(json.dumps(result), status=400, content_type=content_type)
@login_required
def remove_shared_upload_link(request):
"""
@@ -777,19 +780,23 @@ def remove_shared_upload_link(request):
"""
token = request.GET.get('t')
if not request.is_ajax():
UploadLinkShare.objects.filter(token=token).delete()
next = request.META.get('HTTP_REFERER', None)
if not next:
next = reverse('share_admin')
UploadLinkShare.objects.filter(token=token).delete()
next = request.META.get('HTTP_REFERER', None)
if not next:
next = reverse('share_admin')
messages.success(request, _(u'Removed successfully'))
messages.success(request, _(u'Removed successfully'))
return HttpResponseRedirect(next)
return HttpResponseRedirect(next)
@login_required_ajax
def ajax_remove_shared_upload_link(request):
content_type = 'application/json; charset=utf-8'
result = {}
token = request.GET.get('t')
if not token:
result = {'error': _(u"Argument missing")}
return HttpResponse(json.dumps(result), status=400, content_type=content_type)
@@ -803,12 +810,13 @@ def remove_shared_upload_link(request):
result = {'error': _(u"The link doesn't exist")}
return HttpResponse(json.dumps(result), status=400, content_type=content_type)
@login_required
@login_required_ajax
def send_shared_link(request):
"""
Handle ajax post request to send file shared link.
"""
if not request.is_ajax() and not request.method == 'POST':
if not request.method == 'POST':
raise Http404
content_type = 'application/json; charset=utf-8'
@@ -1035,13 +1043,11 @@ def user_share_list(request, id_or_email):
'add_to_contacts': add_to_contacts,
}, context_instance=RequestContext(request))
@login_required
@login_required_ajax
def get_shared_upload_link(request):
"""
Handle ajax request to generate dir upload link.
"""
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
repo_id = request.GET.get('repo_id', '')
@@ -1085,12 +1091,12 @@ def get_shared_upload_link(request):
data = json.dumps({'token': token, 'shared_upload_link': shared_upload_link})
return HttpResponse(data, status=200, content_type=content_type)
@login_required
@login_required_ajax
def send_shared_upload_link(request):
"""
Handle ajax post request to send shared upload link.
"""
if not request.is_ajax() and not request.method == 'POST':
if not request.method == 'POST':
raise Http404
content_type = 'application/json; charset=utf-8'

124
seahub/templates/client_mgmt.html
View File

@@ -1,124 +0,0 @@
{% extends "home_base.html" %}
{% load seahub_tags avatar_tags i18n %}
{% block sub_title %}{% trans "Clients" %} - {% endblock %}
{% block cur_clients %}tab-cur{% endblock %}
{% block right_panel %}
<h3 class="hd">{% trans "Clients" %}</h3>
{% if clients %}
<table class="client-list">
<tr>
<th width="20%">{% trans "Client Name" %}</th>
<th width="20%">{% trans "Library" %}</th>
<th width="20%">{% trans "IP" %}</th>
<th width="20%">{% trans "Last Sync" %}</th>
<th width="20%">{% trans "Operations" %}</th>
</tr>
{% for client in clients %}
<tr data-repoid="{{client.repo_id}}" data-token="{{client.token}}">
<td>
{% if client.peer_name %}
{% if client.show_peer_name %}
{{ client.peer_name }}
{% endif %}
{% else %}
--
{% endif %}
</td>
<td>
<a href="{% url 'repo' client.repo_id %}">{{ client.repo_name }}</a>
</td>
<td>
{% if client.peer_ip %}
{{ client.peer_ip }}
{% else %}
--
{% endif %}
</td>
<td>
{% if client.sync_time > 0 %}
{{ client.sync_time|translate_seahub_time }}
{% else %}
{% trans "Not synced" %}
{% endif %}
</td>
<td>
<div><a href="#" class="unsync-client op vh">{% trans "Unsync" %}</a></div>
</td>
</tr>
{% endfor %}
</table>
<div class="op-confirm unsync-confirm hide" id="unsync-cfm-popup">
<p>{% trans "Really want to unsync it?" %}</p>
<button class="yes">{% trans "Yes" %}</button>
<button class="no">{% trans "No" %}</button>
</div>
{% else %}
<div class="empty-tips">
<h2 class="alc">{% trans "You do not have connected clients" %}</h2>
<p>{% trans "The libraries synced to desktop clients are listed in this page. You can see the client's name and its IP address. You may unsync a client from a library if you no longer want to sync it." %}</p>
</div>
{% endif %}
{% endblock %}
{% block extra_script %}{{block.super}}
<script type="text/javascript">
$('#main-panel').removeClass('ovhd');
$('.unsync-client').click(function() {
var op = $(this);
var cont = op.parent().css({'position': 'relative'}),
cfm;
// only show 1 popup each time.
$('.unsync-confirm', op.parents('table')).addClass('hide');
if (cont.find('.unsync-confirm').length == 1) {
cfm = cont.find('.unsync-confirm');
} else {
cfm = $('#unsync-cfm-popup').clone().removeAttr('id');
cont.append(cfm);
cfm.css({'left': op.position().left + op.width() + 10, 'top': op.position().top, 'white-space':'nowrap'});
}
cfm.removeClass('hide');
$('.no',cfm).click(function() {
cfm.addClass('hide');
});
$('.yes',cfm).click(function() {
var tr = op.parents('tr');
$.ajax({
url: '{% url 'client_unsync' %}?repo_id=' + e(tr.data('repoid')) + '&token=' + e(tr.data('token')),
dataType: 'json',
success: function() {
var repo_name_td = $($('td', tr)[0]);
var next_repo_name_td = $($('td', tr.next())[0]);
if ($.trim(repo_name_td.html()) && !$.trim(next_repo_name_td.html())) {
next_repo_name_td.replaceWith(repo_name_td);
}
tr.remove();
feedback("{% trans "Successfully unsynced." %}", 'success');
},
error: ajaxErrorHandler
});
});
return false;
});
$("tr:gt(0)", $('.client-list')).unbind().hover(
function() {
if ($('.unsync-confirm:visible', $('.client-list')).length == 0) {
$(this).addClass('hl');
$(this).find('.op').removeClass('vh');
}
},
function() {
if ($('.unsync-confirm:visible', $('.client-list')).length == 0) {
$(this).find('.op').addClass('vh');
$(this).removeClass('hl');
}
}
);
</script>
{% endblock %}

8
seahub/templates/myhome.html
View File

@@ -107,9 +107,13 @@ sublib_create_btn.click(function() {
}
},
error: function(jqXHR, textStatus, errorThrown) {
if (!jqXHR.responseText) {
dir_tree_cont.html('<p class="error">' + "{% trans "Failed. Please check the network." %}" + '</p>');
var error;
if (jqXHR.responseText) {
error = $.parseJSON(jqXHR.responseText).error;
} else {
error = "{% trans "Failed. Please check the network." %}";
}
dir_tree_cont.html('<p class="error">' + error + '</p>');
}
});
});

4
seahub/templates/repo_settings.html
View File

@@ -307,9 +307,9 @@ $('#remove-repo-shared-download-link, #remove-repo-shared-upload-link').click(fu
ajax_url;
if (id.indexOf('upload') != -1) {
ajax_url = '{% url 'remove_shared_upload_link' %}';
ajax_url = '{% url 'ajax_remove_shared_upload_link' %}';
} else {
ajax_url = '{% url 'remove_shared_link' %}';
ajax_url = '{% url 'ajax_remove_shared_link' %}';
}
$.ajax({

8
seahub/templates/snippets/add_file_js.html
View File

@@ -16,9 +16,13 @@ $('.add-file').click(function(){
}
},
error: function(jqXHR, textStatus, errorThrown) {
if (!jqXHR.responseText) {
file_tree_cont.html('<p class="error">' + "{% trans "Failed. Please check the network." %}" + '</p>');
var error;
if (jqXHR.responseText) {
error = $.parseJSON(jqXHR.responseText).error;
} else {
error = "{% trans "Failed. Please check the network." %}";
}
file_tree_cont.html('<p class="error">' + error + '</p>');
}
});
});

6
seahub/templates/snippets/bottom_bar.html
View File

@@ -40,7 +40,7 @@ $('#discuss').click(function() {
error: function(jqXHR, textStatus, errorThrown) {
var err_str = '';
if (jqXHR.responseText) {
err_str = $.parseJSON(jqXHR.responseText).err;
err_str = $.parseJSON(jqXHR.responseText).error;
feedback(err_str, 'error');
}
}
@@ -98,13 +98,13 @@ $('#discuss-submit').click(function() {
form.find('.input').val('');
}
if(data['err']) {
feedback(data['err'], 'error');
feedback(data['error'], 'error');
}
},
error: function(jqXHR, textStatus, errorThrown) {
var err_str = '';
if (jqXHR.responseText) {
err_str = $.parseJSON(jqXHR.responseText).err;
err_str = $.parseJSON(jqXHR.responseText).error;
} else {
err_str = "{% trans "Failed. Please check the network." %}";
}

4
seahub/templates/snippets/shared_link_js.html
View File

@@ -311,7 +311,7 @@ $('#rm-shared-link').click(function() {
token = obj.data('token');
$.ajax({
url: '{% url 'remove_shared_link' %}?t=' + token,
url: '{% url 'ajax_remove_shared_link' %}?t=' + token,
dataType: 'json',
cache: false,
success: function(data) {
@@ -468,7 +468,7 @@ $('#rm-shared-upload-link').click(function() {
token = obj.data('upload-token');
$.ajax({
url: '{% url 'remove_shared_upload_link' %}?t=' + token,
url: '{% url 'ajax_remove_shared_upload_link' %}?t=' + token,
dataType: 'json',
cache: false,
success: function(data) {

2
seahub/urls.py
View File

@@ -49,8 +49,6 @@ urlpatterns = patterns('',
url(r'^home/wiki_page_edit/(?P<page_name>[^/]+)$', personal_wiki_page_edit, name='personal_wiki_page_edit'),
url(r'^home/wiki_page_delete/(?P<page_name>[^/]+)$', personal_wiki_page_delete, name='personal_wiki_page_delete'),
# url(r'^home/clients/$', client_mgmt, name='client_mgmt'),
# url(r'^home/clients/unsync/$', client_unsync, name='client_unsync'),
url(r'^devices/$', devices, name='devices'),
url(r'^home/devices/unlink/$', unlink_device, name='unlink_device'),

64
seahub/views/__init__.py
View File

@@ -34,7 +34,7 @@ from seaserv import seafile_api
from pysearpc import SearpcError
from seahub.avatar.util import get_avatar_file_storage
from seahub.auth.decorators import login_required
from seahub.auth.decorators import login_required, login_required_ajax
from seahub.auth import login as auth_login
from seahub.auth import authenticate, get_backends
from seahub.base.accounts import User
@@ -527,7 +527,7 @@ def repo_settings(request, repo_id):
'repo_shared_links': repo_shared_links,
}, context_instance=RequestContext(request))
@login_required
@login_required_ajax
def repo_owner(request, repo_id):
"""Handle post request to transfer library owner.
"""
@@ -584,7 +584,7 @@ def repo_owner(request, repo_id):
return HttpResponse(json.dumps({'success': True}),
content_type=content_type)
@login_required
@login_required_ajax
def repo_change_passwd(request, repo_id):
"""Handle ajax post request to change library password.
"""
@@ -1056,11 +1056,8 @@ def devices(request):
"devices": user_devices,
}, context_instance=RequestContext(request))
@login_required
@login_required_ajax
def unlink_device(request):
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
platform = request.POST.get('platform', '')
@@ -1078,58 +1075,6 @@ def unlink_device(request):
return HttpResponse(json.dumps({'success': True}), content_type=content_type)
@login_required
@user_mods_check
def client_mgmt(request):
username = request.user.username
clients = []
try:
clients = seafile_api.list_repo_tokens_by_email(username)
except:
pass
filter_clients = []
for c in clients:
if c.peer_name is not None:
filter_clients.append(c)
if filter_clients:
filter_clients.sort(key=lambda client: client.peer_name)
for i, client in enumerate(filter_clients):
if i == 0:
client.show_peer_name = True
else:
if client.peer_name != filter_clients[i-1].peer_name:
client.show_peer_name = True
return render_to_response('client_mgmt.html', {
'clients': filter_clients,
}, context_instance=RequestContext(request))
@login_required
def client_unsync(request):
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
repo_id = request.GET.get('repo_id', '')
token = request.GET.get('token', '')
if not (repo_id and token):
return HttpResponse(json.dumps({'error': _(u'Argument missing')}),
status=400, content_type=content_type)
username = request.user.username
try:
seafile_api.delete_repo_token(repo_id, token, username)
return HttpResponse(json.dumps({'success': True}),
content_type=content_type)
except:
return HttpResponse(json.dumps({'error': _(u'Internal server error')}),
status=500, content_type=content_type)
@login_required
def unsetinnerpub(request, repo_id):
"""Unshare repos in organization or in share admin page.
@@ -1708,6 +1653,7 @@ def pubuser(request):
'page_range': page_range,
}, context_instance=RequestContext(request))
@login_required_ajax
def repo_set_password(request):
content_type = 'application/json; charset=utf-8'

196
seahub/views/ajax.py
View File

@@ -18,7 +18,7 @@ from seaserv import seafile_api, seafserv_rpc, is_passwd_set, \
get_user_quota_usage, get_user_share_usage
from pysearpc import SearpcError
from seahub.auth.decorators import login_required
from seahub.auth.decorators import login_required_ajax
from seahub.contacts.models import Contact
from seahub.forms import RepoNewDirentForm, RepoRenameDirentForm, \
RepoCreateForm, SharedRepoCreateForm
@@ -57,14 +57,11 @@ def is_group_user(gid, username):
return seaserv.is_group_user(gid, username)
########## repo related
@login_required
@login_required_ajax
def get_dirents(request, repo_id):
"""
Get dirents in a dir for file tree
"""
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
# permission checking
@@ -79,7 +76,7 @@ def get_dirents(request, repo_id):
all_dir = request.GET.get('all_dir', False)
if not path:
err_msg = _(u"No path.")
return HttpResponse(json.dumps({"err_msg": err_msg}), status=400,
return HttpResponse(json.dumps({"error": err_msg}), status=400,
content_type=content_type)
# get dirents for every path element
@@ -104,7 +101,7 @@ def get_dirents(request, repo_id):
try:
dirents = seafile_api.list_dir_by_path(repo_id, path.encode('utf-8'))
except SearpcError, e:
return HttpResponse(json.dumps({"err_msg": e.msg}), status=500,
return HttpResponse(json.dumps({"error": e.msg}), status=500,
content_type=content_type)
d_list = []
@@ -144,28 +141,24 @@ def get_dirents(request, repo_id):
f_list.sort(lambda x, y : cmp(x['name'].lower(), y['name'].lower()))
return HttpResponse(json.dumps(d_list + f_list), content_type=content_type)
@login_required
@login_required_ajax
def get_unenc_group_repos(request, group_id):
'''
Get unenc repos in a group.
'''
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
group_id_int = int(group_id)
group = get_group(group_id_int)
if not group:
err_msg = _(u"The group doesn't exist")
return HttpResponse(json.dumps({"err_msg": err_msg}), status=400,
return HttpResponse(json.dumps({"error": err_msg}), status=400,
content_type=content_type)
joined = is_group_user(group_id_int, request.user.username)
if not joined and not request.user.is_staff:
err_msg = _(u"Permission denied")
return HttpResponse(json.dumps({"err_msg": err_msg}), status=403,
return HttpResponse(json.dumps({"error": err_msg}), status=403,
content_type=content_type)
repos = seafile_api.get_group_repo_list(group_id_int)
@@ -177,13 +170,10 @@ def get_unenc_group_repos(request, group_id):
repo_list.sort(lambda x, y : cmp(x['name'].lower(), y['name'].lower()))
return HttpResponse(json.dumps(repo_list), content_type=content_type)
@login_required
@login_required_ajax
def get_my_unenc_repos(request):
"""Get my owned and unencrypted repos.
"""
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
repos = get_owned_repo_list(request)
@@ -196,16 +186,13 @@ def get_my_unenc_repos(request):
repo_list.sort(lambda x, y: cmp(x['name'].lower(), y['name'].lower()))
return HttpResponse(json.dumps(repo_list), content_type=content_type)
@login_required
@login_required_ajax
def unenc_rw_repos(request):
"""Get a user's unencrypt repos that he/she can read-write.
Arguments:
- `request`:
"""
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
acc_repos = get_unencry_rw_repos_by_user(request)
@@ -216,14 +203,11 @@ def unenc_rw_repos(request):
repo_list.sort(lambda x, y: cmp(x['name'].lower(), y['name'].lower()))
return HttpResponse(json.dumps(repo_list), content_type=content_type)
@login_required
@login_required_ajax
def list_dir(request, repo_id):
"""
List directory entries in AJAX.
"""
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
repo = get_repo(repo_id)
@@ -303,14 +287,11 @@ def list_dir(request, repo_id):
return HttpResponse(json.dumps({'html': html, 'path': path}),
content_type=content_type)
@login_required
@login_required_ajax
def list_dir_more(request, repo_id):
"""
List 'more' entries in a directory with AJAX.
"""
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
repo = get_repo(repo_id)
@@ -381,7 +362,7 @@ def new_dirent_common(func):
"""Decorator for common logic in creating directory and file.
"""
def _decorated(request, repo_id, *args, **kwargs):
if request.method != 'POST' or not request.is_ajax():
if request.method != 'POST':
raise Http404
result = {}
@@ -422,7 +403,7 @@ def new_dirent_common(func):
return func(repo.id, parent_dir, dirent_name, username)
return _decorated
@login_required
@login_required_ajax
@new_dirent_common
def new_dir(repo_id, parent_dir, dirent_name, username):
"""
@@ -442,7 +423,7 @@ def new_dir(repo_id, parent_dir, dirent_name, username):
return HttpResponse(json.dumps({'success': True, 'name': dirent_name}),
content_type=content_type)
@login_required
@login_required_ajax
@new_dirent_common
def new_file(repo_id, parent_dir, dirent_name, username):
"""
@@ -462,12 +443,12 @@ def new_file(repo_id, parent_dir, dirent_name, username):
return HttpResponse(json.dumps({'success': True, 'name': dirent_name}),
content_type=content_type)
@login_required
@login_required_ajax
def rename_dirent(request, repo_id):
"""
Rename a file/dir in a repo, with ajax
"""
if request.method != 'POST' or not request.is_ajax():
if request.method != 'POST':
raise Http404
result = {}
@@ -521,14 +502,11 @@ def rename_dirent(request, repo_id):
return HttpResponse(json.dumps({'success': True}),
content_type=content_type)
@login_required
@login_required_ajax
def delete_dirent(request, repo_id):
"""
Delete a file/dir with ajax.
"""
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
repo = get_repo(repo_id)
@@ -563,14 +541,11 @@ def delete_dirent(request, repo_id):
return HttpResponse(json.dumps({'error': err_msg}),
status=500, content_type=content_type)
@login_required
@login_required_ajax
def delete_dirents(request, repo_id):
"""
Delete multi files/dirs with ajax.
"""
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
repo = get_repo(repo_id)
@@ -611,7 +586,7 @@ def copy_move_common(func):
"""Decorator for common logic in copying/moving dir/file.
"""
def _decorated(request, repo_id, *args, **kwargs):
if request.method != 'POST' or not request.is_ajax():
if request.method != 'POST':
raise Http404
result = {}
@@ -661,7 +636,7 @@ def copy_move_common(func):
return func(repo_id, path, dst_repo_id, dst_path, obj_name, username)
return _decorated
@login_required
@login_required_ajax
@copy_move_common
def mv_file(src_repo_id, src_path, dst_repo_id, dst_path, obj_name, username):
result = {}
@@ -691,7 +666,7 @@ def mv_file(src_repo_id, src_path, dst_repo_id, dst_path, obj_name, username):
return HttpResponse(json.dumps(result), content_type=content_type)
@login_required
@login_required_ajax
@copy_move_common
def cp_file(src_repo_id, src_path, dst_repo_id, dst_path, obj_name, username):
result = {}
@@ -721,7 +696,7 @@ def cp_file(src_repo_id, src_path, dst_repo_id, dst_path, obj_name, username):
return HttpResponse(json.dumps(result), content_type=content_type)
@login_required
@login_required_ajax
@copy_move_common
def mv_dir(src_repo_id, src_path, dst_repo_id, dst_path, obj_name, username):
result = {}
@@ -758,7 +733,7 @@ def mv_dir(src_repo_id, src_path, dst_repo_id, dst_path, obj_name, username):
return HttpResponse(json.dumps(result), content_type=content_type)
@login_required
@login_required_ajax
@copy_move_common
def cp_dir(src_repo_id, src_path, dst_repo_id, dst_path, obj_name, username):
result = {}
@@ -802,7 +777,7 @@ def dirents_copy_move_common(func):
"""
def _decorated(request, repo_id, *args, **kwargs):
if request.method != 'POST' or not request.is_ajax():
if request.method != 'POST':
raise Http404
result = {}
@@ -854,7 +829,7 @@ def dirents_copy_move_common(func):
return func(repo_id, parent_dir, dst_repo_id, dst_path, obj_file_names, obj_dir_names, username)
return _decorated
@login_required
@login_required_ajax
@dirents_copy_move_common
def mv_dirents(src_repo_id, src_path, dst_repo_id, dst_path, obj_file_names, obj_dir_names, username):
result = {}
@@ -893,7 +868,7 @@ def mv_dirents(src_repo_id, src_path, dst_repo_id, dst_path, obj_file_names, obj
result = {'success': success, 'failed': failed, 'url': url, 'task_ids': task_ids}
return HttpResponse(json.dumps(result), content_type=content_type)
@login_required
@login_required_ajax
@dirents_copy_move_common
def cp_dirents(src_repo_id, src_path, dst_repo_id, dst_path, obj_file_names, obj_dir_names, username):
result = {}
@@ -932,14 +907,11 @@ def cp_dirents(src_repo_id, src_path, dst_repo_id, dst_path, obj_file_names, obj
result = {'success': success, 'failed': failed, 'url': url, 'task_ids': task_ids}
return HttpResponse(json.dumps(result), content_type=content_type)
@login_required
@login_required_ajax
def get_cp_progress(request):
'''
Fetch progress of file/dir mv/cp.
'''
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
result = {}
@@ -964,14 +936,11 @@ def get_cp_progress(request):
return HttpResponse(json.dumps(result), content_type=content_type)
@login_required
@login_required_ajax
def get_multi_cp_progress(request):
'''
Fetch progress of multi files/dirs mv/cp.
'''
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
result = {}
@@ -997,14 +966,11 @@ def get_multi_cp_progress(request):
result['fail'] = fail
return HttpResponse(json.dumps(result), content_type=content_type)
@login_required
@login_required_ajax
def cancel_cp(request):
'''
cancel file/dir mv/cp.
'''
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
result = {}
@@ -1024,11 +990,8 @@ def cancel_cp(request):
return HttpResponse(json.dumps(result), status=400,
content_type=content_type)
@login_required
@login_required_ajax
def repo_star_file(request, repo_id):
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
path = request.GET.get('file', '')
@@ -1041,11 +1004,8 @@ def repo_star_file(request, repo_id):
return HttpResponse(json.dumps({'success':True}), content_type=content_type)
@login_required
@login_required_ajax
def repo_unstar_file(request, repo_id):
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
path = request.GET.get('file', '')
@@ -1058,11 +1018,8 @@ def repo_unstar_file(request, repo_id):
return HttpResponse(json.dumps({'success':True}), content_type=content_type)
########## contacts related
@login_required
@login_required_ajax
def get_contacts(request):
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
username = request.user.username
@@ -1074,11 +1031,8 @@ def get_contacts(request):
return HttpResponse(json.dumps({"contacts":contact_list}), content_type=content_type)
@login_required
@login_required_ajax
def get_current_commit(request, repo_id):
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
repo = get_repo(repo_id)
@@ -1127,15 +1081,12 @@ def get_current_commit(request, repo_id):
return HttpResponse(json.dumps({'html': html}),
content_type=content_type)
@login_required
@login_required_ajax
def sub_repo(request, repo_id):
'''
check if a dir has a corresponding sub_repo
if it does not have, create one
'''
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
result = {}
@@ -1180,10 +1131,8 @@ def sub_repo(request, repo_id):
return HttpResponse(json.dumps(result), content_type=content_type)
@login_required_ajax
def download_enc_file(request, repo_id, file_id):
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
result = {}
@@ -1255,22 +1204,14 @@ def upload_file_done(request):
return HttpResponse(json.dumps({'success': True}), content_type=ct)
@login_required_ajax
def unseen_notices_count(request):
"""Count user's unseen notices.
Arguments:
- `request`:
"""
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
if not request.user.is_authenticated():
return HttpResponse(json.dumps({
'error': _('Please log in.')
}), status=400, content_type=content_type)
username = request.user.username
count = UserNotification.objects.count_unseen_user_notifications(username)
@@ -1278,6 +1219,7 @@ def unseen_notices_count(request):
result['count'] = count
return HttpResponse(json.dumps(result), content_type=content_type)
@login_required_ajax
def get_popup_notices(request):
"""Get user's notifications.
@@ -1289,16 +1231,7 @@ def get_popup_notices(request):
Arguments:
- `request`:
"""
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
if not request.user.is_authenticated():
return HttpResponse(json.dumps({
'error': _('Please log in.')
}), status=400, content_type=content_type)
username = request.user.username
result_notices = []
@@ -1371,16 +1304,13 @@ def get_popup_notices(request):
"notice_html": notice_html,
}), content_type=content_type)
@login_required
@login_required_ajax
def set_notices_seen(request):
"""Set user's notices seen:
Arguments:
- `request`:
"""
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
username = request.user.username
@@ -1392,16 +1322,13 @@ def set_notices_seen(request):
return HttpResponse(json.dumps({'success': True}), content_type=content_type)
@login_required
@login_required_ajax
def set_notice_seen_by_id(request):
"""
Arguments:
- `request`:
"""
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
notice_id = request.GET.get('notice_id')
@@ -1412,14 +1339,8 @@ def set_notice_seen_by_id(request):
return HttpResponse(json.dumps({'success': True}), content_type=content_type)
@login_required
@login_required_ajax
def repo_remove(request, repo_id):
if not request.is_ajax():
raise Http404
ct = 'application/json; charset=utf-8'
result = {}
if get_system_default_repo_id() == repo_id:
result['error'] = _(u'System library can not be deleted.')
return HttpResponse(json.dumps(result), status=403, content_type=ct)
@@ -1471,17 +1392,10 @@ def repo_remove(request, repo_id):
result['error'] = _(u'Permission denied.')
return HttpResponse(json.dumps(result), status=403, content_type=ct)
@login_required_ajax
def space_and_traffic(request):
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
if not request.user.is_authenticated():
return HttpResponse(json.dumps({
'error': _('Please log in.')
}), status=400, content_type=content_type)
username = request.user.username
quota = seafserv_threaded_rpc.get_user_quota(username)
@@ -1625,16 +1539,13 @@ def get_group_repos(request, groups):
group_repos.append(r)
return group_repos
@login_required
@login_required_ajax
def my_shared_and_group_repos(request):
"""Return html snippet of repos that shared to user and group repos.
Arguments:
- `request`:
"""
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
# shared
@@ -1672,13 +1583,10 @@ def my_shared_and_group_repos(request):
}
return HttpResponse(json.dumps(ret), content_type=content_type)
@login_required
@login_required_ajax
def get_file_op_url(request, repo_id):
"""Get file upload/update url for AJAX.
"""
if not request.is_ajax():
raise Http404
content_type = 'application/json; charset=utf-8'
op_type = request.GET.get('op_type') # value can be 'upload', 'update', 'upload-blks', 'update-blks'
@@ -1696,11 +1604,8 @@ def get_file_op_url(request, repo_id):
return HttpResponse(json.dumps({"url": url}), content_type=content_type)
@login_required
@login_required_ajax
def repo_history_changes(request, repo_id):
if not request.is_ajax():
return Http404
changes = {}
content_type = 'application/json; charset=utf-8'
@@ -1743,13 +1648,13 @@ def repo_history_changes(request, repo_id):
return HttpResponse(json.dumps(changes), content_type=content_type)
@login_required
@login_required_ajax
def repo_create(request):
'''
Handle ajax post to create a library.
'''
if not request.is_ajax() or request.method != 'POST':
if request.method != 'POST':
return Http404
result = {}
@@ -1819,13 +1724,13 @@ def repo_create(request):
repo_name=repo_name)
return HttpResponse(json.dumps(result), content_type=content_type)
@login_required
@login_required_ajax
def public_repo_create(request):
'''
Handle ajax post to create public repo.
'''
if not request.is_ajax() or request.method != 'POST':
if request.method != 'POST':
return Http404
result = {}
@@ -1874,11 +1779,8 @@ def public_repo_create(request):
repo_name=repo_name)
return HttpResponse(json.dumps(result), content_type=content_type)
@login_required
@login_required_ajax
def events(request):
if not request.is_ajax():
raise Http404
events_count = 15
username = request.user.username
start = int(request.GET.get('start'))

82
seahub/views/sysadmin.py
View File

@@ -22,7 +22,7 @@ from pysearpc import SearpcError
from seahub.base.accounts import User
from seahub.base.models import UserLastLogin
from seahub.base.decorators import sys_staff_required
from seahub.auth.decorators import login_required
from seahub.auth.decorators import login_required, login_required_ajax
from seahub.utils import IS_EMAIL_CONFIGURED, string2list, is_valid_username
from seahub.views import get_system_default_repo_id
from seahub.forms import SetUserQuotaForm, AddUserForm, BatchAddUserForm
@@ -343,10 +343,10 @@ def user_info(request, email):
'd_profile': d_profile,
}, context_instance=RequestContext(request))
@login_required
@login_required_ajax
@sys_staff_required
def user_set_quota(request, email):
if not request.is_ajax() or request.method != 'POST':
if request.method != 'POST':
raise Http404
content_type = 'application/json; charset=utf-8'
@@ -361,7 +361,7 @@ def user_set_quota(request, email):
try:
seafile_api.set_user_quota(email, quota)
except:
result['error'] = _(u'Failed to set quota: internal error')
result['error'] = _(u'Failed to set quota: internal server error')
return HttpResponse(json.dumps(result), status=500, content_type=content_type)
result['success'] = True
@@ -463,7 +463,7 @@ def email_user_on_activation(user):
send_html_email(_(u'Your account on %s is activated') % SITE_NAME,
'sysadmin/user_activation_email.html', c, None, [user.email])
@login_required
@login_required_ajax
@sys_staff_required
def user_toggle_status(request, user_id):
content_type = 'application/json; charset=utf-8'
@@ -558,31 +558,44 @@ def send_user_add_mail(request, email, password):
send_html_email(_(u'You are invited to join %s') % SITE_NAME,
'sysadmin/user_add_email.html', c, None, [email])
@login_required
@login_required_ajax
def user_add(request):
"""Add a user"""
if not request.user.is_staff:
if not request.user.is_staff or request.method != 'POST':
raise Http404
content_type = 'application/json; charset=utf-8'
if request.method == 'POST':
post_values = request.POST.copy()
post_email = request.POST.get('email', '')
post_values.update({'email': post_email.lower()})
form = AddUserForm(post_values)
if form.is_valid():
email = form.cleaned_data['email']
password = form.cleaned_data['password1']
post_values = request.POST.copy()
post_email = request.POST.get('email', '')
post_values.update({'email': post_email.lower()})
user = User.objects.create_user(email, password, is_staff=False,
is_active=True)
if request.user.org:
org_id = request.user.org.org_id
url_prefix = request.user.org.url_prefix
ccnet_threaded_rpc.add_org_user(org_id, email, 0)
if IS_EMAIL_CONFIGURED:
form = AddUserForm(post_values)
if form.is_valid():
email = form.cleaned_data['email']
password = form.cleaned_data['password1']
user = User.objects.create_user(email, password, is_staff=False,
is_active=True)
if request.user.org:
org_id = request.user.org.org_id
url_prefix = request.user.org.url_prefix
ccnet_threaded_rpc.add_org_user(org_id, email, 0)
if IS_EMAIL_CONFIGURED:
try:
send_user_add_mail(request, email, password)
messages.success(request, _(u'Successfully added user %s. An email notification has been sent.') % email)
except Exception, e:
logger.error(str(e))
messages.success(request, _(u'Successfully added user %s. An error accurs when sending email notification, please check your email configuration.') % email)
else:
messages.success(request, _(u'Successfully added user %s.') % email)
return HttpResponse(json.dumps({'success': True}), content_type=content_type)
else:
if IS_EMAIL_CONFIGURED:
if SEND_EMAIL_ON_ADDING_SYSTEM_MEMBER:
try:
send_user_add_mail(request, email, password)
messages.success(request, _(u'Successfully added user %s. An email notification has been sent.') % email)
@@ -591,25 +604,12 @@ def user_add(request):
messages.success(request, _(u'Successfully added user %s. An error accurs when sending email notification, please check your email configuration.') % email)
else:
messages.success(request, _(u'Successfully added user %s.') % email)
return HttpResponse(json.dumps({'success': True}), content_type=content_type)
else:
if IS_EMAIL_CONFIGURED:
if SEND_EMAIL_ON_ADDING_SYSTEM_MEMBER:
try:
send_user_add_mail(request, email, password)
messages.success(request, _(u'Successfully added user %s. An email notification has been sent.') % email)
except Exception, e:
logger.error(str(e))
messages.success(request, _(u'Successfully added user %s. An error accurs when sending email notification, please check your email configuration.') % email)
else:
messages.success(request, _(u'Successfully added user %s.') % email)
else:
messages.success(request, _(u'Successfully added user %s. But email notification can not be sent, because Email service is not properly configured.') % email)
messages.success(request, _(u'Successfully added user %s. But email notification can not be sent, because Email service is not properly configured.') % email)
return HttpResponse(json.dumps({'success': True}), content_type=content_type)
else:
return HttpResponse(json.dumps({'err': str(form.errors)}), status=400, content_type=content_type)
return HttpResponse(json.dumps({'success': True}), content_type=content_type)
else:
return HttpResponse(json.dumps({'err': str(form.errors)}), status=400, content_type=content_type)
@login_required
@sys_staff_required
@@ -808,12 +808,12 @@ def sys_traffic_admin(request):
},
context_instance=RequestContext(request))
@login_required
@login_required_ajax
@sys_staff_required
def batch_user_make_admin(request):
"""Batch make users as admins.
"""
if not request.is_ajax() or request.method != 'POST':
if request.method != 'POST':
raise Http404
result = {}