diff --git a/seahub/api2/utils.py b/seahub/api2/utils.py index 3f1189fc0a..01b0a28cc5 100644 --- a/seahub/api2/utils.py +++ b/seahub/api2/utils.py @@ -580,9 +580,9 @@ def api_repo_user_folder_perm_check(func): return api_error(status.HTTP_403_FORBIDDEN, error_msg) # check arguments - user = request.data.get('user', None) - path = request.data.get('path', None) - perm = request.data.get('perm', None) + user = request.data.get('user_email', None) + path = request.data.get('folder_path', None) + perm = request.data.get('permission', None) try: User.objects.get(email=user) @@ -598,7 +598,7 @@ def api_repo_user_folder_perm_check(func): return api_error(status.HTTP_404_NOT_FOUND, error_msg) if request.method in ('POST', 'PUT') and perm not in ('r', 'rw'): - error_msg = 'perm invalid.' + error_msg = 'permission invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) return func(view, request, repo_id, *args, **kwargs) @@ -627,8 +627,8 @@ def api_repo_group_folder_perm_check(func): # check arguments group_id = request.data.get('group_id', None) - path = request.data.get('path', None) - perm = request.data.get('perm', None) + path = request.data.get('folder_path', None) + perm = request.data.get('permission', None) try: group_id = int(group_id) @@ -648,7 +648,7 @@ def api_repo_group_folder_perm_check(func): return api_error(status.HTTP_404_NOT_FOUND, error_msg) if request.method in ('POST', 'PUT') and perm not in ('r', 'rw'): - error_msg = 'perm invalid.' + error_msg = 'permission invalid.' return api_error(status.HTTP_400_BAD_REQUEST, error_msg) return func(view, request, repo_id, *args, **kwargs) diff --git a/seahub/api2/views.py b/seahub/api2/views.py index 2a587cc6d6..966c4cf95a 100644 --- a/seahub/api2/views.py +++ b/seahub/api2/views.py @@ -4415,9 +4415,9 @@ class RepoUserFolderPerm(APIView): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) - user = request.data.get('user') - path = request.data.get('path') - perm = request.data.get('perm') + user = request.data.get('user_email') + path = request.data.get('folder_path') + perm = request.data.get('permission') path = path.rstrip('/') if path != '/' else path permission = seafile_api.get_folder_user_perm(repo_id, path, user) @@ -4443,9 +4443,9 @@ class RepoUserFolderPerm(APIView): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) - user = request.data.get('user') - path = request.data.get('path') - perm = request.data.get('perm') + user = request.data.get('user_email') + path = request.data.get('folder_path') + perm = request.data.get('permission') path = path.rstrip('/') if path != '/' else path permission = seafile_api.get_folder_user_perm(repo_id, path, user) @@ -4471,8 +4471,8 @@ class RepoUserFolderPerm(APIView): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) - user = request.data.get('user') - path = request.data.get('path') + user = request.data.get('user_email') + path = request.data.get('folder_path') path = path.rstrip('/') if path != '/' else path permission = seafile_api.get_folder_user_perm(repo_id, path, user) @@ -4540,8 +4540,8 @@ class RepoGroupFolderPerm(APIView): return api_error(status.HTTP_403_FORBIDDEN, error_msg) group_id = request.data.get('group_id') - path = request.data.get('path') - perm = request.data.get('perm') + path = request.data.get('folder_path') + perm = request.data.get('permission') group_id = int(group_id) path = path.rstrip('/') if path != '/' else path @@ -4569,8 +4569,8 @@ class RepoGroupFolderPerm(APIView): return api_error(status.HTTP_403_FORBIDDEN, error_msg) group_id = request.data.get('group_id') - path = request.data.get('path') - perm = request.data.get('perm') + path = request.data.get('folder_path') + perm = request.data.get('permission') group_id = int(group_id) path = path.rstrip('/') if path != '/' else path @@ -4598,7 +4598,7 @@ class RepoGroupFolderPerm(APIView): return api_error(status.HTTP_403_FORBIDDEN, error_msg) group_id = request.data.get('group_id') - path = request.data.get('path') + path = request.data.get('folder_path') group_id = int(group_id) path = path.rstrip('/') if path != '/' else path diff --git a/tests/api/test_repo_group_folder_perm.py b/tests/api/test_repo_group_folder_perm.py index aea28a1cbe..c0e40c3c5a 100644 --- a/tests/api/test_repo_group_folder_perm.py +++ b/tests/api/test_repo_group_folder_perm.py @@ -58,7 +58,7 @@ class RepoGroupFolderPermTest(BaseTestCase): self.login_as(self.user) url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) - data = 'group_id=%s&path=%s&perm=%s' % (self.group_id, + data = 'group_id=%s&folder_path=%s&permission=%s' % (self.group_id, self.user_folder_path, self.perm_rw) resp = self.client.put(url, data, 'application/x-www-form-urlencoded') @@ -72,7 +72,7 @@ class RepoGroupFolderPermTest(BaseTestCase): self.login_as(self.admin) url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) - data = 'group_id=%s&path=%s&perm=%s' % (self.group_id, + data = 'group_id=%s&folder_path=%s&permission=%s' % (self.group_id, self.user_folder_path, self.perm_rw) resp = self.client.put(url, data, 'application/x-www-form-urlencoded') @@ -86,7 +86,7 @@ class RepoGroupFolderPermTest(BaseTestCase): self.login_as(self.user) url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) - data = 'group_id=%s&path=%s&perm=%s' % (self.group_id, + data = 'group_id=%s&folder_path=%s&permission=%s' % (self.group_id, self.user_folder_path, self.perm_rw) resp = self.client.put(url, data, 'application/x-www-form-urlencoded') @@ -102,8 +102,8 @@ class RepoGroupFolderPermTest(BaseTestCase): url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) data = { "group_id": self.group_id, - "path": self.user_folder_path, - "perm": self.perm_rw + "folder_path": self.user_folder_path, + "permission": self.perm_rw } resp = self.client.post(url, data) @@ -122,8 +122,8 @@ class RepoGroupFolderPermTest(BaseTestCase): url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) data = { "group_id": self.group_id, - "path": self.user_folder_path, - "perm": self.perm_rw + "folder_path": self.user_folder_path, + "permission": self.perm_rw } resp = self.client.post(url, data) @@ -142,8 +142,8 @@ class RepoGroupFolderPermTest(BaseTestCase): url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) data = { "group_id": self.group_id, - "path": self.user_folder_path, - "perm": self.perm_rw + "folder_path": self.user_folder_path, + "permission": self.perm_rw } resp = self.client.post(url, data) @@ -164,7 +164,7 @@ class RepoGroupFolderPermTest(BaseTestCase): assert len(json_resp) == 1 url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) - data = 'group_id=%s&path=%s' % (self.group_id, self.user_folder_path) + data = 'group_id=%s&folder_path=%s' % (self.group_id, self.user_folder_path) resp = self.client.delete(url, data, 'application/x-www-form-urlencoded') self.assertEqual(200, resp.status_code) @@ -176,7 +176,7 @@ class RepoGroupFolderPermTest(BaseTestCase): self.login_as(self.admin) url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) - data = 'group_id=%s&path=%s' % (self.group_id, self.user_folder_path) + data = 'group_id=%s&folder_path=%s' % (self.group_id, self.user_folder_path) resp = self.client.delete(url, data, 'application/x-www-form-urlencoded') self.assertEqual(403, resp.status_code) @@ -187,13 +187,13 @@ class RepoGroupFolderPermTest(BaseTestCase): # test delete url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) - data = 'group_id=%s&path=%s' % (self.group_id, invalid_path) + data = 'group_id=%s&folder_path=%s' % (self.group_id, invalid_path) resp = self.client.delete(url, data, 'application/x-www-form-urlencoded') self.assertEqual(404, resp.status_code) # test modify url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) - data = 'group_id=%s&path=%s&perm=%s' % (self.group_id, invalid_path, self.perm_rw) + data = 'group_id=%s&folder_path=%s&permission=%s' % (self.group_id, invalid_path, self.perm_rw) resp = self.client.put(url, data, 'application/x-www-form-urlencoded') self.assertEqual(404, resp.status_code) @@ -201,8 +201,8 @@ class RepoGroupFolderPermTest(BaseTestCase): url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) data = { "group_id": self.group_id, - "path": invalid_path, - "perm": self.perm_rw + "folder_path": invalid_path, + "permission": self.perm_rw } resp = self.client.post(url, data) self.assertEqual(404, resp.status_code) @@ -214,13 +214,13 @@ class RepoGroupFolderPermTest(BaseTestCase): # test delete url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) - data = 'group_id=%s&path=%s' % (invalid_group_id, self.user_folder_path) + data = 'group_id=%s&folder_path=%s' % (invalid_group_id, self.user_folder_path) resp = self.client.delete(url, data, 'application/x-www-form-urlencoded') self.assertEqual(404, resp.status_code) # test modify url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) - data = 'group_id=%s&path=%s&perm=%s' % (invalid_group_id, self.user_folder_path, self.perm_rw) + data = 'group_id=%s&folder_path=%s&permission=%s' % (invalid_group_id, self.user_folder_path, self.perm_rw) resp = self.client.put(url, data, 'application/x-www-form-urlencoded') self.assertEqual(404, resp.status_code) @@ -228,8 +228,8 @@ class RepoGroupFolderPermTest(BaseTestCase): url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) data = { "group_id": invalid_group_id, - "path": self.user_folder_path, - "perm": self.perm_rw + "folder_path": self.user_folder_path, + "permission": self.perm_rw } resp = self.client.post(url, data) self.assertEqual(404, resp.status_code) @@ -243,7 +243,7 @@ class RepoGroupFolderPermTest(BaseTestCase): # test modify url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) - data = 'group_id=%s&path=%s&perm=%s' % (self.group_id, self.user_folder_path, invalid_perm) + data = 'group_id=%s&folder_path=%s&permsission=%s' % (self.group_id, self.user_folder_path, invalid_perm) resp = self.client.put(url, data, 'application/x-www-form-urlencoded') self.assertEqual(400, resp.status_code) @@ -255,8 +255,8 @@ class RepoGroupFolderPermTest(BaseTestCase): url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]) data = { "group_id": self.group_id, - "path": self.user_folder_path, - "perm": invalid_perm + "folder_path": self.user_folder_path, + "permission": invalid_perm } resp = self.client.post(url, data) self.assertEqual(400, resp.status_code) diff --git a/tests/api/test_repo_user_folder_perm.py b/tests/api/test_repo_user_folder_perm.py index 90c290f683..a52d9a4b3d 100644 --- a/tests/api/test_repo_user_folder_perm.py +++ b/tests/api/test_repo_user_folder_perm.py @@ -57,7 +57,7 @@ class RepoUserFolderPermTest(BaseTestCase): self.login_as(self.user) url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) - data = 'user=%s&path=%s&perm=%s' % (self.admin_email, + data = 'user_email=%s&folder_path=%s&permission=%s' % (self.admin_email, self.user_folder_path, self.perm_rw) resp = self.client.put(url, data, 'application/x-www-form-urlencoded') @@ -71,7 +71,7 @@ class RepoUserFolderPermTest(BaseTestCase): self.login_as(self.admin) url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) - data = 'user=%s&path=%s&perm=%s' % (self.admin_email, + data = 'user_email=%s&folder_path=%s&permission=%s' % (self.admin_email, self.user_folder_path, self.perm_rw) resp = self.client.put(url, data, 'application/x-www-form-urlencoded') @@ -85,7 +85,7 @@ class RepoUserFolderPermTest(BaseTestCase): self.login_as(self.user) url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) - data = 'user=%s&path=%s&perm=%s' % (self.admin_email, + data = 'user_email=%s&folder_path=%s&permission=%s' % (self.admin_email, self.user_folder_path, self.perm_rw) resp = self.client.put(url, data, 'application/x-www-form-urlencoded') @@ -100,9 +100,9 @@ class RepoUserFolderPermTest(BaseTestCase): url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) data = { - "user": self.admin_email, - "path": self.user_folder_path, - "perm": self.perm_rw + "user_email": self.admin_email, + "folder_path": self.user_folder_path, + "permission": self.perm_rw } resp = self.client.post(url, data) @@ -120,9 +120,9 @@ class RepoUserFolderPermTest(BaseTestCase): url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) data = { - "user": self.admin_email, - "path": self.user_folder_path, - "perm": self.perm_rw + "user_email": self.admin_email, + "folder_path": self.user_folder_path, + "permission": self.perm_rw } resp = self.client.post(url, data) @@ -140,9 +140,9 @@ class RepoUserFolderPermTest(BaseTestCase): url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) data = { - "user": self.admin_email, - "path": self.user_folder_path, - "perm": self.perm_r + "user_email": self.admin_email, + "folder_path": self.user_folder_path, + "permission": self.perm_r } resp = self.client.post(url, data) @@ -163,7 +163,7 @@ class RepoUserFolderPermTest(BaseTestCase): assert len(json_resp) == 1 url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) - data = 'user=%s&path=%s' % (self.admin_email, self.user_folder_path) + data = 'user_email=%s&folder_path=%s' % (self.admin_email, self.user_folder_path) resp = self.client.delete(url, data, 'application/x-www-form-urlencoded') self.assertEqual(200, resp.status_code) @@ -175,7 +175,7 @@ class RepoUserFolderPermTest(BaseTestCase): self.login_as(self.admin) url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) - data = 'user=%s&path=%s' % (self.admin_email, self.user_folder_path) + data = 'user_email=%s&folder_path=%s' % (self.admin_email, self.user_folder_path) resp = self.client.delete(url, data, 'application/x-www-form-urlencoded') self.assertEqual(403, resp.status_code) @@ -187,22 +187,22 @@ class RepoUserFolderPermTest(BaseTestCase): # test add url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) data = { - "user": self.admin_email, - "path": invalid_path, - "perm": self.perm_rw + "user_email": self.admin_email, + "folder_path": invalid_path, + "permission": self.perm_rw } resp = self.client.post(url, data) self.assertEqual(404, resp.status_code) # test modify url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) - data = 'user=%s&path=%s&perm=%s' % (self.admin_email, invalid_path, self.perm_rw) + data = 'user_email=%s&folder_path=%s&permission=%s' % (self.admin_email, invalid_path, self.perm_rw) resp = self.client.put(url, data, 'application/x-www-form-urlencoded') self.assertEqual(404, resp.status_code) # test delete url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) - data = 'user=%s&path=%s' % (self.admin_email, invalid_path) + data = 'user_email=%s&folder_path=%s' % (self.admin_email, invalid_path) resp = self.client.delete(url, data, 'application/x-www-form-urlencoded') self.assertEqual(404, resp.status_code) @@ -214,22 +214,22 @@ class RepoUserFolderPermTest(BaseTestCase): # test add url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) data = { - "user": invalid_user, - "path": self.user_folder_path, - "perm": self.perm_rw + "user_email": invalid_user, + "folder_path": self.user_folder_path, + "permission": self.perm_rw } resp = self.client.post(url, data) self.assertEqual(404, resp.status_code) # test modify url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) - data = 'user=%s&path=%s&perm=%s' % (invalid_user, self.user_folder_path, self.perm_rw) + data = 'user_email=%s&folder_path=%s&permission=%s' % (invalid_user, self.user_folder_path, self.perm_rw) resp = self.client.put(url, data, 'application/x-www-form-urlencoded') self.assertEqual(404, resp.status_code) # test delete url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) - data = 'user=%s&path=%s' % (invalid_user, self.user_folder_path) + data = 'user_email=%s&folder_path=%s' % (invalid_user, self.user_folder_path) resp = self.client.delete(url, data, 'application/x-www-form-urlencoded') self.assertEqual(404, resp.status_code) @@ -241,15 +241,15 @@ class RepoUserFolderPermTest(BaseTestCase): # test add url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) data = { - "user": self.admin_email, - "path": self.user_folder_path, - "perm": invalid_perm + "user_email": self.admin_email, + "folder_path": self.user_folder_path, + "permission": invalid_perm } resp = self.client.post(url, data) self.assertEqual(400, resp.status_code) # test modify url = reverse("api2-repo-user-folder-perm", args=[self.user_repo_id]) - data = 'user=%s&path=%s&perm=%s' % (self.admin_email, self.user_folder_path, invalid_perm) + data = 'user_email=%s&folder_path=%s&permission=%s' % (self.admin_email, self.user_folder_path, invalid_perm) resp = self.client.put(url, data, 'application/x-www-form-urlencoded') self.assertEqual(400, resp.status_code)