mirror of
https://github.com/haiwen/seahub.git
synced 2025-08-17 14:37:58 +00:00
modify code
This commit is contained in:
王健辉
parent
71a19128a9
commit
4f36dc4efa
@ -641,7 +641,14 @@ def dtable_file_view(request, workspace_id, name):
|
|||||||
return render(request, 'dtable_file_view_react.html', return_dict)
|
return render(request, 'dtable_file_view_react.html', return_dict)
|
||||||
|
|
||||||
|
|
||||||
def dtable_asset_access(request, workspace_id, dtable_id, name):
|
def dtable_asset_access(request, workspace_id, dtable_id, path):
|
||||||
|
|
||||||
|
# asset file type check
|
||||||
|
asset_name = os.path.basename(normalize_file_path(path))
|
||||||
|
file_type, file_ext = get_file_type_and_ext(asset_name)
|
||||||
|
if file_type != IMAGE:
|
||||||
|
err_msg = 'Invalid file type'
|
||||||
|
return render_error(request, err_msg)
|
||||||
|
|
||||||
# resource check
|
# resource check
|
||||||
workspace = Workspaces.objects.get_workspace_by_id(workspace_id)
|
workspace = Workspaces.objects.get_workspace_by_id(workspace_id)
|
||||||
@ -653,20 +660,20 @@ def dtable_asset_access(request, workspace_id, dtable_id, name):
|
|||||||
if not repo:
|
if not repo:
|
||||||
raise Http404
|
raise Http404
|
||||||
|
|
||||||
asset_file_path = os.path.join('/asset', dtable_id, name)
|
asset_path = normalize_file_path(os.path.join('/asset', dtable_id, path))
|
||||||
asset_file_id = seafile_api.get_file_id_by_path(repo_id, asset_file_path)
|
asset_id = seafile_api.get_file_id_by_path(repo_id, asset_path)
|
||||||
if not asset_file_id:
|
if not asset_id:
|
||||||
raise Http404
|
raise Http404
|
||||||
|
|
||||||
# check file type
|
# permission check
|
||||||
file_type, file_ext = get_file_type_and_ext(name)
|
username = request.user.username
|
||||||
if file_type != IMAGE:
|
owner = workspace.owner
|
||||||
err_msg = 'Invalid file type'
|
if username != owner:
|
||||||
return render_error(request, err_msg)
|
return render_permission_error(request, 'Permission denied.')
|
||||||
|
|
||||||
token = seafile_api.get_fileserver_access_token(repo_id, asset_file_id,
|
token = seafile_api.get_fileserver_access_token(repo_id, asset_id, 'view',
|
||||||
'view', '', use_onetime=False)
|
'', use_onetime=False)
|
||||||
|
|
||||||
url = gen_file_get_url(token, name)
|
url = gen_file_get_url(token, asset_name)
|
||||||
|
|
||||||
return HttpResponseRedirect(url)
|
return HttpResponseRedirect(url)
|
||||||
|
|||||||
@ -364,7 +364,7 @@ urlpatterns = [
|
|||||||
url(r'^api/v2.1/workspace/(?P<workspace_id>\d+)/dtable-update-link/$', DTableUpdateLinkView.as_view(), name='api-v2.1-workspace-dtable-update-link'),
|
url(r'^api/v2.1/workspace/(?P<workspace_id>\d+)/dtable-update-link/$', DTableUpdateLinkView.as_view(), name='api-v2.1-workspace-dtable-update-link'),
|
||||||
url(r'^api/v2.1/workspace/(?P<workspace_id>\d+)/dtable-asset-upload-link/$', DTableAssetUploadLinkView.as_view(), name='api-v2.1-workspace-dtable-asset-upload-link'),
|
url(r'^api/v2.1/workspace/(?P<workspace_id>\d+)/dtable-asset-upload-link/$', DTableAssetUploadLinkView.as_view(), name='api-v2.1-workspace-dtable-asset-upload-link'),
|
||||||
url(r'^workspace/(?P<workspace_id>\d+)/dtable/(?P<name>.*)/$', dtable_file_view, name='dtable-file-view'),
|
url(r'^workspace/(?P<workspace_id>\d+)/dtable/(?P<name>.*)/$', dtable_file_view, name='dtable-file-view'),
|
||||||
url(r'^workspace/(?P<workspace_id>\d+)/asset/(?P<dtable_id>[-0-9a-f]{36})/(?P<name>.*)/', dtable_asset_access, name='dtable-asset-access'),
|
url(r'^workspace/(?P<workspace_id>\d+)/asset/(?P<dtable_id>[-0-9a-f]{36})/(?P<path>.*)$', dtable_asset_access, name='dtable-asset-access'),
|
||||||
|
|
||||||
# Deprecated
|
# Deprecated
|
||||||
url(r'^api/v2.1/repos/(?P<repo_id>[-0-9a-f]{36})/tags/$', FileTagsView.as_view(), name="api-v2.1-filetags-view"),
|
url(r'^api/v2.1/repos/(?P<repo_id>[-0-9a-f]{36})/tags/$', FileTagsView.as_view(), name="api-v2.1-filetags-view"),
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user