From 4ff4def9a661cb3fda8d1c8059bba45367a81e0e Mon Sep 17 00:00:00 2001 From: zhengxie Date: Fri, 25 Sep 2015 16:03:51 +0800 Subject: [PATCH] [sysadmin] Change a few ops to POST --- seahub/group/views.py | 3 +- seahub/templates/sysadmin/repoadmin_js.html | 7 +++- .../templates/sysadmin/repoadmin_table.html | 2 +- .../sysadmin/sys_admin_group_info.html | 9 +++-- .../templates/sysadmin/sys_group_admin.html | 3 +- .../sysadmin/sys_org_info_library.html | 4 +- seahub/templates/sysadmin/userinfo.html | 9 ++++- seahub/urls.py | 1 + seahub/views/ajax.py | 16 +++----- seahub/views/sysadmin.py | 37 +++++++++++++++++++ 10 files changed, 69 insertions(+), 22 deletions(-) diff --git a/seahub/group/views.py b/seahub/group/views.py index 038621114d..d92e453eb0 100644 --- a/seahub/group/views.py +++ b/seahub/group/views.py @@ -32,7 +32,7 @@ from forms import MessageForm, MessageReplyForm, GroupRecommendForm, \ GroupAddForm, GroupJoinMsgForm, WikiCreateForm from signals import grpmsg_added, grpmsg_reply_added, group_join_request from seahub.auth import REDIRECT_FIELD_NAME -from seahub.base.decorators import sys_staff_required +from seahub.base.decorators import sys_staff_required, require_POST from seahub.base.models import FileDiscuss from seahub.contacts.models import Contact from seahub.contacts.signals import mail_sended @@ -228,6 +228,7 @@ def group_list(request): @login_required @sys_staff_required +@require_POST def group_remove(request, group_id): """ Remove group from groupadmin page. Only system admin can perform this diff --git a/seahub/templates/sysadmin/repoadmin_js.html b/seahub/templates/sysadmin/repoadmin_js.html index 9d2dcf7b96..b5e545b48a 100644 --- a/seahub/templates/sysadmin/repoadmin_js.html +++ b/seahub/templates/sysadmin/repoadmin_js.html @@ -38,4 +38,9 @@ $('#repo-transfer-form').submit(function() { }); $('#main-panel').removeClass('ovhd'); -{% include 'snippets/repo_del_js.html' %} + +addConfirmTo($('.repo-delete-btn'), { + 'title': "{% trans "Delete Library" %}", + 'con': "{% trans "Are you sure you want to delete %s ?" %}", + 'post': true, +}); diff --git a/seahub/templates/sysadmin/repoadmin_table.html b/seahub/templates/sysadmin/repoadmin_table.html index 5be6e76adb..f413703c4c 100644 --- a/seahub/templates/sysadmin/repoadmin_table.html +++ b/seahub/templates/sysadmin/repoadmin_table.html @@ -25,7 +25,7 @@
- {% trans "Delete" %} + {% trans "Delete" %} {% trans "Transfer" %}
diff --git a/seahub/templates/sysadmin/sys_admin_group_info.html b/seahub/templates/sysadmin/sys_admin_group_info.html index 599b6b3eea..21b4d88b48 100644 --- a/seahub/templates/sysadmin/sys_admin_group_info.html +++ b/seahub/templates/sysadmin/sys_admin_group_info.html @@ -56,7 +56,7 @@ {{ repo.size|filesizeformat }} {{ repo.user }} -
+
{% endfor %} @@ -83,12 +83,15 @@ -{% include 'snippets/repo_del_popup.html' %} {% endblock %} {% block extra_script %} {% endblock %} diff --git a/seahub/templates/sysadmin/sys_group_admin.html b/seahub/templates/sysadmin/sys_group_admin.html index 7a339e4900..973d1b34df 100644 --- a/seahub/templates/sysadmin/sys_group_admin.html +++ b/seahub/templates/sysadmin/sys_group_admin.html @@ -42,7 +42,8 @@ {% endblock %} diff --git a/seahub/templates/sysadmin/sys_org_info_library.html b/seahub/templates/sysadmin/sys_org_info_library.html index d03f6d305e..2c4062901b 100644 --- a/seahub/templates/sysadmin/sys_org_info_library.html +++ b/seahub/templates/sysadmin/sys_org_info_library.html @@ -39,7 +39,7 @@
- {% trans "Delete" %} + {% trans "Delete" %}
@@ -51,7 +51,6 @@ {% endif %} -{% include 'snippets/repo_del_popup.html' %} {% include 'sysadmin/repo_transfer_form.html' %} {% endblock %} @@ -59,7 +58,6 @@ {% block extra_script %} {% endblock %} diff --git a/seahub/templates/sysadmin/userinfo.html b/seahub/templates/sysadmin/userinfo.html index 404dbbf565..d56565f326 100644 --- a/seahub/templates/sysadmin/userinfo.html +++ b/seahub/templates/sysadmin/userinfo.html @@ -93,7 +93,7 @@ {{ repo.size|filesizeformat }} {{ repo.last_modify|translate_seahub_time }} -
+
{% endfor %} @@ -239,6 +239,11 @@ $('#set-quota-form .submit').click(function() { return false; }); -{% include 'snippets/repo_del_js.html' %} +addConfirmTo($('.repo-delete-btn'), { + 'title': "{% trans "Delete Library" %}", + 'con': "{% trans "Are you sure you want to delete %s ?" %}", + 'post': true, +}); + {% endblock %} diff --git a/seahub/urls.py b/seahub/urls.py index c1dafa1c2b..2cdd0385bb 100644 --- a/seahub/urls.py +++ b/seahub/urls.py @@ -213,6 +213,7 @@ urlpatterns = patterns( url(r'^sys/seafadmin/repo-trash/(?P[-0-9a-f]{36})/restore/$', sys_repo_trash_restore, name="sys_repo_trash_restore"), url(r'^sys/seafadmin/search/$', sys_repo_search, name='sys_repo_search'), url(r'^sys/seafadmin/transfer/$', sys_repo_transfer, name='sys_repo_transfer'), + url(r'^sys/seafadmin/delete/(?P[-0-9a-f]{36})/$', sys_repo_delete, name='sys_repo_delete'), url(r'^sys/useradmin/$', sys_user_admin, name='sys_useradmin'), url(r'^sys/useradmin/ldap/$', sys_user_admin_ldap, name='sys_useradmin_ldap'), url(r'^sys/useradmin/ldap/imported$', sys_user_admin_ldap_imported, name='sys_useradmin_ldap_imported'), diff --git a/seahub/views/ajax.py b/seahub/views/ajax.py index b23ad6429c..79d1e6b276 100644 --- a/seahub/views/ajax.py +++ b/seahub/views/ajax.py @@ -1524,19 +1524,15 @@ def repo_remove(request, repo_id): ct = 'application/json; charset=utf-8' result = {} - if get_system_default_repo_id() == repo_id: - result['error'] = _(u'System library can not be deleted.') - return HttpResponse(json.dumps(result), status=403, content_type=ct) - repo = get_repo(repo_id) username = request.user.username if is_org_context(request): - # Remove repo in org context, only (sys admin/repo owner/org staff) can - # perform this operation. + # Remove repo in org context, only (repo owner/org staff) can perform + # this operation. org_id = request.user.org.org_id is_org_staff = request.user.org.is_staff org_repo_owner = seafile_api.get_org_repo_owner(repo_id) - if request.user.is_staff or is_org_staff or org_repo_owner == username: + if is_org_staff or org_repo_owner == username: # Must get related useres before remove the repo usernames = get_related_users_by_org_repo(org_id, repo_id) seafile_api.remove_repo(repo_id) @@ -1553,9 +1549,9 @@ def repo_remove(request, repo_id): result['error'] = _(u'Permission denied.') return HttpResponse(json.dumps(result), status=403, content_type=ct) else: - # Remove repo in personal context, only (repo owner/sys admin) can - # perform this operation. - if validate_owner(request, repo_id) or request.user.is_staff: + # Remove repo in personal context, only (repo owner) can perform this + # operation. + if validate_owner(request, repo_id): usernames = get_related_users_by_repo(repo_id) seafile_api.remove_repo(repo_id) if repo: # send delete signal only repo is valid diff --git a/seahub/views/sysadmin.py b/seahub/views/sysadmin.py index 20156403c6..15417efed3 100644 --- a/seahub/views/sysadmin.py +++ b/seahub/views/sysadmin.py @@ -31,8 +31,11 @@ from seahub.utils import IS_EMAIL_CONFIGURED, string2list, is_valid_username, \ is_pro_version from seahub.utils.licenseparse import parse_license from seahub.views import get_system_default_repo_id +from seahub.views.ajax import (get_related_users_by_org_repo, + get_related_users_by_repo) from seahub.forms import SetUserQuotaForm, AddUserForm, BatchAddUserForm from seahub.profile.models import Profile, DetailedProfile +from seahub.signals import repo_deleted from seahub.share.models import FileShare, UploadLinkShare import seahub.settings as settings from seahub.settings import INIT_PASSWD, SITE_NAME, \ @@ -1592,9 +1595,43 @@ def sys_repo_transfer(request): pass seafile_api.set_repo_owner(repo_id, new_owner) + messages.success(request, _(u'Successfully transfered.')) return HttpResponseRedirect(next) +@login_required +@sys_staff_required +@require_POST +def sys_repo_delete(request, repo_id): + """Delete a repo. + """ + next = request.META.get('HTTP_REFERER', None) + if not next: + next = reverse(sys_repo_admin) + + if get_system_default_repo_id() == repo_id: + messages.error(request, _('System library can not be deleted.')) + return HttpResponseRedirect(next) + + repo = seafile_api.get_repo(repo_id) + repo_name = repo.name + + org_id = seafserv_threaded_rpc.get_org_id_by_repo_id(repo_id) + if org_id > 0: + usernames = get_related_users_by_org_repo(org_id, repo_id) + repo_owner = seafile_api.get_org_repo_owner(repo_id) + else: + usernames = get_related_users_by_repo(repo_id) + repo_owner = seafile_api.get_repo_owner(repo_id) + + seafile_api.remove_repo(repo_id) + repo_deleted.send(sender=None, org_id=org_id, usernames=usernames, + repo_owner=repo_owner, repo_id=repo_id, + repo_name=repo_name) + + messages.success(request, _(u'Successfully deleted.')) + return HttpResponseRedirect(next) + @login_required @sys_staff_required def sys_traffic_admin(request):