haiwen/seahub
1
0
Fork 0
mirror of https://github.com/haiwen/seahub.git synced 2025-09-02 15:38:15 +00:00
Code Issues Releases Wiki Activity

add new admin share api

Browse Source
This commit is contained in:
lian
2016-08-16 10:19:56 +08:00
parent a3b15e6f62
commit 5c59b81466
13 changed files with 716 additions and 825 deletions
Download Patch File Download Diff File Expand all files Collapse all files

223
seahub/api2/endpoints/admin/library_group_shares.py
View File

@@ -1,223 +0,0 @@
# Copyright (c) 2012-2016 Seafile Ltd.
import logging
from rest_framework import status
from rest_framework.authentication import SessionAuthentication
from rest_framework.permissions import IsAdminUser
from rest_framework.response import Response
from rest_framework.views import APIView
from seaserv import seafile_api, ccnet_api
from seahub.api2.authentication import TokenAuthentication
from seahub.api2.throttling import UserRateThrottle
from seahub.api2.utils import api_error
logger = logging.getLogger(__name__)
def get_library_group_share_info(share_item):
group_id = share_item.group_id
group = ccnet_api.get_group(group_id)
result = {}
result['group_id'] = group_id
result['group_name'] = group.group_name
result['permission'] = share_item.perm
result['repo_id'] = share_item.repo_id
return result
class AdminLibraryGroupShares(APIView):
authentication_classes = (TokenAuthentication, SessionAuthentication)
throttle_classes = (UserRateThrottle,)
permission_classes = (IsAdminUser,)
def get(self, request, repo_id):
""" List all group shares of a repo
Permission checking:
1. admin user.
"""
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# current `request.user.username` is admin user,
# so need to identify the repo owner specifically.
repo_owner = seafile_api.get_repo_owner(repo_id)
try:
share_items = seafile_api.list_repo_shared_group_by_user(repo_owner, repo_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
result = []
for share_item in share_items:
share_item_info = get_library_group_share_info(share_item)
result.append(share_item_info)
return Response(result)
def post(self, request, repo_id):
""" Admin share a library to group.
Permission checking:
1. admin user.
"""
# argument check
permission = request.data.get('permission', None)
if not permission or permission not in ('r', 'rw'):
error_msg = 'permission invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
result = {}
result['failed'] = []
result['success'] = []
group_ids = request.data.getlist('group_id')
# current `request.user.username` is admin user,
# so need to identify the repo owner specifically.
repo_owner = seafile_api.get_repo_owner(repo_id)
for group_id in group_ids:
try:
group_id = int(group_id)
except ValueError as e:
logger.error(e)
result['failed'].append({
'group_id': group_id,
'error_msg': 'group_id %s invalid.' % group_id
})
continue
group = ccnet_api.get_group(group_id)
if not group:
result['failed'].append({
'group_id': group_id,
'error_msg': 'Group %s not found' % group_id
})
continue
try:
seafile_api.set_group_repo(repo_id, group_id, repo_owner, permission)
except Exception as e:
logger.error(e)
result['failed'].append({
"group_id": group_id,
'error_msg': 'Internal Server Error'
})
continue
result['success'].append({
"group_id": group_id,
"group_name": group.group_name,
"permission": permission,
"repo_id": repo_id,
})
return Response(result)
class AdminLibraryGroupShare(APIView):
authentication_classes = (TokenAuthentication, SessionAuthentication)
throttle_classes = (UserRateThrottle,)
permission_classes = (IsAdminUser,)
def put(self, request, repo_id, format=None):
""" Update library group share permission.
Permission checking:
1. admin user.
"""
# argument check
permission = request.data.get('permission', None)
if not permission or permission not in ('r', 'rw'):
error_msg = 'permission invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
group_id = request.data.get('group_id', None)
try:
group_id = int(group_id)
except ValueError:
error_msg = 'group_id %s invalid.' % group_id
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
group = ccnet_api.get_group(group_id)
if not group:
error_msg = 'Group %s not found' % group_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
seafile_api.set_group_repo_permission(group_id, repo_id, permission)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
result = {}
result['group_id'] = group_id
result['group_name'] = group.group_name
result['permission'] = permission
result['repo_id'] = repo_id
return Response(result)
def delete(self, request, repo_id, format=None):
""" Delete library group share permission.
Permission checking:
1. admin user.
"""
# argument check
permission = request.data.get('permission', None)
if not permission or permission not in ('r', 'rw'):
error_msg = 'permission invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
group_id = request.data.get('group_id')
try:
group_id = int(group_id)
except ValueError:
return api_error(status.HTTP_400_BAD_REQUEST, 'group_id %s invalid' % group_id)
# current `request.user.username` is admin user,
# so need to identify the repo owner specifically.
repo_owner = seafile_api.get_repo_owner(repo_id)
try:
seafile_api.unset_group_repo(repo_id, group_id, repo_owner)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
return Response({'success': True})

233
seahub/api2/endpoints/admin/library_user_shares.py
View File

@@ -1,233 +0,0 @@
# Copyright (c) 2012-2016 Seafile Ltd.
import logging
from rest_framework import status
from rest_framework.authentication import SessionAuthentication
from rest_framework.permissions import IsAdminUser
from rest_framework.response import Response
from rest_framework.views import APIView
from seaserv import seafile_api
from seahub.api2.authentication import TokenAuthentication
from seahub.api2.throttling import UserRateThrottle
from seahub.api2.utils import api_error
from seahub.base.accounts import User
from seahub.base.templatetags.seahub_tags import email2nickname
from seahub.utils import (is_valid_username)
logger = logging.getLogger(__name__)
def get_library_user_share_info(share_item):
result = {}
result['user_email'] = share_item.user
result['user_name'] = email2nickname(share_item.user)
result['permission'] = share_item.perm
result['repo_id'] = share_item.repo_id
return result
class AdminLibraryUserShares(APIView):
authentication_classes = (TokenAuthentication, SessionAuthentication)
throttle_classes = (UserRateThrottle,)
permission_classes = (IsAdminUser,)
def get(self, request, repo_id):
""" List all user shares of a repo
Permission checking:
1. admin user.
"""
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# current `request.user.username` is admin user,
# so need to identify the repo owner specifically.
repo_owner = seafile_api.get_repo_owner(repo_id)
try:
share_items = seafile_api.list_repo_shared_to(repo_owner, repo_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
result = []
for share_item in share_items:
share_item_info = get_library_user_share_info(share_item)
result.append(share_item_info)
return Response(result)
def post(self, request, repo_id):
""" Admin share a library to user.
Permission checking:
1. admin user.
"""
# argument check
permission = request.data.get('permission', None)
if not permission or permission not in ('r', 'rw'):
error_msg = 'permission invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
result = {}
result['failed'] = []
result['success'] = []
share_to_users = request.data.getlist('email')
# current `request.user.username` is admin user,
# so need to identify the repo owner specifically.
repo_owner = seafile_api.get_repo_owner(repo_id)
for to_user in share_to_users:
if repo_owner == to_user:
result['failed'].append({
'user_email': to_user,
'error_msg': 'email %s is library owner.' % to_user
})
continue
if not is_valid_username(to_user):
result['failed'].append({
'user_email': to_user,
'error_msg': 'email %s invalid.' % to_user
})
continue
try:
User.objects.get(email=to_user)
except User.DoesNotExist:
result['failed'].append({
'user_email': to_user,
'error_msg': 'User %s not found.' % to_user
})
continue
try:
seafile_api.share_repo(repo_id,
repo_owner, to_user, permission)
except Exception as e:
logger.error(e)
result['failed'].append({
'user_email': to_user,
'error_msg': 'Internal Server Error'
})
continue
new_perm = seafile_api.check_permission_by_path(repo_id, '/', to_user)
result['success'].append({
"repo_id": repo_id,
"user_email": to_user,
"user_name": email2nickname(to_user),
"permission": new_perm,
})
return Response(result)
class AdminLibraryUserShare(APIView):
authentication_classes = (TokenAuthentication, SessionAuthentication)
throttle_classes = (UserRateThrottle,)
permission_classes = (IsAdminUser,)
def put(self, request, repo_id, format=None):
""" Update library user share permission.
Permission checking:
1. admin user.
"""
# argument check
permission = request.data.get('permission', None)
if not permission or permission not in ('r', 'rw'):
error_msg = 'permission invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
to_user = request.data.get('user_email', None)
if not to_user or not is_valid_username(to_user):
error_msg = 'user_email invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
User.objects.get(email=to_user)
except User.DoesNotExist:
error_msg = 'User %s not found.' % to_user
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# current `request.user.username` is admin user,
# so need to identify the repo owner specifically.
repo_owner = seafile_api.get_repo_owner(repo_id)
try:
seafile_api.set_share_permission(
repo_id, repo_owner, to_user, permission)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
new_perm = seafile_api.check_permission_by_path(repo_id, '/', to_user)
result = {}
result['user_email'] = to_user
result['user_name'] = email2nickname(to_user)
result['permission'] = new_perm
result['repo_id'] = repo_id
return Response(result)
def delete(self, request, repo_id, format=None):
""" Delete library user share permission.
Permission checking:
1. admin user.
"""
# argument check
permission = request.data.get('permission', None)
if not permission or permission not in ('r', 'rw'):
error_msg = 'permission invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
to_user = request.data.get('user_email', None)
if not to_user or not is_valid_username(to_user):
error_msg = 'user_email invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# current `request.user.username` is admin user,
# so need to identify the repo owner specifically.
repo_owner = seafile_api.get_repo_owner(repo_id)
try:
seafile_api.remove_share(repo_id, repo_owner, to_user)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
return Response({'success': True})

399
seahub/api2/endpoints/admin/shares.py Normal file
View File

@@ -0,0 +1,399 @@
# Copyright (c) 2012-2016 Seafile Ltd.
import logging
from rest_framework import status
from rest_framework.authentication import SessionAuthentication
from rest_framework.permissions import IsAdminUser
from rest_framework.response import Response
from rest_framework.views import APIView
from django.utils.translation import ugettext as _
from seaserv import seafile_api, ccnet_api
from seahub.api2.authentication import TokenAuthentication
from seahub.api2.throttling import UserRateThrottle
from seahub.api2.utils import api_error
from seahub.base.accounts import User
from seahub.base.templatetags.seahub_tags import email2nickname
from seahub.utils import is_valid_username
logger = logging.getLogger(__name__)
def check_parameter(func):
"""
Decorator for check parameter
"""
def _decorated(view, request, *args, **kwargs):
# argument check
if request.method == 'GET':
repo_id = request.GET.get('repo_id', None)
path = request.GET.get('path', '/')
share_type = request.GET.get('share_type', None)
else:
repo_id = request.data.get('repo_id', None)
path = request.data.get('path', '/')
share_type = request.data.get('share_type', None)
if not repo_id:
error_msg = 'repo_id invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if not share_type or share_type not in ('user', 'group'):
error_msg = 'share_type invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not seafile_api.get_dir_id_by_path(repo_id, path):
error_msg = 'Folder %s not found.' % path
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
return func(view, request, repo_id, path, share_type, *args, **kwargs)
return _decorated
class AdminShares(APIView):
authentication_classes = (TokenAuthentication, SessionAuthentication)
throttle_classes = (UserRateThrottle,)
permission_classes = (IsAdminUser,)
@check_parameter
def get(self, request, repo_id, path, share_type):
""" List user/group shares
Permission checking:
1. admin user.
"""
result = []
# current `request.user.username` is admin user,
# so need to identify the repo owner specifically.
repo_owner = seafile_api.get_repo_owner(repo_id)
if share_type == 'user':
try:
if path == '/':
share_items = seafile_api.list_repo_shared_to(
repo_owner, repo_id)
else:
share_items = seafile_api.get_shared_users_for_subdir(
repo_id, path, repo_owner)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
for share_item in share_items:
user_email = share_item.user
user_name = email2nickname(user_email) if user_email else '--'
share_info = {}
share_info['repo_id'] = repo_id
share_info['path'] = path
share_info['share_type'] = share_type
share_info['user_email'] = user_email
share_info['user_name'] = user_name
share_info['permission'] = share_item.perm
result.append(share_info)
if share_type == 'group':
try:
if path == '/':
share_items = seafile_api.list_repo_shared_group_by_user(
repo_owner, repo_id)
else:
share_items = seafile_api.get_shared_groups_for_subdir(
repo_id, path, repo_owner)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
for share_item in share_items:
group_id = share_item.group_id
group = ccnet_api.get_group(group_id)
group_name = group.group_name if group else '--'
share_info = {}
share_info['repo_id'] = repo_id
share_info['path'] = path
share_info['share_type'] = share_type
share_info['group_id'] = group_id
share_info['group_name'] = group_name
share_info['permission'] = share_item.perm
result.append(share_info)
return Response(result)
@check_parameter
def post(self, request, repo_id, path, share_type):
""" Admin share a library to user/group.
Permission checking:
1. admin user.
"""
# argument check
permission = request.data.get('permission', None)
if not permission or permission not in ('r', 'rw'):
error_msg = 'permission invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
result = {}
result['failed'] = []
result['success'] = []
share_to = request.data.getlist('share_to')
# current `request.user.username` is admin user,
# so need to identify the repo owner specifically.
repo_owner = seafile_api.get_repo_owner(repo_id)
if share_type == 'user':
for email in share_to:
if repo_owner == email:
result['failed'].append({
'user_email': email,
'error_msg': _(u'User %s is already library owner.') % email
})
continue
if not is_valid_username(email):
result['failed'].append({
'user_email': email,
'error_msg': _('Email %s invalid.') % email
})
continue
try:
User.objects.get(email=email)
except User.DoesNotExist:
result['failed'].append({
'user_email': email,
'error_msg': 'User %s not found.' % email
})
continue
try:
if path == '/':
seafile_api.share_repo(
repo_id, repo_owner, email, permission)
else:
seafile_api.share_subdir_email(
repo_id, path, repo_owner, email, permission)
except Exception as e:
logger.error(e)
result['failed'].append({
'user_email': email,
'error_msg': 'Internal Server Error'
})
continue
new_perm = seafile_api.check_permission_by_path(repo_id, path, email)
result['success'].append({
"repo_id": repo_id,
"path": path,
"share_type": share_type,
"user_email": email,
"user_name": email2nickname(email),
"permission": new_perm
})
if share_type == 'group':
for group_id in share_to:
try:
group_id = int(group_id)
except ValueError as e:
logger.error(e)
result['failed'].append({
'group_id': group_id,
'error_msg': 'group_id %s invalid.' % group_id
})
continue
group = ccnet_api.get_group(group_id)
if not group:
result['failed'].append({
'group_id': group_id,
'error_msg': 'Group %s not found' % group_id
})
continue
try:
if path == '/':
seafile_api.set_group_repo(
repo_id, group_id, repo_owner, permission)
else:
seafile_api.share_subdir_to_group(
repo_id, path, repo_owner, group_id, permission)
except Exception as e:
logger.error(e)
result['failed'].append({
"group_id": group_id,
'error_msg': 'Internal Server Error'
})
continue
result['success'].append({
"repo_id": repo_id,
"path": path,
"share_type": share_type,
"group_id": group_id,
"group_name": group.group_name,
"permission": permission
})
return Response(result)
@check_parameter
def put(self, request, repo_id, path, share_type):
""" Update user/group share permission.
Permission checking:
1. admin user.
"""
# argument check
permission = request.data.get('permission', None)
if not permission or permission not in ('r', 'rw'):
error_msg = 'permission invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
share_info = {}
share_info['repo_id'] = repo_id
share_info['path'] = path
share_info['share_type'] = share_type
# current `request.user.username` is admin user,
# so need to identify the repo owner specifically.
repo_owner = seafile_api.get_repo_owner(repo_id)
share_to = request.data.get('share_to', None)
if share_type == 'user':
email = share_to
if not email or not is_valid_username(email):
error_msg = 'email %s invalid.' % email
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
User.objects.get(email=email)
except User.DoesNotExist:
error_msg = 'User %s not found.' % email
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
if path == '/':
seafile_api.set_share_permission(
repo_id, repo_owner, email, permission)
else:
seafile_api.update_share_subdir_perm_for_user(
repo_id, path, repo_owner, email, permission)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
new_perm = seafile_api.check_permission_by_path(repo_id, path, email)
share_info['user_email'] = email
share_info['user_name'] = email2nickname(email)
share_info['permission'] = new_perm
if share_type == 'group':
group_id = share_to
try:
group_id = int(group_id)
except ValueError:
error_msg = 'group_id %s invalid.' % group_id
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
group = ccnet_api.get_group(group_id)
if not group:
error_msg = 'Group %s not found' % group_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
try:
if path == '/':
seafile_api.set_group_repo_permission(group_id,
repo_id, permission)
else:
seafile_api.update_share_subdir_perm_for_group(
repo_id, path, repo_owner, group_id, permission)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
share_info['group_id'] = group_id
share_info['group_name'] = group.group_name
share_info['permission'] = permission
return Response(share_info)
@check_parameter
def delete(self, request, repo_id, path, share_type):
""" Delete user/group share permission.
Permission checking:
1. admin user.
"""
# current `request.user.username` is admin user,
# so need to identify the repo owner specifically.
repo_owner = seafile_api.get_repo_owner(repo_id)
share_to = request.data.get('share_to', None)
if share_type == 'user':
email = share_to
if not email or not is_valid_username(email):
error_msg = 'email %s invalid.' % email
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
if path == '/':
seafile_api.remove_share(repo_id, repo_owner, email)
else:
seafile_api.unshare_subdir_for_user(
repo_id, path, repo_owner, email)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if share_type == 'group':
group_id = share_to
try:
group_id = int(group_id)
except ValueError:
error_msg = 'group_id %s invalid' % group_id
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
if path == '/':
seafile_api.unset_group_repo(repo_id, group_id, repo_owner)
else:
seafile_api.unshare_subdir_for_group(
repo_id, path, repo_owner, group_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
return Response({'success': True})

15
seahub/api2/endpoints/search_group.py
View File

@@ -8,6 +8,7 @@ from rest_framework import status
from django.conf import settings
import seaserv
from seaserv import ccnet_api
from seahub.api2.authentication import TokenAuthentication
@@ -17,6 +18,10 @@ from seahub.api2.utils import api_error
from seahub.utils import is_org_context
from seahub.utils.timeutils import timestamp_to_isoformat_timestr
try:
from seahub.settings import CLOUD_MODE
except ImportError:
CLOUD_MODE = False
def get_group_info(group_id):
group = ccnet_api.get_group(group_id)
@@ -58,13 +63,15 @@ class SearchGroup(APIView):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if not settings.ENABLE_GLOBAL_ADDRESSBOOK:
error_msg = 'Feature disabled.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if CLOUD_MODE:
if is_org_context(request):
org_id = request.user.org.org_id
groups = ccnet_api.get_org_groups(org_id, -1, -1)
elif settings.ENABLE_GLOBAL_ADDRESSBOOK:
groups = ccnet_api.get_all_groups(-1, -1)
else:
username = request.user.username
groups = seaserv.get_personal_groups_by_user(username)
else:
groups = ccnet_api.get_all_groups(-1, -1)

10
seahub/test_utils.py
View File

@@ -142,6 +142,16 @@ class Fixtures(Exam):
group_id = self.group.id
return ccnet_threaded_rpc.remove_group(group_id, self.user.username)
def share_repo_to_admin_with_r_permission(self):
# share user's repo to admin with 'r' permission
seafile_api.share_repo(self.repo.id, self.user.username,
self.admin.username, 'r')
def share_repo_to_admin_with_rw_permission(self):
# share user's repo to admin with 'rw' permission
seafile_api.share_repo(self.repo.id, self.user.username,
self.admin.username, 'rw')
def set_user_folder_r_permission_to_admin(self):
# share user's repo to admin with 'rw' permission

8
seahub/urls.py
View File

@@ -47,8 +47,7 @@ from seahub.api2.endpoints.admin.library_dirents import AdminLibraryDirents, Adm
from seahub.api2.endpoints.admin.system_library import AdminSystemLibrary
from seahub.api2.endpoints.admin.trash_libraries import AdminTrashLibraries, AdminTrashLibrary
from seahub.api2.endpoints.admin.groups import AdminGroups, AdminGroup
from seahub.api2.endpoints.admin.library_user_shares import AdminLibraryUserShares, AdminLibraryUserShare
from seahub.api2.endpoints.admin.library_group_shares import AdminLibraryGroupShares, AdminLibraryGroupShare
from seahub.api2.endpoints.admin.shares import AdminShares
# Uncomment the next two lines to enable the admin:
#from django.contrib import admin
@@ -218,10 +217,7 @@ urlpatterns = patterns(
url(r'^api/v2.1/admin/system-library/$', AdminSystemLibrary.as_view(), name='api-v2.1-admin-system-library'),
url(r'^api/v2.1/admin/trash-libraries/$', AdminTrashLibraries.as_view(), name='api-v2.1-admin-trash-libraries'),
url(r'^api/v2.1/admin/trash-libraries/(?P<repo_id>[-0-9a-f]{36})/$', AdminTrashLibrary.as_view(), name='api-v2.1-admin-trash-library'),
url(r'^api/v2.1/admin/libraries/(?P<repo_id>[-0-9a-f]{36})/user-shares/$', AdminLibraryUserShares.as_view(), name='api-v2.1-admin-library-user-shares'),
url(r'^api/v2.1/admin/libraries/(?P<repo_id>[-0-9a-f]{36})/user-share/$', AdminLibraryUserShare.as_view(), name='api-v2.1-admin-library-user-share'),
url(r'^api/v2.1/admin/libraries/(?P<repo_id>[-0-9a-f]{36})/group-shares/$', AdminLibraryGroupShares.as_view(), name='api-v2.1-admin-library-group-shares'),
url(r'^api/v2.1/admin/libraries/(?P<repo_id>[-0-9a-f]{36})/group-share/$', AdminLibraryGroupShare.as_view(), name='api-v2.1-admin-library-group-share'),
url(r'^api/v2.1/admin/shares/$', AdminShares.as_view(), name='api-v2.1-admin-shares'),
(r'^avatar/', include('seahub.avatar.urls')),
(r'^notification/', include('seahub.notifications.urls')),

5
static/scripts/common.js
View File

@@ -181,10 +181,7 @@ define([
case 'admin-system-library': return siteRoot + 'api/v2.1/admin/system-library/';
case 'admin-trash-libraries': return siteRoot + 'api/v2.1/admin/trash-libraries/';
case 'admin-trash-library': return siteRoot + 'api/v2.1/admin/trash-libraries/' + options.repo_id + '/';
case 'admin_library_user_shares': return siteRoot + 'api/v2.1/admin/libraries/' + options.repo_id + '/user-shares/';
case 'admin_library_user_share': return siteRoot + 'api/v2.1/admin/libraries/' + options.repo_id + '/user-share/';
case 'admin_library_group_shares': return siteRoot + 'api/v2.1/admin/libraries/' + options.repo_id + '/group-shares/';
case 'admin_library_group_share': return siteRoot + 'api/v2.1/admin/libraries/' + options.repo_id + '/group-share/';
case 'admin_shares': return siteRoot + 'api/v2.1/admin/shares/';
}
},

50
static/scripts/sysadmin-app/views/folder-share-item.js
View File

@@ -50,14 +50,23 @@ define([
var _this = this;
var item_data = this.item_data;
var perm = $(e.currentTarget).val();
var url, data;
var url = Common.getUrl({name: 'admin_shares'});
var data;
if (item_data.for_user) {
url = Common.getUrl({name: 'admin_library_user_share', repo_id: this.repo_id});
data = {'permission': perm, 'user_email': item_data.user_email};
data = {
'repo_id': _this.repo_id,
'share_type': 'user',
'permission': perm,
'share_to': item_data.user_email
};
} else {
url = Common.getUrl({name: 'admin_library_group_share', repo_id: this.repo_id});
data = {'permission': perm, 'group_id': item_data.group_id};
data = {
'repo_id': _this.repo_id,
'share_type': 'group',
'permission': perm,
'share_to': item_data.group_id
};
}
$.ajax({
@@ -73,14 +82,16 @@ define([
error: function(xhr) {
var err_msg;
if (xhr.responseText) {
err_msg = gettext("Edit failed");
var parsed_resp = $.parseJSON(xhr.responseText);
err_msg = parsed_resp.error||parsed_resp.error_msg;
err_msg = Common.HTMLescape(err_msg);
} else {
err_msg = gettext("Failed. Please check the network.");
}
if (item_data.for_user) {
$('#dir-user-share .error').html(err_msg).removeClass('hide');
} else {
$('#dir-group-group .error').html(err_msg).removeClass('hide');
$('#dir-group-share .error').html(err_msg).removeClass('hide');
}
}
});
@@ -89,14 +100,23 @@ define([
del: function () {
var _this = this;
var item_data = this.item_data;
var url, data;
var url = Common.getUrl({name: 'admin_shares'});
var data;
if (item_data.for_user) {
url = Common.getUrl({name: 'admin_library_user_share', repo_id: this.repo_id});
data = {'permission': item_data.permission, 'user_email': item_data.user_email};
data = {
'repo_id': _this.repo_id,
'share_type': 'user',
'permission': item_data.permission,
'share_to': item_data.user_email
};
} else {
url = Common.getUrl({name: 'admin_library_group_share', repo_id: this.repo_id});
data = {'permission': item_data.permission, 'group_id': item_data.group_id};
data = {
'repo_id': _this.repo_id,
'share_type': 'group',
'permission': item_data.permission,
'share_to': item_data.group_id
};
}
$.ajax({
@@ -111,14 +131,16 @@ define([
error: function (xhr) {
var err_msg;
if (xhr.responseText) {
err_msg = gettext("Delete failed");
var parsed_resp = $.parseJSON(xhr.responseText);
err_msg = parsed_resp.error||parsed_resp.error_msg;
err_msg = Common.HTMLescape(err_msg);
} else {
err_msg = gettext("Failed. Please check the network.");
}
if (item_data.for_user) {
$('#dir-user-share .error').html(err_msg).removeClass('hide');
} else {
$('#dir-group-group .error').html(err_msg).removeClass('hide');
$('#dir-group-share .error').html(err_msg).removeClass('hide');
}
}
});

30
static/scripts/sysadmin-app/views/share.js
View File

@@ -63,7 +63,11 @@ define([
}, Common.contactInputOptionsForSelect2()));
Common.ajaxGet({
'get_url': Common.getUrl({name: 'admin_library_user_shares', repo_id: repo_id}),
'get_url': Common.getUrl({name: 'admin_shares'}),
'data': {
'repo_id': repo_id,
'share_type': 'user'
},
'after_op_success': function (data) {
$(data).each(function(index, item) {
var new_item = new FolderShareItemView({
@@ -96,7 +100,11 @@ define([
}, Common.groupInputOptionsForSelect2()));
Common.ajaxGet({
'get_url': Common.getUrl({name: 'admin_library_group_shares', repo_id: repo_id}),
'get_url': Common.getUrl({name: 'admin_shares'}),
'data': {
'repo_id': repo_id,
'share_type': 'group'
},
'after_op_success': function (data) {
$(data).each(function(index, item) {
var new_item = new FolderShareItemView({
@@ -136,13 +144,15 @@ define([
Common.disableButton($submitBtn);
$.ajax({
url: Common.getUrl({name: 'admin_library_user_shares', repo_id: repo_id}),
url: Common.getUrl({name: 'admin_shares'}),
dataType: 'json',
method: 'POST',
beforeSend: Common.prepareCSRFToken,
traditional: true,
data: {
'email': emails.split(','),
'repo_id': repo_id,
'share_type': 'user',
'share_to': emails.split(','),
'permission': perm
},
success: function(data) {
@@ -177,8 +187,9 @@ define([
if (xhr.responseText) {
var parsed_resp = $.parseJSON(xhr.responseText);
err_msg = parsed_resp.error||parsed_resp.error_msg;
err_msg = Common.HTMLescape(err_msg);
} else {
err_msg = gettext("Failed. Please check the network.")
err_msg = gettext("Failed. Please check the network.");
}
$error.html(err_msg).removeClass('hide');
},
@@ -209,13 +220,15 @@ define([
Common.disableButton($submitBtn);
$.ajax({
url: Common.getUrl({name: 'admin_library_group_shares',repo_id: repo_id}),
url: Common.getUrl({name: 'admin_shares'}),
dataType: 'json',
method: 'POST',
beforeSend: Common.prepareCSRFToken,
traditional: true,
data: {
'group_id': groups.split(','),
'repo_id': repo_id,
'share_type': 'group',
'share_to': groups.split(','),
'permission': perm
},
success: function(data) {
@@ -250,8 +263,9 @@ define([
if (xhr.responseText) {
var parsed_resp = $.parseJSON(xhr.responseText);
err_msg = parsed_resp.error||parsed_resp.error_msg;
err_msg = Common.HTMLescape(err_msg);
} else {
err_msg = gettext("Failed. Please check the network.")
err_msg = gettext("Failed. Please check the network.");
}
$error.html(err_msg).removeClass('hide');
},

167
tests/api/endpoints/admin/test_library_group_shares.py
View File

@@ -1,167 +0,0 @@
import json
from django.core.urlresolvers import reverse
from seaserv import seafile_api
from seahub.test_utils import BaseTestCase
class AdminLibraryUserShare(BaseTestCase):
def setUp(self):
self.repo_id = self.repo.id
self.group_id = self.group.id
self.user_name = self.user.username
self.admin_name = self.admin.username
self.url = reverse('api-v2.1-admin-library-group-shares', args = [self.repo_id])
def tearDown(self):
self.remove_repo()
self.remove_group(self.group.id)
def test_can_get(self):
self.share_repo_to_group_with_rw_permission()
self.login_as(self.admin)
resp = self.client.get(self.url)
self.assertEqual(200, resp.status_code)
json_resp = json.loads(resp.content)
assert json_resp[0]['repo_id'] == self.repo_id
assert json_resp[0]['group_id'] == self.group_id
def test_get_with_invalid_user_permission(self):
self.share_repo_to_group_with_rw_permission()
self.login_as(self.user)
resp = self.client.get(self.url)
self.assertEqual(403, resp.status_code)
def test_admin_share_repo_to_group(self):
self.login_as(self.admin)
permission = 'r'
data = {
'permission': permission,
'group_id': [self.group_id]
}
resp = self.client.post(self.url, data)
self.assertEqual(200, resp.status_code)
json_resp = json.loads(resp.content)
assert json_resp['success'][0]['group_id'] == self.group_id
assert json_resp['success'][0]['permission'] == permission
def test_share_repo_with_invalid_user_permission(self):
self.login_as(self.user)
permission = 'r'
data = {
'permission': permission,
'group_id': [self.group_id]
}
resp = self.client.post(self.url, data)
self.assertEqual(403, resp.status_code)
def test_admin_modify_repo_group_share_permission(self):
self.share_repo_to_group_with_rw_permission()
shared_groups = seafile_api.list_repo_shared_group(
self.user_name, self.repo_id)
for e in shared_groups:
if e.group_id == self.group_id:
permission = e.perm
break
assert permission == 'rw'
self.login_as(self.admin)
modified_perm = 'r'
url = reverse('api-v2.1-admin-library-group-share', args = [self.repo_id])
data = 'permission=%s&group_id=%s' % (modified_perm, self.group_id)
resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
self.assertEqual(200, resp.status_code)
shared_groups = seafile_api.list_repo_shared_group(
self.user_name, self.repo_id)
for e in shared_groups:
if e.group_id == self.group_id:
permission = e.perm
break
assert permission == modified_perm
def test_modify_with_invalid_user_permission(self):
self.share_repo_to_group_with_rw_permission()
shared_groups = seafile_api.list_repo_shared_group(
self.user_name, self.repo_id)
for e in shared_groups:
if e.group_id == self.group_id:
permission = e.perm
break
assert permission == 'rw'
self.login_as(self.user)
modified_perm = 'r'
url = reverse('api-v2.1-admin-library-group-share', args = [self.repo_id])
data = 'permission=%s&group_id=%s' % (modified_perm, self.group_id)
resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
self.assertEqual(403, resp.status_code)
def test_admin_delete_repo_user_share_permission(self):
self.share_repo_to_group_with_rw_permission()
shared_groups = seafile_api.list_repo_shared_group(
self.user_name, self.repo_id)
for e in shared_groups:
if e.group_id == self.group_id:
permission = e.perm
break
assert permission == 'rw'
self.login_as(self.admin)
url = reverse('api-v2.1-admin-library-group-share', args = [self.repo_id])
data = 'permission=%s&group_id=%s' % (permission, self.group_id)
resp = self.client.delete(url, data, 'application/x-www-form-urlencoded')
self.assertEqual(200, resp.status_code)
def test_delete_with_invalid_user_permission(self):
self.share_repo_to_group_with_rw_permission()
shared_groups = seafile_api.list_repo_shared_group(
self.user_name, self.repo_id)
for e in shared_groups:
if e.group_id == self.group_id:
permission = e.perm
break
assert permission == 'rw'
self.login_as(self.user)
url = reverse('api-v2.1-admin-library-group-share', args = [self.repo_id])
data = 'permission=%s&group_id=%s' % (permission, self.group_id)
resp = self.client.delete(url, data, 'application/x-www-form-urlencoded')
self.assertEqual(403, resp.status_code)

162
tests/api/endpoints/admin/test_library_user_shares.py
View File

@@ -1,162 +0,0 @@
import json
from django.core.urlresolvers import reverse
from seaserv import seafile_api
from seahub.test_utils import BaseTestCase
class AdminLibraryUserShare(BaseTestCase):
def share_repo_to_user(self):
# user share repo to admin
seafile_api.share_repo(
self.repo.id, self.user.username,
self.admin.username, 'rw')
def setUp(self):
self.repo_id = self.repo.id
self.user_name = self.user.username
self.admin_name = self.admin.username
self.url = reverse('api-v2.1-admin-library-user-shares', args = [self.repo_id])
self.tmp_user = self.create_user('tmp@email.com')
self.tmp_user_email = self.tmp_user.username
def tearDown(self):
self.remove_repo()
self.remove_user(self.tmp_user_email)
def test_can_get(self):
self.share_repo_to_user()
self.login_as(self.admin)
resp = self.client.get(self.url)
self.assertEqual(200, resp.status_code)
json_resp = json.loads(resp.content)
assert json_resp[0]['repo_id'] == self.repo_id
def test_get_with_invalid_user_permission(self):
self.share_repo_to_user()
self.login_as(self.user)
resp = self.client.get(self.url)
self.assertEqual(403, resp.status_code)
def test_admin_share_repo_to_user(self):
self.login_as(self.admin)
invalid_email = 'invalid@email.com'
data = {
'permission': 'r',
'email': [invalid_email, self.tmp_user_email]
}
resp = self.client.post(self.url, data)
self.assertEqual(200, resp.status_code)
json_resp = json.loads(resp.content)
assert json_resp['failed'][0]['user_email'] == invalid_email
assert json_resp['success'][0]['user_email'] == self.tmp_user_email
def test_share_repo_with_invalid_user_permission(self):
self.login_as(self.user)
invalid_email = 'invalid@email.com'
tmp_user = self.create_user('tmp@email.com')
tmp_user_email = tmp_user.username
data = {
'permission': 'r',
'email': [invalid_email, tmp_user_email]
}
resp = self.client.post(self.url, data)
self.assertEqual(403, resp.status_code)
def test_admin_modify_repo_user_share_permission(self):
# user share repo to tmp user
init_permission = 'rw'
seafile_api.share_repo(
self.repo_id, self.user_name,
self.tmp_user_email, init_permission)
assert seafile_api.check_permission_by_path(self.repo_id, \
'/', self.tmp_user_email) == init_permission
self.login_as(self.admin)
modified_perm = 'r'
url = reverse('api-v2.1-admin-library-user-share', args = [self.repo_id])
data = 'permission=%s&user_email=%s' % (modified_perm, self.tmp_user_email)
resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
self.assertEqual(200, resp.status_code)
assert seafile_api.check_permission_by_path(self.repo_id, \
'/', self.tmp_user_email) == modified_perm
def test_modify_with_invalid_user_permission(self):
# user share repo to tmp user
init_permission = 'rw'
seafile_api.share_repo(
self.repo_id, self.user_name,
self.tmp_user_email, init_permission)
assert seafile_api.check_permission_by_path(self.repo_id, \
'/', self.tmp_user_email) == init_permission
self.login_as(self.user)
modified_perm = 'r'
url = reverse('api-v2.1-admin-library-user-share', args = [self.repo_id])
data = 'permission=%s&user_email=%s' % (modified_perm, self.tmp_user_email)
resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
self.assertEqual(403, resp.status_code)
def test_admin_delete_repo_user_share_permission(self):
# user share repo to tmp user
init_permission = 'rw'
seafile_api.share_repo(
self.repo_id, self.user_name,
self.tmp_user_email, init_permission)
assert seafile_api.check_permission_by_path(self.repo_id, \
'/', self.tmp_user_email) == init_permission
self.login_as(self.admin)
url = reverse('api-v2.1-admin-library-user-share', args = [self.repo_id])
data = 'permission=%s&user_email=%s' % (init_permission, self.tmp_user_email)
resp = self.client.delete(url, data, 'application/x-www-form-urlencoded')
self.assertEqual(200, resp.status_code)
assert seafile_api.check_permission_by_path(self.repo_id, \
'/', self.tmp_user_email) is None
def test_delete_with_invalid_user_permission(self):
# user share repo to tmp user
init_permission = 'rw'
seafile_api.share_repo(
self.repo_id, self.user_name,
self.tmp_user_email, init_permission)
assert seafile_api.check_permission_by_path(self.repo_id, \
'/', self.tmp_user_email) == init_permission
self.login_as(self.user)
url = reverse('api-v2.1-admin-library-user-share', args = [self.repo_id])
data = 'permission=%s&user_email=%s' % (init_permission, self.tmp_user_email)
resp = self.client.delete(url, data, 'application/x-www-form-urlencoded')
self.assertEqual(403, resp.status_code)

229
tests/api/endpoints/admin/test_shares.py Normal file
View File

@@ -0,0 +1,229 @@
import json
from django.core.urlresolvers import reverse
from seaserv import seafile_api
from seahub.test_utils import BaseTestCase
class Shares(BaseTestCase):
def setUp(self):
self.repo_id = self.repo.id
self.group_id = self.group.id
self.user_name = self.user.username
self.admin_name = self.admin.username
self.para = '?repo_id=%s&path=/' % self.repo_id
self.url = reverse('api-v2.1-admin-shares')
self.tmp_user = self.create_user('tmp@email.com')
self.tmp_user_email = self.tmp_user.username
def tearDown(self):
self.remove_repo()
self.remove_user(self.tmp_user_email)
def test_can_get_user_shared(self):
self.share_repo_to_admin_with_rw_permission()
self.login_as(self.admin)
resp = self.client.get(self.url + self.para + '&share_type=user')
json_resp = json.loads(resp.content)
self.assertEqual(200, resp.status_code)
assert json_resp[0]['repo_id'] == self.repo_id
assert json_resp[0]['path'] == '/'
assert json_resp[0]['share_type'] == 'user'
assert json_resp[0]['user_email'] == self.admin_name
assert json_resp[0]['permission'] == 'rw'
def test_can_get_group_shared(self):
self.share_repo_to_group_with_rw_permission()
self.login_as(self.admin)
resp = self.client.get(self.url + self.para + '&share_type=group')
json_resp = json.loads(resp.content)
self.assertEqual(200, resp.status_code)
assert json_resp[0]['repo_id'] == self.repo_id
assert json_resp[0]['path'] == '/'
assert json_resp[0]['share_type'] == 'group'
assert json_resp[0]['group_id'] == self.group_id
assert json_resp[0]['permission'] == 'rw'
def test_get_with_invalid_permission(self):
self.login_as(self.user)
resp = self.client.get(self.url + self.para + '&share_type=group')
self.assertEqual(403, resp.status_code)
def test_share_repo_to_user(self):
self.login_as(self.admin)
invalid_email = 'invalid@email.com'
permission = 'r'
data = {
'repo_id': self.repo_id,
'share_type': 'user',
'permission': permission,
'share_to': [invalid_email, self.tmp_user_email]
}
resp = self.client.post(self.url, data)
self.assertEqual(200, resp.status_code)
json_resp = json.loads(resp.content)
assert json_resp['failed'][0]['user_email'] == invalid_email
assert json_resp['success'][0]['user_email'] == self.tmp_user_email
assert json_resp['success'][0]['permission'] == permission
def test_share_repo_to_group(self):
self.login_as(self.admin)
invalid_group_id = 'invalid_group_id'
permission = 'r'
data = {
'repo_id': self.repo_id,
'share_type': 'group',
'permission': permission,
'share_to': [invalid_group_id, self.group_id]
}
resp = self.client.post(self.url, data)
self.assertEqual(200, resp.status_code)
json_resp = json.loads(resp.content)
assert json_resp['failed'][0]['group_id'] == invalid_group_id
assert json_resp['success'][0]['group_id'] == self.group_id
assert json_resp['success'][0]['permission'] == permission
def test_share_repo_with_invalid_user_permission(self):
self.login_as(self.user)
invalid_group_id = 'invalid_group_id'
permission = 'r'
data = {
'repo_id': self.repo_id,
'share_type': 'group',
'permission': permission,
'share_to': [invalid_group_id, self.group_id]
}
resp = self.client.post(self.url, data)
self.assertEqual(403, resp.status_code)
def test_modify_repo_user_share_permission(self):
# user share repo to tmp user
init_permission = 'rw'
seafile_api.share_repo(self.repo_id,
self.user_name, self.tmp_user_email, init_permission)
assert seafile_api.check_permission_by_path(self.repo_id, \
'/', self.tmp_user_email) == init_permission
self.login_as(self.admin)
modified_perm = 'r'
data = 'repo_id=%s&share_type=%s&permission=%s&share_to=%s' % \
(self.repo_id, 'user', modified_perm, self.tmp_user_email)
resp = self.client.put(self.url, data, 'application/x-www-form-urlencoded')
self.assertEqual(200, resp.status_code)
assert seafile_api.check_permission_by_path(self.repo_id, \
'/', self.tmp_user_email) == modified_perm
def test_modify_repo_group_share_permission(self):
# user share repo to tmp user
self.share_repo_to_group_with_rw_permission()
shared_groups = seafile_api.list_repo_shared_group(
self.user_name, self.repo_id)
for e in shared_groups:
if e.group_id == self.group_id:
permission = e.perm
break
assert permission == 'rw'
self.login_as(self.admin)
modified_perm = 'r'
data = 'repo_id=%s&share_type=%s&permission=%s&share_to=%s' % \
(self.repo_id, 'group', modified_perm, self.group_id)
resp = self.client.put(self.url, data, 'application/x-www-form-urlencoded')
self.assertEqual(200, resp.status_code)
shared_groups = seafile_api.list_repo_shared_group(
self.user_name, self.repo_id)
for e in shared_groups:
if e.group_id == self.group_id:
permission = e.perm
break
assert permission == modified_perm
def test_modify_with_invalid_user_permission(self):
self.login_as(self.user)
resp = self.client.put(self.url, {}, 'application/x-www-form-urlencoded')
self.assertEqual(403, resp.status_code)
def test_delete_repo_user_share_permission(self):
# user share repo to tmp user
init_permission = 'rw'
seafile_api.share_repo(self.repo_id,
self.user_name, self.tmp_user_email, init_permission)
assert seafile_api.check_permission_by_path(self.repo_id, \
'/', self.tmp_user_email) == init_permission
self.login_as(self.admin)
data = 'repo_id=%s&share_type=%s&share_to=%s' % \
(self.repo_id, 'user', self.tmp_user_email)
resp = self.client.delete(self.url, data, 'application/x-www-form-urlencoded')
self.assertEqual(200, resp.status_code)
assert seafile_api.check_permission_by_path(self.repo_id, \
'/', self.tmp_user_email) is None
def test_delete_repo_group_share_permission(self):
self.share_repo_to_group_with_rw_permission()
shared_groups = seafile_api.list_repo_shared_group(
self.user_name, self.repo_id)
for e in shared_groups:
if e.group_id == self.group_id:
permission = e.perm
break
assert permission == 'rw'
self.login_as(self.admin)
data = 'repo_id=%s&share_type=%s&share_to=%s' % \
(self.repo_id, 'user', self.tmp_user_email)
resp = self.client.delete(self.url, data, 'application/x-www-form-urlencoded')
self.assertEqual(200, resp.status_code)
def test_delete_with_invalid_user_permission(self):
self.login_as(self.user)
resp = self.client.delete(self.url, {}, 'application/x-www-form-urlencoded')
self.assertEqual(403, resp.status_code)

4
tests/api/endpoints/test_search_group.py
View File

@@ -46,4 +46,6 @@ class SearchGroupTest(BaseTestCase):
self.login_as(self.user)
resp = self.client.get(self.endpoint + '?q=' + self.group_name)
self.assertEqual(403, resp.status_code)
json_resp = json.loads(resp.content)
self.assertEqual(200, resp.status_code)
assert len(json_resp) > 0