haiwen/seahub
1
0
Fork 0
mirror of https://github.com/haiwen/seahub.git synced 2025-09-25 14:50:29 +00:00
Code Issues Releases Wiki Activity

update

Browse Source
This commit is contained in:
r350178982
2024-11-21 16:53:41 +08:00
parent 4e5c0938fa
commit 6199763e6f
2 changed files with 33 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
seahub/api2/endpoints/internal_api.py
View File

@@ -13,6 +13,7 @@ from seahub.repo_api_tokens.models import RepoAPITokens
from seahub.share.models import UploadLinkShare, FileShare, check_share_link_access, check_share_link_access_by_scope from seahub.share.models import UploadLinkShare, FileShare, check_share_link_access, check_share_link_access_by_scope
from seaserv import seafile_api from seaserv import seafile_api
from seahub.utils.repo import parse_repo_perm from seahub.utils.repo import parse_repo_perm
from seahub.views.file import send_file_access_msg
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
@@ -66,6 +67,8 @@ class InternalCheckShareLinkAccess(APIView):
return api_error(status.HTTP_403_FORBIDDEN, error_msg) return api_error(status.HTTP_403_FORBIDDEN, error_msg)
link_token = request.GET.get('token') link_token = request.GET.get('token')
ip_addr = request.data.get('ip_addr')
user_agent = request.data.get('user_agent')
share_obj = UploadLinkShare.objects.filter(token=link_token).first() share_obj = UploadLinkShare.objects.filter(token=link_token).first()
if share_obj: if share_obj:
@@ -98,6 +101,10 @@ class InternalCheckShareLinkAccess(APIView):
return api_error(status.HTTP_403_FORBIDDEN, error_msg) return api_error(status.HTTP_403_FORBIDDEN, error_msg)
repo_id = share_obj.repo_id repo_id = share_obj.repo_id
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Repo not found.'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
file_path, parent_dir = '', '' file_path, parent_dir = '', ''
share_path = share_obj.path share_path = share_obj.path
share_type = share_obj.s_type share_type = share_obj.s_type
@@ -112,6 +119,7 @@ class InternalCheckShareLinkAccess(APIView):
'parent_dir': parent_dir, 'parent_dir': parent_dir,
'share_type': share_type 'share_type': share_type
} }
send_file_access_msg(request, repo, file_path, 'share-link', custom_ip=ip_addr, custom_agent=user_agent)
return Response(resp_json) return Response(resp_json)
@@ -151,7 +159,10 @@ class InternalCheckFileOperationAccess(APIView):
if not file_id: if not file_id:
error_msg = 'File not found' error_msg = 'File not found'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg) return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
token = request.data.get('token') # account token or repo token token = request.data.get('token') # account token or repo token
ip_addr = request.data.get('ip_addr')
user_agent = request.data.get('user_agent')
op = request.data.get('op') op = request.data.get('op')
if op not in AVAILABLE_OPS: if op not in AVAILABLE_OPS:
error_msg = 'operation is invalid.' error_msg = 'operation is invalid.'
@@ -173,6 +184,7 @@ class InternalCheckFileOperationAccess(APIView):
error_msg = 'Permission denied.' error_msg = 'Permission denied.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg) return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
send_file_access_msg(request, repo, file_path, 'web', custom_ip=ip_addr, custom_agent=user_agent)
return Response({'user': username}) return Response({'user': username})
# if there is no username, take token as repo api token # if there is no username, take token as repo api token

32
seahub/views/file.py
View File

@@ -135,6 +135,12 @@ from seahub.thirdparty_editor.settings import THIRDPARTY_EDITOR_ACCESS_TOKEN_EXP
# Get an instance of a logger # Get an instance of a logger
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
FILE_TYPE_FOR_NEW_FILE_LINK = [
PDF,
VIDEO,
MARKDOWN
]
def gen_path_link(path, repo_name): def gen_path_link(path, repo_name):
""" """
Generate navigate paths and links in repo page. Generate navigate paths and links in repo page.
@@ -643,7 +649,7 @@ def view_lib_file(request, repo_id, path):
# template = 'view_file_%s.html' % filetype.lower() # template = 'view_file_%s.html' % filetype.lower()
template = '%s_file_view_react.html' % filetype.lower() template = '%s_file_view_react.html' % filetype.lower()
if filetype in [VIDEO, PDF, MARKDOWN]: if filetype in FILE_TYPE_FOR_NEW_FILE_LINK:
raw_path = gen_file_get_url_new(repo_id, path) raw_path = gen_file_get_url_new(repo_id, path)
if filetype in (IMAGE, VIDEO, AUDIO, PDF, SVG, XMIND, 'Unknown'): if filetype in (IMAGE, VIDEO, AUDIO, PDF, SVG, XMIND, 'Unknown'):
@@ -760,11 +766,12 @@ def view_lib_file(request, repo_id, path):
elif filetype in (VIDEO, AUDIO, PDF, SVG): elif filetype in (VIDEO, AUDIO, PDF, SVG):
return_dict['raw_path'] = raw_path return_dict['raw_path'] = raw_path
send_file_access_msg(request, repo, path, 'web')
if filetype == VIDEO: if filetype == VIDEO:
return_dict['enable_video_thumbnail'] = settings.ENABLE_VIDEO_THUMBNAIL return_dict['enable_video_thumbnail'] = settings.ENABLE_VIDEO_THUMBNAIL
if filetype == PDF: if filetype == PDF:
return_dict['enable_pdf_thumbnail'] = settings.ENABLE_PDF_THUMBNAIL return_dict['enable_pdf_thumbnail'] = settings.ENABLE_PDF_THUMBNAIL
if filetype not in FILE_TYPE_FOR_NEW_FILE_LINK:
send_file_access_msg(request, repo, path, 'web')
return render(request, template, return_dict) return render(request, template, return_dict)
elif filetype == XMIND: elif filetype == XMIND:
@@ -1196,6 +1203,8 @@ def view_shared_file(request, fileshare):
can_copy_content = fileshare.get_permissions()['can_copy_content'] can_copy_content = fileshare.get_permissions()['can_copy_content']
can_download = fileshare.get_permissions()['can_download'] can_download = fileshare.get_permissions()['can_download']
can_edit = fileshare.get_permissions()['can_edit'] and (not is_locked or locked_by_online_office) can_edit = fileshare.get_permissions()['can_edit'] and (not is_locked or locked_by_online_office)
filename = os.path.basename(path)
filetype, fileext = get_file_type_and_ext(filename)
# download shared file # download shared file
if request.GET.get('dl', '') == '1': if request.GET.get('dl', '') == '1':
@@ -1203,7 +1212,8 @@ def view_shared_file(request, fileshare):
raise Http404 raise Http404
# send file audit message # send file audit message
send_file_access_msg(request, repo, path, 'share-link') if filetype not in FILE_TYPE_FOR_NEW_FILE_LINK:
send_file_access_msg(request, repo, path, 'share-link')
return _download_file_from_share_link(request, fileshare) return _download_file_from_share_link(request, fileshare)
@@ -1214,7 +1224,7 @@ def view_shared_file(request, fileshare):
if not access_token: if not access_token:
return render_error(request, _('Unable to view file')) return render_error(request, _('Unable to view file'))
filename = os.path.basename(path)
raw_path = gen_file_get_url(access_token, filename) raw_path = gen_file_get_url(access_token, filename)
if request.GET.get('raw', '') == '1': if request.GET.get('raw', '') == '1':
@@ -1229,11 +1239,11 @@ def view_shared_file(request, fileshare):
return HttpResponseRedirect(raw_path) return HttpResponseRedirect(raw_path)
# preview file # preview file
filetype, fileext = get_file_type_and_ext(filename)
ret_dict = {'err': '', 'file_content': '', 'encoding': '', 'file_enc': '', ret_dict = {'err': '', 'file_content': '', 'encoding': '', 'file_enc': '',
'file_encoding_list': [], 'filetype': filetype} 'file_encoding_list': [], 'filetype': filetype}
if filetype in [VIDEO, PDF, MARKDOWN]: if filetype in FILE_TYPE_FOR_NEW_FILE_LINK:
raw_path = gen_file_get_url_by_sharelink(fileshare.token) raw_path = gen_file_get_url_by_sharelink(fileshare.token)
if filetype == SEADOC: if filetype == SEADOC:
@@ -1310,7 +1320,8 @@ def view_shared_file(request, fileshare):
if can_preview: if can_preview:
# send file audit message # send file audit message
send_file_access_msg(request, repo, path, 'share-link') if filetype not in FILE_TYPE_FOR_NEW_FILE_LINK:
send_file_access_msg(request, repo, path, 'share-link')
"""Choose different approach when dealing with different type of file.""" """Choose different approach when dealing with different type of file."""
inner_path = gen_inner_file_get_url(access_token, filename) inner_path = gen_inner_file_get_url(access_token, filename)
@@ -1675,7 +1686,7 @@ def view_raw_file(request, repo_id, file_path):
send_file_access_msg(request, repo, file_path, 'web') send_file_access_msg(request, repo, file_path, 'web')
return HttpResponseRedirect(raw_path) return HttpResponseRedirect(raw_path)
def send_file_access_msg(request, repo, path, access_from): def send_file_access_msg(request, repo, path, access_from, custom_ip=None, custom_agent=None):
"""Send file downlaod msg for audit. """Send file downlaod msg for audit.
Arguments: Arguments:
@@ -1690,9 +1701,8 @@ def send_file_access_msg(request, repo, path, access_from):
return return
username = request.user.username username = request.user.username
ip = custom_ip or get_remote_ip(request)
ip = get_remote_ip(request) user_agent = custom_agent or request.headers.get("user-agent")
user_agent = request.headers.get("user-agent")
msg = { msg = {
'msg_type': 'file-download-' + access_from, 'msg_type': 'file-download-' + access_from,