use token to controll access

2025-08-02 07:47:32 +00:00 · 2012-07-17 20:53:38 +08:00 · 2012-07-17 20:53:38 +08:00 · 64d0dd8b0c
commit 64d0dd8b0c
parent 882b9f4892
4 changed files with 46 additions and 17 deletions
--- a/templates/seafile_access_check.html
+++ b/templates/seafile_access_check.html
@ -2,7 +2,8 @@

 {% block main_panel %}
 <div class="text-panel">
-    <p class="error hide">请确认本地Seafile程序已启动。</p>
+    <p id="msg-client"  class="error hide">请确认本地Seafile程序已启动。</p>
+    <p id="msg-version" class="error hide">你的 Seafile 客户端版本太旧，请升级到最新版本。<a href="http://www.seafile.com/download">点击下载</a></p>
 </div>
 {% endblock %}

@ -10,6 +11,7 @@
 <script type="text/javascript">
 $(function() {
    var req_success = false;
+    var version_mismatch = false;
    $.ajax({
        url: '{{ applet_root }}/seafile_access_check/',
        dataType: 'jsonp',
@ -18,15 +20,21 @@ $(function() {
        error: function() {
            $('.error').removeClass('hide');
        },
-        success: function() {
-            req_success = true;
-            location.href = '{{ SITE_ROOT }}download/repo/?repo_id={{ repo_id }}';
+        success: function(version) {
+            if (version !== 2) {
+                version_mismatch = true;
+            } else {
+                req_success = true;
+                location.href = '{{ SITE_ROOT }}download/repo/?repo_id={{ repo_id }}';
+            }
        }
    });

    setTimeout(function() {
-        if (!req_success) {
-            $('.error').removeClass('hide');
+        if (version_mismatch) {
+            $('#msg-version').removeClass('hide');
+        } else if (!req_success) {
+            $('#msg-client').removeClass('hide');
        }
    }, 1000);
 });
--- a/urls.py
+++ b/urls.py
@ -65,7 +65,7 @@ urlpatterns = patterns('',
    (r'^repo/remove/(?P<repo_id>[^/]+)/$', remove_repo),
 #    (r'^repo/removefetched/(?P<user_id>[^/]+)/(?P<repo_id>[^/]+)/$', remove_fetched_repo),
 #    (r'^repo/setap/(?P<repo_id>[^/]+)/$', repo_set_access_property),
-    (r'^repo/(?P<repo_id>[^/]+)/files/$', repo_view_file),
+    url(r'^repo/(?P<repo_id>[^/]+)/files/$', repo_view_file, name="repo_view_file"),
    (r'^repo/(?P<repo_id>[^/]+)/file/get/$', repo_file_get),
    url(r'^repo/(?P<repo_id>[^/]+)/(?P<obj_id>[^/]+)/$', repo_access_file, name='repo_access_file'),
                       
--- a/utils.py
+++ b/utils.py
@ -274,3 +274,10 @@ def gen_file_get_url(token, filename):
    Format: http://<domain:port>/files/<token>/<filename>
    """
    return '%s/files/%s/%s' % (get_httpserver_root(), token, filename)
+
+def get_ccnet_server_addr_port():
+    """Return ccnet <ip or domain>:<port>"""
+    try:
+        return settings.CCNET_SERVER_ADDR, settings.CCNET_SERVER_PORT
+    except:
+        return None, None
--- a/views.py
+++ b/views.py
@ -40,7 +40,7 @@ from utils import go_permission_error, go_error, list_to_string, \
    get_httpserver_root, get_ccnetapplet_root, gen_token, \
    calculate_repo_last_modify, valid_previewed_file, \
    check_filename_with_rename, get_accessible_repos, EMPTY_SHA1, \
-    get_file_revision_id_size, gen_file_get_url
+    get_file_revision_id_size, get_ccnet_server_addr_port, gen_file_get_url
 from seahub.profile.models import Profile
 from settings import FILE_PREVIEW_MAX_SIZE

@ -740,7 +740,6 @@ def myhome(request):
    else:
        profile = Profile.objects.filter(user=request.user.username)[0]
        nickname = profile.nickname
-
    return render_to_response('myhome.html', {
            "myname": email,
            "nickname": nickname,
@ -785,7 +784,7 @@ def repo_del_file(request, repo_id):
    user = request.user.username
    try:
        seafserv_threaded_rpc.del_file(repo_id, parent_dir,file_name, user)
-    except Exception, e:
+    except:
        pass

    url = reverse('repo', args=[repo_id]) + ('?p=%s' % parent_dir)
@ -1022,11 +1021,27 @@ def repo_download(request):
                "error_msg": u"下载失败：无法取得中继"
                }, context_instance=RequestContext(request))

-    ccnet_applet_root = get_ccnetapplet_root()
-    redirect_url = "%s/repo/download/?repo_id=%s&relay_id=%s&repo_name=%s&encrypted=%s" % (
-        ccnet_applet_root, repo_id, relay_id, quote_repo_name, enc)
+    try:
+        token = seafserv_threaded_rpc.get_repo_token_nonnull \
+                (repo_id, request.user.username)
+    except Exception, e:
+        return go_error(request, str(e))

-    return HttpResponseRedirect(redirect_url)
+    addr, port = get_ccnet_server_addr_port ()
+
+    if not (addr and port):
+        return go_error(request, u"服务器设置错误")
+
+    ccnet_applet_root = get_ccnetapplet_root()
+    email = urllib2.quote(request.user.username)
+
+    url = ccnet_applet_root + "/repo/download/"
+    
+    url += "?relay_id=%s&relay_addr=%s&relay_port=%s" % (relay_id, addr, port)
+    url += "&email=%s&token=%s" % (email, token)
+    url += "&repo_id=%s&repo_name=%s&encrypted=%s" % (repo_id, quote_repo_name, enc)
+
+    return HttpResponseRedirect(url)

@login_required    
 def file_move(request):
@ -1798,9 +1813,8 @@ def file_revisions(request, repo_id):
        if not seafile_id:
            return go_error(request)
        file_name = os.path.basename(path)
-        url = reverse(repo_view_file, args=[repo_id, seafile_id])
-        url += u'?commit_id=%s&file_name=%s&p=%s' \
-               % (commit_id, file_name, path)
+        url = reverse(repo_view_file, args=[repo_id])
+        url += '?obj_id=%s&commit_id=%s&p=%s' % (seafile_id, commit_id, path)
        return HttpResponseRedirect(url)

@login_required