can add public repo permission update (#3241)

* can add public repo permission update to
both "can_add_public_repo" and "ENABLE_USER_CREATE_ORG_REPO"

tests/api/endpoints/test_shared_repos.py

@@ -9,6 +9,7 @@ from seaserv import seafile_api
 from seahub.profile.models import Profile
 from seahub.test_utils import BaseTestCase, TRAVIS
 from tests.common.utils import randstring
+from mock import patch, MagicMock
 
 
 class SharedReposTest(BaseTestCase):
@@ -219,6 +220,7 @@ class SharedReposTest(BaseTestCase):
         target_repo = [repo for repo in repos if repo.repo_id == self.org_repo.id]
         assert target_repo[0].permission == 'r'
 
+    @patch('seahub.base.accounts.UserPermissions.can_add_public_repo', MagicMock(return_value=True))
     def test_can_update_public_share_perm(self):
         for r in seaserv.seafserv_threaded_rpc.list_inner_pub_repos():
             seafile_api.remove_inner_pub_repo(r.repo_id)
@@ -229,6 +231,7 @@ class SharedReposTest(BaseTestCase):
         assert repos[0].permission == 'rw'
 
         self.login_as(self.user)
+        assert self.user.permissions.can_add_public_repo() is True
 
         url = reverse('api-v2.1-shared-repo', args=[self.repo_id])
         data = 'permission=r&share_type=public'
@@ -239,6 +242,15 @@ class SharedReposTest(BaseTestCase):
         repos = seafile_api.list_inner_pub_repos_by_owner(self.user_name)
         assert repos[0].permission == 'r'
 
+    def test_can_not_update_public_share_perm_when_add_public_repo_disabled(self):
+        self.login_as(self.user)
+        assert self.user.permissions.can_add_public_repo() is False
+
+        url = reverse('api-v2.1-shared-repo', args=[self.repo_id])
+        data = 'permission=r&share_type=public'
+        resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
+        self.assertEqual(403, resp.status_code)
+
     def test_delete_user_share(self):
         self.share_repo_to_user()