haiwen/seahub
1
0
Fork 0
mirror of https://github.com/haiwen/seahub.git synced 2025-09-02 07:27:04 +00:00
Code Issues Releases Wiki Activity

[api] add url for setpassword

Browse Source
This commit is contained in:
poetwang
2012-08-26 20:44:47 +08:00
parent 2a3652770e
commit 78868f9a85
2 changed files with 48 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
api/urls.py
View File

@@ -8,11 +8,11 @@ urlpatterns = patterns('',
url(r'login/$', api_login), url(r'login/$', api_login),
url(r'^$', ReposView.as_view()), url(r'^$', ReposView.as_view()),
url(r'^repo/list/$', ReposView.as_view(), name='repos'), url(r'^repo/list/$', ReposView.as_view(), name='repos'),
url(r'^repo/(?P<repo_id>[^/]+)/$', RepoView.as_view(), name='repo'), url(r'^repo/(?P<repo_id>[^/]+)/$', csrf_exempt(RepoView.as_view()), name='repo'),
url(r'^dir/(?P<repo_id>[^/]+)/$', RepoDirPathView.as_view(), name='repo-dir-path'), url(r'^dir/(?P<repo_id>[^/]+)/$', csrf_exempt(RepoDirPathView.as_view()), name='repo-dir-path'),
url(r'^dir/(?P<repo_id>[^/]+)/(?P<dir_id>[^/]+)/$', RepoDirIdView.as_view(), name='repo-dir-id'), url(r'^dir/(?P<repo_id>[^/]+)/(?P<dir_id>[^/]+)/$', csrf_exempt(RepoDirIdView.as_view()), name='repo-dir-id'),
url(r'^file/(?P<repo_id>[^/]+)/$', RepoFilePathView.as_view(), name='repo-file-path'), url(r'^file/(?P<repo_id>[^/]+)/$', csrf_exempt(RepoFilePathView.as_view()), name='repo-file-path'),
url(r'^file/(?P<repo_id>[^/]+)/(?P<file_id>[^/]+)/$', RepoFileIdView.as_view(), name='repo-file-id'), url(r'^file/(?P<repo_id>[^/]+)/(?P<file_id>[^/]+)/$', csrf_exempt(RepoFileIdView.as_view()), name='repo-file-id'),
) )

51
api/views.py
View File

@@ -124,6 +124,23 @@ def get_dir_entrys_by_id(request, dir_id):
response["oid"] = dir_id response["oid"] = dir_id
return response return response
def set_repo_password(request, repo):
if not password:
return api_error(request, '400', 'password should not be empty')
try:
seafserv_threaded_rpc.set_passwd(repo_id, request.user.username, password)
except SearpcError, e:
if e.msg == 'Bad arguments':
return api_error(request, '400', e.msg)
elif e.msg == 'Repo is not encrypted':
return api_error(request, '400', e.msg)
elif e.msg == 'Incorrect password':
return api_error(request, '400', 'Wrong password')
elif e.msg == 'Internal server error':
return api_error(request, '500', e.msg)
else:
return api_error(request, '400', e.msg)
def check_repo_access_permission(request, repo): def check_repo_access_permission(request, repo):
if not repo: if not repo:
@@ -141,8 +158,12 @@ def check_repo_access_permission(request, repo):
except SearpcError, e: except SearpcError, e:
return api_error(request, '403', e.msg) return api_error(request, '403', e.msg)
if repo.encrypted and not password_set: if not password_set:
return api_error(request, '403', "password needed") password = request.REQUEST['password']
if not password:
return api_error(request, '403', "password needed")
return set_repo_password(request, password)
@csrf_exempt @csrf_exempt
@@ -226,9 +247,11 @@ class RepoView(ResponseMixin, View):
def get_repo_info(request, repo_id): def get_repo_info(request, repo_id):
# check whether user can view repo # check whether user can view repo
repo = get_repo(repo_id) repo = get_repo(repo_id)
resp = check_repo_access_permission(request, repo) if not repo:
if resp: return api_error(request, '404', "repo not found")
return resp
if not can_access_repo(request, repo.id):
return api_error(request, '403', "can not access repo")
# check whether use is repo owner # check whether use is repo owner
if validate_owner(request, repo_id): if validate_owner(request, repo_id):
@@ -242,7 +265,7 @@ class RepoView(ResponseMixin, View):
repo.latest_modify = None repo.latest_modify = None
# query repo infomation # query repo infomation
repo_size = seafserv_threaded_rpc.server_repo_size(repo_id) repo.size = seafserv_threaded_rpc.server_repo_size(repo_id)
current_commit = get_commits(repo_id, 0, 1)[0] current_commit = get_commits(repo_id, 0, 1)[0]
repo_json = { repo_json = {
"type":"repo", "type":"repo",
@@ -251,14 +274,26 @@ class RepoView(ResponseMixin, View):
"name":repo.name, "name":repo.name,
"desc":repo.desc, "desc":repo.desc,
"mtime":repo.lastest_modify, "mtime":repo.lastest_modify,
"password_need":password_need, "password_need":repo.password_need,
"size":repo_size, "size":repo.size,
"root":current_commit.root_id, "root":current_commit.root_id,
} }
response = Response(200, repo_json) response = Response(200, repo_json)
return self.render(response) return self.render(response)
@api_login_required
def post(self, request, repo_id):
resp = check_repo_access_permission(request, get_repo(repo_id))
if resp:
return resp
op = request.GET.get('op', 'setpassword')
if op == 'setpassword':
return HttpResponse(json.dumps("success"), status=200,
content_type=json_content_type)
return HttpResponse(json.dumps("unsupported operation"), status=200,
content_type=json_content_type)
class RepoDirPathView(ResponseMixin, View): class RepoDirPathView(ResponseMixin, View):
renderers = (JSONRenderer,) renderers = (JSONRenderer,)