From 2d4638eb6b63599568d67a921d1da13f50288a50 Mon Sep 17 00:00:00 2001
From: lian <lian@seafile.com>
Date: Thu, 6 May 2021 14:46:36 +0800
Subject: [PATCH 1/5] check virus when upload file via share link

---
 seahub/api2/endpoints/share_links.py  | 10 ++++++++--
 seahub/api2/endpoints/upload_links.py | 14 +++++++++++---
 2 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/seahub/api2/endpoints/share_links.py b/seahub/api2/endpoints/share_links.py
index cab76063fc..1fb0db92e9 100644
--- a/seahub/api2/endpoints/share_links.py
+++ b/seahub/api2/endpoints/share_links.py
@@ -43,7 +43,7 @@ from seahub.settings import SHARE_LINK_EXPIRE_DAYS_MAX, \
         SHARE_LINK_EXPIRE_DAYS_MIN, SHARE_LINK_LOGIN_REQUIRED, \
         SHARE_LINK_EXPIRE_DAYS_DEFAULT, \
         ENABLE_SHARE_LINK_AUDIT, ENABLE_VIDEO_THUMBNAIL, \
-        THUMBNAIL_ROOT
+        THUMBNAIL_ROOT, ENABLE_UPLOAD_LINK_VIRUS_CHECK
 from seahub.wiki.models import Wiki
 from seahub.views.file import can_edit_file
 from seahub.views import check_folder_permission
@@ -808,11 +808,17 @@ class ShareLinkUpload(APIView):
 
         # generate token
         obj_id = json.dumps({'parent_dir': path})
+
+        check_virus = False
+        if is_pro_version() and ENABLE_UPLOAD_LINK_VIRUS_CHECK:
+            check_virus = True
+
         token = seafile_api.get_fileserver_access_token(repo_id,
                                                         obj_id,
                                                         'upload-link',
                                                         share_link.username,
-                                                        use_onetime=False)
+                                                        use_onetime=False,
+                                                        check_virus=check_virus)
 
         if not token:
             error_msg = 'Internal Server Error'
diff --git a/seahub/api2/endpoints/upload_links.py b/seahub/api2/endpoints/upload_links.py
index 4974e9ad0e..7658c91481 100644
--- a/seahub/api2/endpoints/upload_links.py
+++ b/seahub/api2/endpoints/upload_links.py
@@ -25,12 +25,14 @@ from seahub.api2.throttling import AnonRateThrottle, UserRateThrottle
 from seahub.api2.permissions import CanGenerateUploadLink
 
 from seahub.share.models import UploadLinkShare, check_share_link_common
-from seahub.utils import gen_shared_upload_link, gen_file_upload_url
+from seahub.utils import gen_shared_upload_link, gen_file_upload_url, \
+        is_pro_version
 from seahub.views import check_folder_permission
 from seahub.utils.timeutils import datetime_to_isoformat_timestr
 
 from seahub.settings import UPLOAD_LINK_EXPIRE_DAYS_DEFAULT, \
-        UPLOAD_LINK_EXPIRE_DAYS_MIN, UPLOAD_LINK_EXPIRE_DAYS_MAX
+        UPLOAD_LINK_EXPIRE_DAYS_MIN, UPLOAD_LINK_EXPIRE_DAYS_MAX, \
+        ENABLE_UPLOAD_LINK_VIRUS_CHECK
 
 logger = logging.getLogger(__name__)
 
@@ -349,11 +351,17 @@ class UploadLinkUpload(APIView):
             return api_error(status.HTTP_403_FORBIDDEN, error_msg)
 
         obj_id = json.dumps({'parent_dir': path})
+
+        check_virus = False
+        if is_pro_version() and ENABLE_UPLOAD_LINK_VIRUS_CHECK:
+            check_virus = True
+
         token = seafile_api.get_fileserver_access_token(repo_id,
                                                         obj_id,
                                                         'upload-link',
                                                         uls.username,
-                                                        use_onetime=False)
+                                                        use_onetime=False,
+                                                        check_virus=check_virus)
 
         if not token:
             error_msg = 'Internal Server Error'

From ce7d93b43bc89152268c37d953092e360fffb2b2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E7=8E=8B=E5=81=A5=E8=BE=89?=
 <40563566+mrwangjianhui@users.noreply.github.com>
Date: Thu, 20 May 2021 15:06:27 +0800
Subject: [PATCH 2/5] optimize get_file_audit_events

---
 seahub/api2/endpoints/admin/logs.py | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/seahub/api2/endpoints/admin/logs.py b/seahub/api2/endpoints/admin/logs.py
index d615cda682..52d307cc37 100644
--- a/seahub/api2/endpoints/admin/logs.py
+++ b/seahub/api2/endpoints/admin/logs.py
@@ -120,8 +120,18 @@ class AdminLogsFileAccessLogs(APIView):
         start = per_page * (current_page - 1)
         limit = per_page + 1
 
+        if user_selected:
+            org_id = -1
+            orgs = ccnet_api.get_orgs_by_user(user_selected)
+            if orgs:
+                org_id = orgs[0].org_id
+        elif repo_id_selected:
+            org_id = seafile_api.get_org_id_by_repo_id(repo_id_selected)
+        else:
+            org_id = 0
+
         # org_id = 0, show all file audit
-        events = get_file_audit_events(user_selected, 0, repo_id_selected, start, limit) or []
+        events = get_file_audit_events(user_selected, org_id, repo_id_selected, start, limit) or []
 
         if len(events) > per_page:
             events = events[:per_page]

From c1ba613abec7e544e91260ea0364516dfd91e69e Mon Sep 17 00:00:00 2001
From: lian <lian@seafile.com>
Date: Thu, 20 May 2021 17:00:24 +0800
Subject: [PATCH 3/5] update admin get users api

remove audit_last_access and update_last_access
---
 seahub/api2/endpoints/admin/users.py | 22 ++--------------------
 1 file changed, 2 insertions(+), 20 deletions(-)

diff --git a/seahub/api2/endpoints/admin/users.py b/seahub/api2/endpoints/admin/users.py
index ec54c3558a..d1ced392e9 100644
--- a/seahub/api2/endpoints/admin/users.py
+++ b/seahub/api2/endpoints/admin/users.py
@@ -34,12 +34,11 @@ from seahub.profile.settings import CONTACT_CACHE_TIMEOUT, CONTACT_CACHE_PREFIX,
 from seahub.utils import is_valid_username2, is_org_context, \
         is_pro_version, normalize_cache_key, is_valid_email, \
         IS_EMAIL_CONFIGURED, send_html_email, get_site_name, \
-        gen_shared_link, gen_shared_upload_link, \
-        get_file_audit_events, get_file_update_events
+        gen_shared_link, gen_shared_upload_link
 
 from seahub.utils.file_size import get_file_size_unit
 from seahub.utils.timeutils import timestamp_to_isoformat_timestr, \
-        datetime_to_isoformat_timestr, utc_to_local
+        datetime_to_isoformat_timestr
 from seahub.utils.user_permissions import get_user_role
 from seahub.utils.repo import normalize_repo_status_code
 from seahub.constants import DEFAULT_ADMIN
@@ -64,21 +63,10 @@ json_content_type = 'application/json; charset=utf-8'
 def get_user_last_access_time(email, last_login_time):
 
     device_last_access = ''
-    audit_last_access = ''
-    update_last_access = ''
-
     devices = TokenV2.objects.filter(user=email).order_by('-last_accessed')
     if devices:
         device_last_access = devices[0].last_accessed
 
-    audit_events = get_file_audit_events(email, 0, None, 0, 1) or []
-    if audit_events:
-        audit_last_access = audit_events[0].timestamp
-
-    update_events = get_file_update_events(email, 0, None, 0, 1) or []
-    if update_events:
-        update_last_access = update_events[0].timestamp
-
     last_access_time_list = []
     if last_login_time:
         last_access_time_list.append(last_login_time)
@@ -86,12 +74,6 @@ def get_user_last_access_time(email, last_login_time):
     if device_last_access:
         last_access_time_list.append(device_last_access)
 
-    if audit_last_access:
-        last_access_time_list.append(utc_to_local(audit_last_access))
-
-    if update_last_access:
-        last_access_time_list.append(utc_to_local(update_last_access))
-
     if not last_access_time_list:
         return ''
     else:

From d9120643c8f3f6836419d674ed321894d8831a33 Mon Sep 17 00:00:00 2001
From: lian <lian@seafile.com>
Date: Fri, 21 May 2021 10:53:20 +0800
Subject: [PATCH 4/5] let admin can delete device on CE version

---
 .../dialog/sysadmin-dialog/sysadmin-unlink-device-dialog.js   | 4 +++-
 frontend/src/pages/sys-admin/devices/devices-by-platform.js   | 4 +---
 seahub/api2/endpoints/admin/devices.py                        | 4 +++-
 3 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/frontend/src/components/dialog/sysadmin-dialog/sysadmin-unlink-device-dialog.js b/frontend/src/components/dialog/sysadmin-dialog/sysadmin-unlink-device-dialog.js
index d95952a431..11417db426 100644
--- a/frontend/src/components/dialog/sysadmin-dialog/sysadmin-unlink-device-dialog.js
+++ b/frontend/src/components/dialog/sysadmin-dialog/sysadmin-unlink-device-dialog.js
@@ -1,6 +1,6 @@
 import React from 'react';
 import PropTypes from 'prop-types';
-import { gettext } from '../../../utils/constants';
+import { gettext, isPro } from '../../../utils/constants';
 import { Button, Modal, ModalHeader, ModalBody, ModalFooter } from 'reactstrap';
 
 const propTypes = {
@@ -36,10 +36,12 @@ class SysAdminUnlinkDevice extends React.Component {
         <ModalHeader toggle={toggle}>{gettext('Unlink device')}</ModalHeader>
         <ModalBody>
           <p>{gettext('Are you sure you want to unlink this device?')}</p>
+          {isPro &&
           <div className="d-flex align-items-center">
             <input id="delete-files" className="mr-1" type="checkbox" checked={inputChecked} onChange={this.handleInputChange} />
             <label htmlFor="delete-files" className="m-0">{gettext('Delete files from this device the next time it comes online.')}</label>
           </div>
+          }
         </ModalBody>
         <ModalFooter>
           <Button color="secondary" onClick={toggle}>{gettext('Cancel')}</Button>
diff --git a/frontend/src/pages/sys-admin/devices/devices-by-platform.js b/frontend/src/pages/sys-admin/devices/devices-by-platform.js
index 25607c44ad..068a2eb2fb 100644
--- a/frontend/src/pages/sys-admin/devices/devices-by-platform.js
+++ b/frontend/src/pages/sys-admin/devices/devices-by-platform.js
@@ -1,6 +1,6 @@
 import React, { Component, Fragment } from 'react';
 import { seafileAPI } from '../../../utils/seafile-api';
-import { gettext, isPro } from '../../../utils/constants';
+import { gettext } from '../../../utils/constants';
 import toaster from '../../../components/toast';
 import { Utils } from '../../../utils/utils';
 import EmptyTip from '../../../components/empty-tip';
@@ -133,9 +133,7 @@ class Item extends Component {
             <span title={moment(item.last_accessed).format('llll')}>{moment(item.last_accessed).fromNow()}</span>
           </td>
           <td>
-            {isPro &&
             <a href="#" className={`sf2-icon-delete action-icon ${isOpIconShown ? '' : 'invisible'}`} title={gettext('Unlink')} onClick={this.handleUnlink}></a>
-            }
           </td>
         </tr>
         {isUnlinkDeviceDialogOpen &&
diff --git a/seahub/api2/endpoints/admin/devices.py b/seahub/api2/endpoints/admin/devices.py
index 5117c2cf41..f908993887 100644
--- a/seahub/api2/endpoints/admin/devices.py
+++ b/seahub/api2/endpoints/admin/devices.py
@@ -9,6 +9,7 @@ from rest_framework import status
 
 from pysearpc import SearpcError
 
+from seahub.utils import is_pro_version
 from seahub.utils.devices import do_unlink_device
 from seahub.utils.timeutils import datetime_to_isoformat_timestr
 
@@ -20,6 +21,7 @@ from seahub.base.templatetags.seahub_tags import email2nickname
 
 logger = logging.getLogger(__name__)
 
+
 class AdminDevices(APIView):
     authentication_classes = (TokenAuthentication, SessionAuthentication)
     throttle_classes = (UserRateThrottle,)
@@ -75,7 +77,7 @@ class AdminDevices(APIView):
 
     def delete(self, request, format=None):
 
-        if not request.user.admin_permissions.other_permission():
+        if is_pro_version() and not request.user.admin_permissions.other_permission():
             return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
 
         platform = request.data.get('platform', '')

From 8c2bb6d302c5d98f38328fce66bcf80f88febe34 Mon Sep 17 00:00:00 2001
From: lian <lian@seafile.com>
Date: Fri, 21 May 2021 11:25:37 +0800
Subject: [PATCH 5/5] fix bug when admin set user quota to 0

---
 seahub/api2/endpoints/admin/users.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/seahub/api2/endpoints/admin/users.py b/seahub/api2/endpoints/admin/users.py
index 4b0e960130..ee866f394a 100644
--- a/seahub/api2/endpoints/admin/users.py
+++ b/seahub/api2/endpoints/admin/users.py
@@ -250,7 +250,7 @@ def update_user_info(request, user, password, is_active, is_staff, role,
         if institution_name == '':
             InstitutionAdmin.objects.filter(user=email).delete()
 
-    if quota_total_mb:
+    if quota_total_mb is not None:
         quota_total = int(quota_total_mb) * get_file_size_unit('MB')
         orgs = ccnet_api.get_orgs_by_user(email)
         try: