From 97016a2e2ba1956e71d49f2465f0622e8a933957 Mon Sep 17 00:00:00 2001
From: sniper-py <38058090+sniper-py@users.noreply.github.com>
Date: Mon, 8 Jul 2019 15:44:38 +0800
Subject: [PATCH] update work weixin setting (#3819)
---
frontend/src/pages/sys-admin/side-panel.js | 4 +-
frontend/src/utils/constants.js | 2 +-
seahub/auth/views.py | 2 +-
seahub/base/context_processors.py | 4 +-
seahub/oauth/backends.py | 4 +-
seahub/settings.py | 10 +--
seahub/templates/js/sysadmin-templates.html | 2 +-
seahub/templates/sysadmin/base.html | 2 +-
.../templates/sysadmin/sysadmin_backbone.html | 2 +-
.../sysadmin/sysadmin_react_app.html | 2 +-
seahub/views/sso.py | 2 +-
seahub/views/sysadmin.py | 6 +-
seahub/work_weixin/settings.py | 4 +-
seahub/work_weixin/utils.py | 69 +++++++++----------
14 files changed, 52 insertions(+), 63 deletions(-)
diff --git a/frontend/src/pages/sys-admin/side-panel.js b/frontend/src/pages/sys-admin/side-panel.js
index 449e5f6488..8dbb63328d 100644
--- a/frontend/src/pages/sys-admin/side-panel.js
+++ b/frontend/src/pages/sys-admin/side-panel.js
@@ -5,7 +5,7 @@ import Logo from '../../components/logo';
import { gettext, siteRoot, isPro, isDefaultAdmin, canViewSystemInfo, canViewStatistic,
canConfigSystem, canManageLibrary, canManageUser, canManageGroup, canViewUserLog,
canViewAdminLog, constanceEnabled, multiTenancy, multiInstitution, sysadminExtraEnabled,
- enableGuestInvitation, enableTermsAndConditions, enableFileScan, enableWorkWeixinDepartments } from '../../utils/constants';
+ enableGuestInvitation, enableTermsAndConditions, enableFileScan, enableWorkWeixin } from '../../utils/constants';
const propTypes = {
isSidePanelClosed: PropTypes.bool.isRequired,
@@ -174,7 +174,7 @@ class SidePanel extends React.Component {
}
- {isDefaultAdmin && enableWorkWeixinDepartments &&
+ {isDefaultAdmin && enableWorkWeixin &&
diff --git a/frontend/src/utils/constants.js b/frontend/src/utils/constants.js
index d8f013ac4d..10e3dfc892 100644
--- a/frontend/src/utils/constants.js
+++ b/frontend/src/utils/constants.js
@@ -116,5 +116,5 @@ export const canManageUser = window.sysadmin ? window.sysadmin.pageOptions.admin
export const canManageGroup = window.sysadmin ? window.sysadmin.pageOptions.admin_permissions.can_manage_group : '';
export const canViewUserLog = window.sysadmin ? window.sysadmin.pageOptions.admin_permissions.can_view_user_log : '';
export const canViewAdminLog = window.sysadmin ? window.sysadmin.pageOptions.admin_permissions.can_view_admin_log : '';
-export const enableWorkWeixinDepartments = window.sysadmin ? window.sysadmin.pageOptions.enable_work_weixin_departments : '';
+export const enableWorkWeixin = window.sysadmin ? window.sysadmin.pageOptions.enable_work_weixin : '';
diff --git a/seahub/auth/views.py b/seahub/auth/views.py
index 756c5aff6a..5b3efb70d3 100644
--- a/seahub/auth/views.py
+++ b/seahub/auth/views.py
@@ -186,7 +186,7 @@ def login(request, template_name='registration/login.html',
getattr(settings, 'ENABLE_OAUTH', False) or \
getattr(settings, 'ENABLE_CAS', False) or \
getattr(settings, 'ENABLE_REMOTE_USER_AUTHENTICATION', False) or \
- getattr(settings, 'ENABLE_WORK_WEIXIN_OAUTH', False)
+ getattr(settings, 'ENABLE_WORK_WEIXIN', False)
login_bg_image_path = get_login_bg_image_path()
diff --git a/seahub/base/context_processors.py b/seahub/base/context_processors.py
index 5dc21e432d..e7e435194b 100644
--- a/seahub/base/context_processors.py
+++ b/seahub/base/context_processors.py
@@ -50,7 +50,7 @@ try:
from seahub.settings import ENABLE_FILE_SCAN
except ImportError:
ENABLE_FILE_SCAN = False
-from seahub.work_weixin.settings import ENABLE_WORK_WEIXIN_DEPARTMENTS
+from seahub.work_weixin.settings import ENABLE_WORK_WEIXIN
def base(request):
@@ -133,7 +133,7 @@ def base(request):
'enable_resumable_fileupload': dj_settings.ENABLE_RESUMABLE_FILEUPLOAD,
'service_url': get_service_url().rstrip('/'),
'enable_file_scan': ENABLE_FILE_SCAN,
- 'enable_work_weixin_departments': ENABLE_WORK_WEIXIN_DEPARTMENTS,
+ 'enable_work_weixin': ENABLE_WORK_WEIXIN,
'avatar_url': avatar_url if avatar_url else '',
}
diff --git a/seahub/oauth/backends.py b/seahub/oauth/backends.py
index 6cad124101..4f826dc0d0 100644
--- a/seahub/oauth/backends.py
+++ b/seahub/oauth/backends.py
@@ -4,7 +4,7 @@ from seahub.auth.backends import RemoteUserBackend
from seahub.base.accounts import User
from registration.models import (notify_admins_on_activate_request,
notify_admins_on_register_complete)
-from seahub.work_weixin.settings import ENABLE_WORK_WEIXIN_OAUTH
+from seahub.work_weixin.settings import ENABLE_WORK_WEIXIN
class OauthRemoteUserBackend(RemoteUserBackend):
"""
@@ -23,7 +23,7 @@ class OauthRemoteUserBackend(RemoteUserBackend):
# Create active user by default.
activate_after_creation = getattr(settings, 'OAUTH_ACTIVATE_USER_AFTER_CREATION', True)
- if ENABLE_WORK_WEIXIN_OAUTH:
+ if ENABLE_WORK_WEIXIN:
create_unknown_user = getattr(settings, 'WORK_WEIXIN_OAUTH_CREATE_UNKNOWN_USER', True)
activate_after_creation = getattr(settings, 'WORK_WEIXIN_OAUTH_ACTIVATE_USER_AFTER_CREATION', True)
diff --git a/seahub/settings.py b/seahub/settings.py
index e648c37e21..94c4f936e1 100644
--- a/seahub/settings.py
+++ b/seahub/settings.py
@@ -301,12 +301,8 @@ SOCIAL_AUTH_PIPELINE = (
ENABLE_OAUTH = False
ENABLE_WATERMARK = False
-# allow user scan the work weixin qrcode to login
-ENABLE_WORK_WEIXIN_OAUTH = False
-# allow seafile admin import user from work weixin
-ENABLE_WORK_WEIXIN_DEPARTMENTS = False
-# allow send unread msg to work weixin
-ENABLE_WORK_WEIXIN_NOTIFICATIONS = False
+# enable work weixin
+ENABLE_WORK_WEIXIN = False
# allow user to clean library trash
ENABLE_USER_CLEAN_TRASH = True
@@ -914,5 +910,5 @@ if ENABLE_REMOTE_USER_AUTHENTICATION:
MIDDLEWARE_CLASSES += ('seahub.auth.middleware.SeafileRemoteUserMiddleware',)
AUTHENTICATION_BACKENDS += ('seahub.auth.backends.SeafileRemoteUserBackend',)
-if ENABLE_OAUTH or ENABLE_WORK_WEIXIN_OAUTH:
+if ENABLE_OAUTH or ENABLE_WORK_WEIXIN:
AUTHENTICATION_BACKENDS += ('seahub.oauth.backends.OauthRemoteUserBackend',)
diff --git a/seahub/templates/js/sysadmin-templates.html b/seahub/templates/js/sysadmin-templates.html
index 26eaaaaa54..a3c8739120 100644
--- a/seahub/templates/js/sysadmin-templates.html
+++ b/seahub/templates/js/sysadmin-templates.html
@@ -122,7 +122,7 @@
{% endif %}
- {% if is_default_admin and enable_work_weixin_departments %}
+ {% if is_default_admin and enable_work_weixin %}
企业微信集成
diff --git a/seahub/templates/sysadmin/base.html b/seahub/templates/sysadmin/base.html
index 6a1dc78941..688b59f599 100644
--- a/seahub/templates/sysadmin/base.html
+++ b/seahub/templates/sysadmin/base.html
@@ -133,7 +133,7 @@
{% endif %}
- {% if is_default_admin and enable_work_weixin_departments %}
+ {% if is_default_admin and enable_work_weixin %}
企业微信集成
diff --git a/seahub/templates/sysadmin/sysadmin_backbone.html b/seahub/templates/sysadmin/sysadmin_backbone.html
index c584b86834..064bbf2acf 100644
--- a/seahub/templates/sysadmin/sysadmin_backbone.html
+++ b/seahub/templates/sysadmin/sysadmin_backbone.html
@@ -108,7 +108,7 @@ app["pageOptions"] = {
cur_note: {% if request.cur_note %} {'id': '{{ request.cur_note.id }}'} {% else %} null {% endif %},
is_default_admin: {% if is_default_admin %} true {% else %} false {% endif %},
enable_file_scan: {% if enable_file_scan %} true {% else %} false {% endif %},
- enable_work_weixin_departments: {% if enable_work_weixin_departments %} true {% else %} false {% endif %},
+ enable_work_weixin: {% if enable_work_weixin %} true {% else %} false {% endif %},
admin_permissions: {
"can_view_system_info": {% if user.admin_permissions.can_view_system_info %} true {% else %} false {% endif %},
"can_view_statistic": {% if user.admin_permissions.can_view_statistic %} true {% else %} false {% endif %},
diff --git a/seahub/templates/sysadmin/sysadmin_react_app.html b/seahub/templates/sysadmin/sysadmin_react_app.html
index 7b7ae200ca..bc1a5eb039 100644
--- a/seahub/templates/sysadmin/sysadmin_react_app.html
+++ b/seahub/templates/sysadmin/sysadmin_react_app.html
@@ -15,7 +15,7 @@
enable_terms_and_conditions: {% if enable_terms_and_conditions %} true {% else %} false {% endif %},
is_default_admin: {% if is_default_admin %} true {% else %} false {% endif %},
enable_file_scan: {% if enable_file_scan %} true {% else %} false {% endif %},
- enable_work_weixin_departments: {% if enable_work_weixin_departments %} true {% else %} false {% endif %},
+ enable_work_weixin: {% if enable_work_weixin %} true {% else %} false {% endif %},
admin_permissions: {
"can_view_system_info": {% if user.admin_permissions.can_view_system_info %} true {% else %} false {% endif %},
"can_view_statistic": {% if user.admin_permissions.can_view_statistic %} true {% else %} false {% endif %},
diff --git a/seahub/views/sso.py b/seahub/views/sso.py
index 22ee8471e9..28d63a3e92 100644
--- a/seahub/views/sso.py
+++ b/seahub/views/sso.py
@@ -35,7 +35,7 @@ def sso(request):
if getattr(settings, 'ENABLE_CAS', False):
return HttpResponseRedirect(reverse('cas_ng_login') + next_param)
- if getattr(settings, 'ENABLE_WORK_WEIXIN_OAUTH', False):
+ if getattr(settings, 'ENABLE_WORK_WEIXIN', False):
return HttpResponseRedirect(reverse('work_weixin_oauth_login') + next_param)
return HttpResponseRedirect(next_page)
diff --git a/seahub/views/sysadmin.py b/seahub/views/sysadmin.py
index c7a07d8b33..19274811e8 100644
--- a/seahub/views/sysadmin.py
+++ b/seahub/views/sysadmin.py
@@ -98,7 +98,7 @@ try:
from seahub.settings import ENABLE_FILE_SCAN
except ImportError:
ENABLE_FILE_SCAN = False
-from seahub.work_weixin.settings import ENABLE_WORK_WEIXIN_DEPARTMENTS
+from seahub.work_weixin.settings import ENABLE_WORK_WEIXIN
logger = logging.getLogger(__name__)
@@ -133,7 +133,7 @@ def sysadmin(request):
'enable_limit_ipaddress': ENABLE_LIMIT_IPADDRESS,
'trash_repos_expire_days': expire_days if expire_days > 0 else 30,
'enable_file_scan': ENABLE_FILE_SCAN,
- 'enable_work_weixin_departments': ENABLE_WORK_WEIXIN_DEPARTMENTS,
+ 'enable_work_weixin': ENABLE_WORK_WEIXIN,
})
@login_required
@@ -148,7 +148,7 @@ def sysadmin_react_fake_view(request):
'enable_guest_invitation': ENABLE_GUEST_INVITATION,
'enable_terms_and_conditions': config.ENABLE_TERMS_AND_CONDITIONS,
'enable_file_scan': ENABLE_FILE_SCAN,
- 'enable_work_weixin_departments': ENABLE_WORK_WEIXIN_DEPARTMENTS,
+ 'enable_work_weixin': ENABLE_WORK_WEIXIN,
})
@login_required
diff --git a/seahub/work_weixin/settings.py b/seahub/work_weixin/settings.py
index f3623a8e3a..c3e36a1d01 100644
--- a/seahub/work_weixin/settings.py
+++ b/seahub/work_weixin/settings.py
@@ -3,13 +3,13 @@
from django.conf import settings
# # work weixin base
+ENABLE_WORK_WEIXIN = getattr(settings, 'ENABLE_WORK_WEIXIN', False)
WORK_WEIXIN_CORP_ID = getattr(settings, 'WORK_WEIXIN_CORP_ID', '')
WORK_WEIXIN_AGENT_SECRET = getattr(settings, 'WORK_WEIXIN_AGENT_SECRET', '')
WORK_WEIXIN_ACCESS_TOKEN_URL = getattr(settings, 'WORK_WEIXIN_ACCESS_TOKEN_URL',
'https://qyapi.weixin.qq.com/cgi-bin/gettoken')
# # admin work weixin departments
-ENABLE_WORK_WEIXIN_DEPARTMENTS = getattr(settings, 'ENABLE_WORK_WEIXIN_DEPARTMENTS', False)
WORK_WEIXIN_DEPARTMENTS_URL = getattr(settings, 'WORK_WEIXIN_DEPARTMENTS_URL',
'https://qyapi.weixin.qq.com/cgi-bin/department/list')
WORK_WEIXIN_DEPARTMENT_MEMBERS_URL = getattr(settings, 'WORK_WEIXIN_DEPARTMENT_MEMBERS_URL',
@@ -17,7 +17,6 @@ WORK_WEIXIN_DEPARTMENT_MEMBERS_URL = getattr(settings, 'WORK_WEIXIN_DEPARTMENT_M
# # work weixin oauth
WORK_WEIXIN_AGENT_ID = getattr(settings, 'WORK_WEIXIN_AGENT_ID', '')
-ENABLE_WORK_WEIXIN_OAUTH = getattr(settings, 'ENABLE_WORK_WEIXIN_OAUTH', False)
WORK_WEIXIN_UID_PREFIX = WORK_WEIXIN_CORP_ID + '_'
WORK_WEIXIN_USER_INFO_AUTO_UPDATE = getattr(settings, 'WORK_WEIXIN_USER_INFO_AUTO_UPDATE', True)
WORK_WEIXIN_AUTHORIZATION_URL = getattr(settings, 'WORK_WEIXIN_AUTHORIZATION_URL',
@@ -28,7 +27,6 @@ WORK_WEIXIN_GET_USER_PROFILE_URL = getattr(settings, 'WORK_WEIXIN_GET_USER_PROFI
'https://qyapi.weixin.qq.com/cgi-bin/user/get')
# # work weixin notifications
-ENABLE_WORK_WEIXIN_NOTIFICATIONS = getattr(settings, 'ENABLE_WORK_WEIXIN_NOTIFICATIONS', False)
WORK_WEIXIN_NOTIFICATIONS_URL = getattr(settings, 'WORK_WEIXIN_NOTIFICATIONS_URL',
'https://qyapi.weixin.qq.com/cgi-bin/message/send')
diff --git a/seahub/work_weixin/utils.py b/seahub/work_weixin/utils.py
index feb27c9258..0904cdfb1c 100644
--- a/seahub/work_weixin/utils.py
+++ b/seahub/work_weixin/utils.py
@@ -8,11 +8,11 @@ import requests
from django.core.cache import cache
from seahub.utils import normalize_cache_key
from seahub.work_weixin.settings import WORK_WEIXIN_CORP_ID, WORK_WEIXIN_AGENT_SECRET, \
- WORK_WEIXIN_ACCESS_TOKEN_URL, ENABLE_WORK_WEIXIN_DEPARTMENTS, \
+ WORK_WEIXIN_ACCESS_TOKEN_URL, ENABLE_WORK_WEIXIN, \
WORK_WEIXIN_DEPARTMENTS_URL, WORK_WEIXIN_DEPARTMENT_MEMBERS_URL, \
- ENABLE_WORK_WEIXIN_OAUTH, WORK_WEIXIN_AGENT_ID, WORK_WEIXIN_AUTHORIZATION_URL, \
+ WORK_WEIXIN_AGENT_ID, WORK_WEIXIN_AUTHORIZATION_URL, \
WORK_WEIXIN_GET_USER_INFO_URL, WORK_WEIXIN_GET_USER_PROFILE_URL, \
- ENABLE_WORK_WEIXIN_NOTIFICATIONS, WORK_WEIXIN_NOTIFICATIONS_URL
+ WORK_WEIXIN_NOTIFICATIONS_URL
from seahub.profile.models import Profile
logger = logging.getLogger(__name__)
@@ -66,34 +66,35 @@ def handler_work_weixin_api_response(response):
def work_weixin_base_check():
""" work weixin base check
"""
+ if not ENABLE_WORK_WEIXIN:
+ return False
+
if not WORK_WEIXIN_CORP_ID or not WORK_WEIXIN_AGENT_SECRET or not WORK_WEIXIN_ACCESS_TOKEN_URL:
logger.error('work weixin base relevant settings invalid.')
logger.error('WORK_WEIXIN_CORP_ID: %s' % WORK_WEIXIN_CORP_ID)
logger.error('WORK_WEIXIN_AGENT_SECRET: %s' % WORK_WEIXIN_AGENT_SECRET)
logger.error('WORK_WEIXIN_ACCESS_TOKEN_URL: %s' % WORK_WEIXIN_ACCESS_TOKEN_URL)
return False
+
return True
def work_weixin_oauth_check():
""" use for work weixin login and profile bind
"""
- if not ENABLE_WORK_WEIXIN_OAUTH:
+ if not work_weixin_base_check():
return False
- else:
- if not work_weixin_base_check():
- return False
- if not WORK_WEIXIN_AGENT_ID \
- or not WORK_WEIXIN_GET_USER_INFO_URL \
- or not WORK_WEIXIN_AUTHORIZATION_URL \
- or not WORK_WEIXIN_GET_USER_PROFILE_URL:
- logger.error('work weixin oauth relevant settings invalid.')
- logger.error('WORK_WEIXIN_AGENT_ID: %s' % WORK_WEIXIN_AGENT_ID)
- logger.error('WORK_WEIXIN_GET_USER_INFO_URL: %s' % WORK_WEIXIN_GET_USER_INFO_URL)
- logger.error('WORK_WEIXIN_AUTHORIZATION_URL: %s' % WORK_WEIXIN_AUTHORIZATION_URL)
- logger.error('WORK_WEIXIN_GET_USER_PROFILE_URL: %s' % WORK_WEIXIN_GET_USER_PROFILE_URL)
- return False
+ if not WORK_WEIXIN_AGENT_ID \
+ or not WORK_WEIXIN_GET_USER_INFO_URL \
+ or not WORK_WEIXIN_AUTHORIZATION_URL \
+ or not WORK_WEIXIN_GET_USER_PROFILE_URL:
+ logger.error('work weixin oauth relevant settings invalid.')
+ logger.error('WORK_WEIXIN_AGENT_ID: %s' % WORK_WEIXIN_AGENT_ID)
+ logger.error('WORK_WEIXIN_GET_USER_INFO_URL: %s' % WORK_WEIXIN_GET_USER_INFO_URL)
+ logger.error('WORK_WEIXIN_AUTHORIZATION_URL: %s' % WORK_WEIXIN_AUTHORIZATION_URL)
+ logger.error('WORK_WEIXIN_GET_USER_PROFILE_URL: %s' % WORK_WEIXIN_GET_USER_PROFILE_URL)
+ return False
return True
@@ -101,18 +102,15 @@ def work_weixin_oauth_check():
def admin_work_weixin_departments_check():
""" use for admin work weixin departments
"""
- if not ENABLE_WORK_WEIXIN_DEPARTMENTS:
+ if not work_weixin_base_check():
return False
- else:
- if not work_weixin_base_check():
- return False
- if not WORK_WEIXIN_DEPARTMENTS_URL \
- or not WORK_WEIXIN_DEPARTMENT_MEMBERS_URL:
- logger.error('admin work weixin departments relevant settings invalid.')
- logger.error('WORK_WEIXIN_DEPARTMENTS_URL: %s' % WORK_WEIXIN_DEPARTMENTS_URL)
- logger.error('WORK_WEIXIN_DEPARTMENT_MEMBERS_URL: %s' % WORK_WEIXIN_DEPARTMENT_MEMBERS_URL)
- return False
+ if not WORK_WEIXIN_DEPARTMENTS_URL \
+ or not WORK_WEIXIN_DEPARTMENT_MEMBERS_URL:
+ logger.error('admin work weixin departments relevant settings invalid.')
+ logger.error('WORK_WEIXIN_DEPARTMENTS_URL: %s' % WORK_WEIXIN_DEPARTMENTS_URL)
+ logger.error('WORK_WEIXIN_DEPARTMENT_MEMBERS_URL: %s' % WORK_WEIXIN_DEPARTMENT_MEMBERS_URL)
+ return False
return True
@@ -120,18 +118,15 @@ def admin_work_weixin_departments_check():
def work_weixin_notifications_check():
""" use for send work weixin notifications
"""
- if not ENABLE_WORK_WEIXIN_NOTIFICATIONS:
+ if not work_weixin_base_check():
return False
- else:
- if not work_weixin_base_check():
- return False
- if not WORK_WEIXIN_AGENT_ID \
- or not WORK_WEIXIN_NOTIFICATIONS_URL:
- logger.error('work weixin notifications relevant settings invalid.')
- logger.error('WORK_WEIXIN_AGENT_ID: %s' % WORK_WEIXIN_AGENT_ID)
- logger.error('WORK_WEIXIN_NOTIFICATIONS_URL: %s' % WORK_WEIXIN_NOTIFICATIONS_URL)
- return False
+ if not WORK_WEIXIN_AGENT_ID \
+ or not WORK_WEIXIN_NOTIFICATIONS_URL:
+ logger.error('work weixin notifications relevant settings invalid.')
+ logger.error('WORK_WEIXIN_AGENT_ID: %s' % WORK_WEIXIN_AGENT_ID)
+ logger.error('WORK_WEIXIN_NOTIFICATIONS_URL: %s' % WORK_WEIXIN_NOTIFICATIONS_URL)
+ return False
return True