haiwen/seahub
1
0
Fork 0
mirror of https://github.com/haiwen/seahub.git synced 2025-09-26 15:26:19 +00:00
Code Issues Releases Wiki Activity

trans dept repo to user (#8142)

Browse Source
This commit is contained in:
lian
2025-08-15 17:30:55 +08:00
committed by GitHub
parent 7fb5486b66
commit ae01c6c140
3 changed files with 91 additions and 85 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
frontend/src/components/dialog/transfer-dialog.js
View File

@@ -1,4 +1,4 @@
import React from 'react'; import React, { Fragment } from 'react';
import PropTypes from 'prop-types'; import PropTypes from 'prop-types';
import { Button, Modal, ModalBody, ModalFooter, import { Button, Modal, ModalBody, ModalFooter,
Nav, NavItem, NavLink, TabContent, TabPane, Label } from 'reactstrap'; Nav, NavItem, NavLink, TabContent, TabPane, Label } from 'reactstrap';
@@ -39,7 +39,7 @@ class TransferDialog extends React.Component {
transferToUser: true, transferToUser: true,
transferToGroup: false, transferToGroup: false,
reshare: false, reshare: false,
activeTab: !this.props.isDepAdminTransfer ? TRANS_USER : TRANS_DEPART activeTab: TRANS_USER
}; };
} }
@@ -153,33 +153,29 @@ class TransferDialog extends React.Component {
} }
} }
return ( return (
<> <Fragment>
<div className="transfer-dialog-side"> <div className="transfer-dialog-side">
<Nav pills> <Nav pills>
{!this.props.isDepAdminTransfer && <NavItem role="tab" aria-selected={activeTab === TRANS_USER} aria-controls="transfer-user-panel">
<NavItem role="tab" aria-selected={activeTab === TRANS_USER} aria-controls="transfer-user-panel"> <NavLink
<NavLink className={activeTab === TRANS_USER ? 'active' : ''}
className={activeTab === TRANS_USER ? 'active' : ''} onClick={(this.toggle.bind(this, TRANS_USER))}
onClick={(this.toggle.bind(this, TRANS_USER))} tabIndex="0"
tabIndex="0" onKeyDown={this.onTabKeyDown}
onKeyDown={this.onTabKeyDown} >
> {gettext('Transfer to user')}
{gettext('Transfer to user')} </NavLink>
</NavLink> </NavItem>
</NavItem> <NavItem role="tab" aria-selected={activeTab === TRANS_DEPART} aria-controls="transfer-depart-panel">
} <NavLink
{isPro && className={activeTab === TRANS_DEPART ? 'active' : ''}
<NavItem role="tab" aria-selected={activeTab === TRANS_DEPART} aria-controls="transfer-depart-panel"> onClick={this.toggle.bind(this, TRANS_DEPART)}
<NavLink tabIndex="0"
className={activeTab === TRANS_DEPART ? 'active' : ''} onKeyDown={this.onTabKeyDown}
onClick={this.toggle.bind(this, TRANS_DEPART)} >
tabIndex="0" {gettext('Transfer to department')}
onKeyDown={this.onTabKeyDown} </NavLink>
> </NavItem>
{gettext('Transfer to department')}
</NavLink>
</NavItem>
}
</Nav> </Nav>
</div> </div>
<div className="transfer-dialog-main"> <div className="transfer-dialog-main">
@@ -238,7 +234,7 @@ class TransferDialog extends React.Component {
<Button color="primary" onClick={this.submit} disabled={buttonDisabled}>{gettext('Submit')}</Button> <Button color="primary" onClick={this.submit} disabled={buttonDisabled}>{gettext('Submit')}</Button>
</ModalFooter> </ModalFooter>
</div> </div>
</> </Fragment>
); );
}; };

119
seahub/api2/endpoints/group_owned_libraries.py
View File

@@ -25,7 +25,6 @@ from seahub.base.templatetags.seahub_tags import email2nickname, \
email2contact_email email2contact_email
from seahub.base.accounts import User from seahub.base.accounts import User
from seahub.organizations.models import OrgAdminSettings, DISABLE_ORG_ENCRYPTED_LIBRARY from seahub.organizations.models import OrgAdminSettings, DISABLE_ORG_ENCRYPTED_LIBRARY
from seahub.organizations.views import org_user_exists
from seahub.signals import repo_created from seahub.signals import repo_created
from seahub.group.utils import is_group_admin, is_group_member from seahub.group.utils import is_group_admin, is_group_member
from seahub.utils import is_valid_dirent_name, is_org_context, \ from seahub.utils import is_valid_dirent_name, is_org_context, \
@@ -109,7 +108,9 @@ class GroupOwnedLibraries(APIView):
return api_error(status.HTTP_403_FORBIDDEN, error_msg) return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if org_id and org_id > 0: if org_id and org_id > 0:
disable_encrypted_library = OrgAdminSettings.objects.filter(org_id=org_id, key=DISABLE_ORG_ENCRYPTED_LIBRARY).first() disable_encrypted_library = OrgAdminSettings.objects.filter(
org_id=org_id,
key=DISABLE_ORG_ENCRYPTED_LIBRARY).first()
if (disable_encrypted_library is not None) and int(disable_encrypted_library.value): if (disable_encrypted_library is not None) and int(disable_encrypted_library.value):
return None, api_error(status.HTTP_403_FORBIDDEN, return None, api_error(status.HTTP_403_FORBIDDEN,
'NOT allow to create encrypted library.') 'NOT allow to create encrypted library.')
@@ -1426,67 +1427,75 @@ class GroupOwnedLibraryTransferView(APIView):
Permission checking: Permission checking:
1. is group admin; 1. is group admin;
""" """
current_group_id = int(group_id)
username = request.user.username
# argument check # argument check
new_owner = request.data.get('email', None) new_owner = request.data.get('email', None)
is_share = request.data.get('reshare', False) is_share = request.data.get('reshare', False)
if not new_owner: if not new_owner:
error_msg = 'Email invalid.' error_msg = 'Email invalid'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg) return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if '@seafile_group' not in new_owner:
error_msg = 'Email invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
new_group_id = int(new_owner.split('@')[0])
if new_group_id == int(group_id):
error_msg = 'Cannot transfer to its owner'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
new_group = ccnet_api.get_group(new_group_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if not new_group:
error_msg = 'Group %d not found.' % group_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if new_group.creator_name != 'system admin':
error_msg = 'Group %d invalid' % group_id
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
username = request.user.username
if not is_group_member(new_group_id, username):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if org_id:
org_id = int(org_id)
if not ccnet_api.get_org_by_id(org_id):
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# permission check
if org_id:
repo_owner = seafile_api.get_org_repo_owner(repo_id)
else:
repo_owner = seafile_api.get_repo_owner(repo_id)
cur_group_id = int(group_id)
if not is_group_admin(cur_group_id, username):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# resource check # resource check
repo = seafile_api.get_repo(repo_id) if not ccnet_api.get_group(current_group_id):
if not repo: error_msg = f'Group {group_id} not found'
error_msg = 'Library %s not found.' % repo_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg) return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not seafile_api.get_repo(repo_id):
error_msg = f'Library {repo_id} not found'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not seafile_api.get_group_shared_repo_by_path(repo_id, None,
group_id,
org_id is not None):
error_msg = f'Library {repo_id} not belongs to group {group_id}'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if org_id and not ccnet_api.get_org_by_id(org_id):
error_msg = f'Organization {org_id} not found'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# permission check
if not is_group_admin(current_group_id, username):
error_msg = 'Permission denied'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# transfer to department
if '@seafile_group' in new_owner:
new_group_id = int(new_owner.split('@')[0])
if new_group_id == current_group_id:
error_msg = 'Cannot transfer to its owner'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
new_group = ccnet_api.get_group(new_group_id)
if not new_group:
error_msg = f'Group {group_id} not found'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if new_group.creator_name != 'system admin':
error_msg = f'Group {group_id} invalid'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if not is_group_member(new_group_id, username):
error_msg = 'Permission denied'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
else:
# transfer to user
try:
User.objects.get(email=new_owner)
except User.DoesNotExist:
error_msg = f'User {new_owner} not found'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if org_id and not ccnet_api.org_user_exists(org_id, new_owner):
error_msg = f'User {new_owner} not found in organization {org_id}'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# preparation before transfer repo # preparation before transfer repo
pub_repos = [] pub_repos = []
repo_owner = get_repo_owner(request, repo_id)
if org_id: if org_id:
# get all org pub repos # get all org pub repos
pub_repos = seafile_api.list_org_inner_pub_repos_by_owner( pub_repos = seafile_api.list_org_inner_pub_repos_by_owner(
@@ -1495,6 +1504,7 @@ class GroupOwnedLibraryTransferView(APIView):
# get all pub repos # get all pub repos
if not request.cloud_mode: if not request.cloud_mode:
pub_repos = seafile_api.list_inner_pub_repos_by_owner(repo_owner) pub_repos = seafile_api.list_inner_pub_repos_by_owner(repo_owner)
# transfer repo # transfer repo
try: try:
transfer_repo(repo_id, new_owner, is_share, org_id) transfer_repo(repo_id, new_owner, is_share, org_id)
@@ -1526,7 +1536,7 @@ class GroupOwnedLibraryTransferView(APIView):
if org_id: if org_id:
seafile_api.set_org_inner_pub_repo(org_id, repo_id, seafile_api.set_org_inner_pub_repo(org_id, repo_id,
pub_repo.permission) pub_repo.permission)
else: else:
seafile_api.add_inner_pub_repo( seafile_api.add_inner_pub_repo(
repo_id, pub_repo.permission) repo_id, pub_repo.permission)
@@ -1534,4 +1544,3 @@ class GroupOwnedLibraryTransferView(APIView):
break break
return Response({'success': True}) return Response({'success': True})

5
seahub/api2/endpoints/utils.py
View File

@@ -5,7 +5,6 @@ import time
import logging import logging
import requests import requests
import json import json
import os
import datetime import datetime
import urllib.request import urllib.request
import urllib.parse import urllib.parse
@@ -57,7 +56,7 @@ def api_check_group(func):
def add_org_context(func): def add_org_context(func):
def _decorated(view, request, *args, **kwargs): def _decorated(view, request, *args, **kwargs):
if is_org_context(request): if is_org_context(request):
org_id = request.user.org.org_id org_id = int(request.user.org.org_id)
else: else:
org_id = None org_id = None
return func(view, request, org_id=org_id, *args, **kwargs) return func(view, request, org_id=org_id, *args, **kwargs)
@@ -349,6 +348,7 @@ def event_import_status(task_id):
return resp return resp
def delete_user_monitored_cache(params): def delete_user_monitored_cache(params):
payload = {'exp': int(time.time()) + 300, } payload = {'exp': int(time.time()) + 300, }
token = jwt.encode(payload, SECRET_KEY, algorithm='HS256') token = jwt.encode(payload, SECRET_KEY, algorithm='HS256')
@@ -357,6 +357,7 @@ def delete_user_monitored_cache(params):
resp = requests.post(url, json=params, headers=headers) resp = requests.post(url, json=params, headers=headers)
return resp return resp
def get_seafevents_metrics(): def get_seafevents_metrics():
payload = {'exp': int(time.time()) + 300, } payload = {'exp': int(time.time()) + 300, }
token = jwt.encode(payload, SECRET_KEY, algorithm='HS256') token = jwt.encode(payload, SECRET_KEY, algorithm='HS256')