haiwen/seahub
1
0
Fork 0
mirror of https://github.com/haiwen/seahub.git synced 2025-09-25 14:50:29 +00:00
Code Issues Releases Wiki Activity

trans dept repo to user (#8142)

Browse Source
This commit is contained in:
lian
2025-08-15 17:30:55 +08:00
committed by GitHub
parent 7fb5486b66
commit ae01c6c140
3 changed files with 91 additions and 85 deletions
Download Patch File Download Diff File Expand all files Collapse all files

52
frontend/src/components/dialog/transfer-dialog.js
View File

@@ -1,4 +1,4 @@
import React from 'react';
import React, { Fragment } from 'react';
import PropTypes from 'prop-types';
import { Button, Modal, ModalBody, ModalFooter,
Nav, NavItem, NavLink, TabContent, TabPane, Label } from 'reactstrap';
@@ -39,7 +39,7 @@ class TransferDialog extends React.Component {
transferToUser: true,
transferToGroup: false,
reshare: false,
activeTab: !this.props.isDepAdminTransfer ? TRANS_USER : TRANS_DEPART
activeTab: TRANS_USER
};
}
@@ -153,33 +153,29 @@ class TransferDialog extends React.Component {
}
}
return (
<>
<Fragment>
<div className="transfer-dialog-side">
<Nav pills>
{!this.props.isDepAdminTransfer &&
<NavItem role="tab" aria-selected={activeTab === TRANS_USER} aria-controls="transfer-user-panel">
<NavLink
className={activeTab === TRANS_USER ? 'active' : ''}
onClick={(this.toggle.bind(this, TRANS_USER))}
tabIndex="0"
onKeyDown={this.onTabKeyDown}
>
{gettext('Transfer to user')}
</NavLink>
</NavItem>
}
{isPro &&
<NavItem role="tab" aria-selected={activeTab === TRANS_DEPART} aria-controls="transfer-depart-panel">
<NavLink
className={activeTab === TRANS_DEPART ? 'active' : ''}
onClick={this.toggle.bind(this, TRANS_DEPART)}
tabIndex="0"
onKeyDown={this.onTabKeyDown}
>
{gettext('Transfer to department')}
</NavLink>
</NavItem>
}
<NavItem role="tab" aria-selected={activeTab === TRANS_USER} aria-controls="transfer-user-panel">
<NavLink
className={activeTab === TRANS_USER ? 'active' : ''}
onClick={(this.toggle.bind(this, TRANS_USER))}
tabIndex="0"
onKeyDown={this.onTabKeyDown}
>
{gettext('Transfer to user')}
</NavLink>
</NavItem>
<NavItem role="tab" aria-selected={activeTab === TRANS_DEPART} aria-controls="transfer-depart-panel">
<NavLink
className={activeTab === TRANS_DEPART ? 'active' : ''}
onClick={this.toggle.bind(this, TRANS_DEPART)}
tabIndex="0"
onKeyDown={this.onTabKeyDown}
>
{gettext('Transfer to department')}
</NavLink>
</NavItem>
</Nav>
</div>
<div className="transfer-dialog-main">
@@ -238,7 +234,7 @@ class TransferDialog extends React.Component {
<Button color="primary" onClick={this.submit} disabled={buttonDisabled}>{gettext('Submit')}</Button>
</ModalFooter>
</div>
</>
</Fragment>
);
};

117
seahub/api2/endpoints/group_owned_libraries.py
View File

@@ -25,7 +25,6 @@ from seahub.base.templatetags.seahub_tags import email2nickname, \
email2contact_email
from seahub.base.accounts import User
from seahub.organizations.models import OrgAdminSettings, DISABLE_ORG_ENCRYPTED_LIBRARY
from seahub.organizations.views import org_user_exists
from seahub.signals import repo_created
from seahub.group.utils import is_group_admin, is_group_member
from seahub.utils import is_valid_dirent_name, is_org_context, \
@@ -109,7 +108,9 @@ class GroupOwnedLibraries(APIView):
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if org_id and org_id > 0:
disable_encrypted_library = OrgAdminSettings.objects.filter(org_id=org_id, key=DISABLE_ORG_ENCRYPTED_LIBRARY).first()
disable_encrypted_library = OrgAdminSettings.objects.filter(
org_id=org_id,
key=DISABLE_ORG_ENCRYPTED_LIBRARY).first()
if (disable_encrypted_library is not None) and int(disable_encrypted_library.value):
return None, api_error(status.HTTP_403_FORBIDDEN,
'NOT allow to create encrypted library.')
@@ -1426,67 +1427,75 @@ class GroupOwnedLibraryTransferView(APIView):
Permission checking:
1. is group admin;
"""
current_group_id = int(group_id)
username = request.user.username
# argument check
new_owner = request.data.get('email', None)
is_share = request.data.get('reshare', False)
if not new_owner:
error_msg = 'Email invalid.'
error_msg = 'Email invalid'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if '@seafile_group' not in new_owner:
error_msg = 'Email invalid.'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
new_group_id = int(new_owner.split('@')[0])
if new_group_id == int(group_id):
error_msg = 'Cannot transfer to its owner'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
try:
new_group = ccnet_api.get_group(new_group_id)
except Exception as e:
logger.error(e)
error_msg = 'Internal Server Error'
return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, error_msg)
if not new_group:
error_msg = 'Group %d not found.' % group_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if new_group.creator_name != 'system admin':
error_msg = 'Group %d invalid' % group_id
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
username = request.user.username
if not is_group_member(new_group_id, username):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
if org_id:
org_id = int(org_id)
if not ccnet_api.get_org_by_id(org_id):
error_msg = 'Organization %s not found.' % org_id
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# permission check
if org_id:
repo_owner = seafile_api.get_org_repo_owner(repo_id)
else:
repo_owner = seafile_api.get_repo_owner(repo_id)
cur_group_id = int(group_id)
if not is_group_admin(cur_group_id, username):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# resource check
repo = seafile_api.get_repo(repo_id)
if not repo:
error_msg = 'Library %s not found.' % repo_id
if not ccnet_api.get_group(current_group_id):
error_msg = f'Group {group_id} not found'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not seafile_api.get_repo(repo_id):
error_msg = f'Library {repo_id} not found'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if not seafile_api.get_group_shared_repo_by_path(repo_id, None,
group_id,
org_id is not None):
error_msg = f'Library {repo_id} not belongs to group {group_id}'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if org_id and not ccnet_api.get_org_by_id(org_id):
error_msg = f'Organization {org_id} not found'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# permission check
if not is_group_admin(current_group_id, username):
error_msg = 'Permission denied'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
# transfer to department
if '@seafile_group' in new_owner:
new_group_id = int(new_owner.split('@')[0])
if new_group_id == current_group_id:
error_msg = 'Cannot transfer to its owner'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
new_group = ccnet_api.get_group(new_group_id)
if not new_group:
error_msg = f'Group {group_id} not found'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if new_group.creator_name != 'system admin':
error_msg = f'Group {group_id} invalid'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if not is_group_member(new_group_id, username):
error_msg = 'Permission denied'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
else:
# transfer to user
try:
User.objects.get(email=new_owner)
except User.DoesNotExist:
error_msg = f'User {new_owner} not found'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
if org_id and not ccnet_api.org_user_exists(org_id, new_owner):
error_msg = f'User {new_owner} not found in organization {org_id}'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
# preparation before transfer repo
pub_repos = []
repo_owner = get_repo_owner(request, repo_id)
if org_id:
# get all org pub repos
pub_repos = seafile_api.list_org_inner_pub_repos_by_owner(
@@ -1495,6 +1504,7 @@ class GroupOwnedLibraryTransferView(APIView):
# get all pub repos
if not request.cloud_mode:
pub_repos = seafile_api.list_inner_pub_repos_by_owner(repo_owner)
# transfer repo
try:
transfer_repo(repo_id, new_owner, is_share, org_id)
@@ -1526,7 +1536,7 @@ class GroupOwnedLibraryTransferView(APIView):
if org_id:
seafile_api.set_org_inner_pub_repo(org_id, repo_id,
pub_repo.permission)
pub_repo.permission)
else:
seafile_api.add_inner_pub_repo(
repo_id, pub_repo.permission)
@@ -1534,4 +1544,3 @@ class GroupOwnedLibraryTransferView(APIView):
break
return Response({'success': True})

5
seahub/api2/endpoints/utils.py
View File

@@ -5,7 +5,6 @@ import time
import logging
import requests
import json
import os
import datetime
import urllib.request
import urllib.parse
@@ -57,7 +56,7 @@ def api_check_group(func):
def add_org_context(func):
def _decorated(view, request, *args, **kwargs):
if is_org_context(request):
org_id = request.user.org.org_id
org_id = int(request.user.org.org_id)
else:
org_id = None
return func(view, request, org_id=org_id, *args, **kwargs)
@@ -349,6 +348,7 @@ def event_import_status(task_id):
return resp
def delete_user_monitored_cache(params):
payload = {'exp': int(time.time()) + 300, }
token = jwt.encode(payload, SECRET_KEY, algorithm='HS256')
@@ -357,6 +357,7 @@ def delete_user_monitored_cache(params):
resp = requests.post(url, json=params, headers=headers)
return resp
def get_seafevents_metrics():
payload = {'exp': int(time.time()) + 300, }
token = jwt.encode(payload, SECRET_KEY, algorithm='HS256')