mirror of
https://github.com/haiwen/seahub.git
synced 2025-09-06 17:33:18 +00:00
ADD: generate repo-api-token for department (#4233)
This commit is contained in:
Alex Happy
Daniel Pan
@@ -13,6 +13,7 @@ import Rename from '../rename';
|
|||||||
import { seafileAPI } from '../../utils/seafile-api';
|
import { seafileAPI } from '../../utils/seafile-api';
|
||||||
import LibHistorySettingDialog from '../dialog/lib-history-setting-dialog';
|
import LibHistorySettingDialog from '../dialog/lib-history-setting-dialog';
|
||||||
import toaster from '../toast';
|
import toaster from '../toast';
|
||||||
|
import RepoAPITokenDialog from "../dialog/repo-api-token-dialog";
|
||||||
|
|
||||||
const propTypes = {
|
const propTypes = {
|
||||||
currentGroup: PropTypes.object,
|
currentGroup: PropTypes.object,
|
||||||
@@ -41,6 +42,7 @@ class SharedRepoListItem extends React.Component {
|
|||||||
isFolderPermissionDialogOpen: false,
|
isFolderPermissionDialogOpen: false,
|
||||||
isHistorySettingDialogShow: false,
|
isHistorySettingDialogShow: false,
|
||||||
isDeleteDialogShow: false,
|
isDeleteDialogShow: false,
|
||||||
|
isAPITokenDialogShow: false,
|
||||||
};
|
};
|
||||||
this.isDeparementOnwerGroupMember = false;
|
this.isDeparementOnwerGroupMember = false;
|
||||||
}
|
}
|
||||||
@@ -130,6 +132,9 @@ class SharedRepoListItem extends React.Component {
|
|||||||
case 'History Setting':
|
case 'History Setting':
|
||||||
this.onHistorySettingToggle();
|
this.onHistorySettingToggle();
|
||||||
break;
|
break;
|
||||||
|
case 'API Token':
|
||||||
|
this.onAPITokenToggle();
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@@ -181,6 +186,10 @@ class SharedRepoListItem extends React.Component {
|
|||||||
this.setState({isShowSharedDialog: false});
|
this.setState({isShowSharedDialog: false});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
onAPITokenToggle = () => {
|
||||||
|
this.setState({isAPITokenDialogShow: !this.state.isAPITokenDialogShow});
|
||||||
|
}
|
||||||
|
|
||||||
translateMenuItem = (menuItem) => {
|
translateMenuItem = (menuItem) => {
|
||||||
let translateResult = '';
|
let translateResult = '';
|
||||||
switch(menuItem) {
|
switch(menuItem) {
|
||||||
@@ -202,6 +211,9 @@ class SharedRepoListItem extends React.Component {
|
|||||||
case 'History Setting':
|
case 'History Setting':
|
||||||
translateResult = gettext('History Setting');
|
translateResult = gettext('History Setting');
|
||||||
break;
|
break;
|
||||||
|
case 'API Token':
|
||||||
|
translateResult = gettext('API Token');
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
@@ -225,6 +237,7 @@ class SharedRepoListItem extends React.Component {
|
|||||||
} else {
|
} else {
|
||||||
operations = ['Rename', 'Details'];
|
operations = ['Rename', 'Details'];
|
||||||
}
|
}
|
||||||
|
operations.push('API Token');
|
||||||
} else {
|
} else {
|
||||||
operations.push('Unshare');
|
operations.push('Unshare');
|
||||||
}
|
}
|
||||||
@@ -430,6 +443,14 @@ class SharedRepoListItem extends React.Component {
|
|||||||
/>
|
/>
|
||||||
</ModalPortal>
|
</ModalPortal>
|
||||||
)}
|
)}
|
||||||
|
{this.state.isAPITokenDialogShow && (
|
||||||
|
<ModalPortal>
|
||||||
|
<RepoAPITokenDialog
|
||||||
|
repo={repo}
|
||||||
|
onRepoAPITokenToggle={this.onAPITokenToggle}
|
||||||
|
/>
|
||||||
|
</ModalPortal>
|
||||||
|
)}
|
||||||
</Fragment>
|
</Fragment>
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -45,7 +45,7 @@ class RepoAPITokensView(APIView):
|
|||||||
|
|
||||||
# permission check
|
# permission check
|
||||||
username = request.user.username
|
username = request.user.username
|
||||||
if not permission_check_admin_owner(username, repo_id):
|
if not permission_check_admin_owner(username, repo_id, request):
|
||||||
error_msg = _('Permission denied.')
|
error_msg = _('Permission denied.')
|
||||||
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
|
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
|
||||||
|
|
||||||
@@ -73,7 +73,7 @@ class RepoAPITokensView(APIView):
|
|||||||
|
|
||||||
# permission check
|
# permission check
|
||||||
username = request.user.username
|
username = request.user.username
|
||||||
if not permission_check_admin_owner(username, repo_id):
|
if not permission_check_admin_owner(username, repo_id, request):
|
||||||
error_msg = _('Permission denied.')
|
error_msg = _('Permission denied.')
|
||||||
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
|
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
|
||||||
|
|
||||||
@@ -108,7 +108,7 @@ class RepoAPITokenView(APIView):
|
|||||||
|
|
||||||
username = request.user.username
|
username = request.user.username
|
||||||
# permission check
|
# permission check
|
||||||
if not permission_check_admin_owner(username, repo_id):
|
if not permission_check_admin_owner(username, repo_id, request):
|
||||||
error_msg = _('Permission denied.')
|
error_msg = _('Permission denied.')
|
||||||
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
|
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
|
||||||
|
|
||||||
@@ -139,7 +139,7 @@ class RepoAPITokenView(APIView):
|
|||||||
|
|
||||||
# permission check
|
# permission check
|
||||||
username = request.user.username
|
username = request.user.username
|
||||||
if not permission_check_admin_owner(username, repo_id):
|
if not permission_check_admin_owner(username, repo_id, request):
|
||||||
error_msg = _('Permission denied.')
|
error_msg = _('Permission denied.')
|
||||||
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
|
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
|
||||||
|
|
||||||
|
|||||||
@@ -12,14 +12,26 @@ from seahub.settings import ENABLE_VIDEO_THUMBNAIL, THUMBNAIL_ROOT
|
|||||||
from seahub.thumbnail.utils import get_thumbnail_src
|
from seahub.thumbnail.utils import get_thumbnail_src
|
||||||
from seahub.utils import is_pro_version, FILEEXT_TYPE_MAP, IMAGE, XMIND, VIDEO
|
from seahub.utils import is_pro_version, FILEEXT_TYPE_MAP, IMAGE, XMIND, VIDEO
|
||||||
from seahub.utils.file_tags import get_files_tags_in_dir
|
from seahub.utils.file_tags import get_files_tags_in_dir
|
||||||
|
from seahub.utils.repo import is_group_repo_staff
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
json_content_type = 'application/json; charset=utf-8'
|
json_content_type = 'application/json; charset=utf-8'
|
||||||
HTTP_520_OPERATION_FAILED = 520
|
HTTP_520_OPERATION_FAILED = 520
|
||||||
|
|
||||||
|
|
||||||
def permission_check_admin_owner(username, repo_id): # maybe add more complex logic in the future
|
def permission_check_admin_owner(username, repo_id, request=None): # maybe add more complex logic in the future
|
||||||
return username == seafile_api.get_repo_owner(repo_id)
|
"""
|
||||||
|
if repo is owned by user return true
|
||||||
|
or check whether repo is owned by group and whether user is group's staff
|
||||||
|
so finally the code is:
|
||||||
|
check user == repo's owner
|
||||||
|
else
|
||||||
|
check user is the such group's staff
|
||||||
|
"""
|
||||||
|
if username == seafile_api.get_repo_owner(repo_id):
|
||||||
|
return True
|
||||||
|
else:
|
||||||
|
return is_group_repo_staff(request, repo_id, username)
|
||||||
|
|
||||||
|
|
||||||
def get_dir_file_recursively(repo_id, path, all_dirs):
|
def get_dir_file_recursively(repo_id, path, all_dirs):
|
||||||
|
|||||||
Reference in New Issue
Block a user