diff --git a/seahub/api2/urls.py b/seahub/api2/urls.py index 4b3214b049..34fdbd45f0 100644 --- a/seahub/api2/urls.py +++ b/seahub/api2/urls.py @@ -40,6 +40,7 @@ urlpatterns = patterns('', url(r'^repos/(?P[-0-9-a-f]{36})/dir/$', DirView.as_view(), name='DirView'), url(r'^repos/(?P[-0-9-a-f]{36})/dir/sub_repo/$', DirSubRepoView.as_view()), url(r'^repos/(?P[-0-9-a-f]{36})/dir/share/$', DirShareView.as_view()), + url(r'^repos/(?P[-0-9-a-f]{36})/dir/shared_items/$', DirSharedItemsView.as_view()), url(r'^repos/(?P[-0-9-a-f]{36})/dir/download/$', DirDownloadView.as_view()), url(r'^repos/(?P[-0-9-a-f]{36})/thumbnail/$', ThumbnailView.as_view(), name='api2-thumbnail'), url(r'^starredfiles/', StarredFileView.as_view(), name='starredfiles'), diff --git a/seahub/api2/views.py b/seahub/api2/views.py index 6475e66738..46a8abd4c8 100644 --- a/seahub/api2/views.py +++ b/seahub/api2/views.py @@ -61,6 +61,7 @@ from seahub.views.modules import get_wiki_enabled_group_list from seahub.shortcuts import get_first_object_or_none from seahub.signals import repo_created, share_file_to_user_successful from seahub.share.models import PrivateFileDirShare, FileShare, OrgFileShare +from seahub.share.signals import share_repo_to_user_successful from seahub.share.views import list_shared_repos from seahub.utils import gen_file_get_url, gen_token, gen_file_upload_url, \ check_filename_with_rename, is_valid_username, EVENTS_ENABLED, \ @@ -2248,6 +2249,216 @@ class DirShareView(APIView): share_file_to_user_successful.send(sender=None, priv_share_obj=pfds) return HttpResponse(json.dumps({}), status=200, content_type=json_content_type) + +class DirSharedItemsView(APIView): + authentication_classes = (TokenAuthentication, SessionAuthentication) + permission_classes = (IsAuthenticated,) + throttle_classes = (UserRateThrottle, ) + + def list_user_shared_items(self, request, repo_id, path): + username = request.user.username + if path == '/': + share_items = seafile_api.list_repo_shared_to(username, repo_id) + else: + share_items = seafile_api.get_shared_users_for_subdir(repo_id, + path, username) + ret = [] + for item in share_items: + ret.append({ + "share_type": "user", + "user_info": { + "name": item.user, + "nickname": email2nickname(item.user), + }, + "perm": item.perm, + }) + return ret + + def list_group_shared_items(self, request, repo_id, path): + return [] + + def add_user_shared_item(self, request, repo_id, path): + pass + + def handle_shared_to_args(self, request): + share_type = request.GET.get('share_type', None) + shared_to_user = False + shared_to_group = False + if share_type: + for e in share_type.split(','): + e = e.strip() + if e not in ['user', 'group']: + continue + if e == 'user': + shared_to_user = True + if e == 'group': + shared_to_group = True + else: + shared_to_user = True + shared_to_group = True + + return (shared_to_user, shared_to_group) + + def get_sub_repo_by_path(self, request, repo, path): + if path == '/': + raise Exception("Invalid path") + + # get or create sub repo + username = request.user.username + if is_org_context(request): + org_id = request.user.org.org_id + sub_repo = seaserv.seafserv_threaded_rpc.get_org_virtual_repo( + org_id, repo.id, path, username) + else: + sub_repo = seafile_api.get_virtual_repo(repo.id, path, username) + + return sub_repo + + def get_or_create_sub_repo_by_path(self, request, repo, path): + username = request.user.username + sub_repo = self.get_sub_repo_by_path(request, repo, path) + if not sub_repo: + name = os.path.basename(path) + # create a sub-lib, + # use name as 'repo_name' & 'repo_desc' for sub_repo + if is_org_context(request): + org_id = request.user.org.org_id + sub_repo_id = seaserv.seafserv_threaded_rpc.create_org_virtual_repo( + org_id, repo.id, path, name, name, username) + else: + sub_repo_id = seafile_api.create_virtual_repo(repo.id, path, + name, name, username) + sub_repo = seafile_api.get_repo(sub_repo_id) + + return sub_repo + + def get(self, request, repo_id, format=None): + repo = get_repo(repo_id) + if not repo: + return api_error(status.HTTP_400_BAD_REQUEST, 'Repo not found.') + + shared_to_user, shared_to_group = self.handle_shared_to_args(request) + + path = request.GET.get('p', '/') + if seafile_api.get_dir_id_by_path(repo.id, path) is None: + return api_error(status.HTTP_400_BAD_REQUEST, 'Directory not found.') + + ret = [] + if shared_to_user: + ret += self.list_user_shared_items(request, repo_id, path) + + if shared_to_group: + ret += self.list_group_shared_items(request, repo_id, path) + + return HttpResponse(json.dumps(ret), status=200, + content_type=json_content_type) + + def post(self, request, repo_id, format=None): + return HttpResponse(json.dumps([{'foo': 'bar'}]), status=200, + content_type=json_content_type) + + def put(self, request, repo_id, format=None): + username = request.user.username + repo = get_repo(repo_id) + if not repo: + return api_error(status.HTTP_400_BAD_REQUEST, 'Repo not found.') + + # TODO: perm check, quota check + + path = request.GET.get('p', '/') + if seafile_api.get_dir_id_by_path(repo.id, path) is None: + return api_error(status.HTTP_400_BAD_REQUEST, 'Directory not found.') + + if path != '/': + try: + sub_repo = self.get_sub_repo_by_path(request, repo, path) + except SearpcError as e: + logger.error(e) + return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, 'Failed to get sub repo') + else: + sub_repo = None + + share_type = request.DATA.get('share_type') + if share_type != 'user' and share_type != 'group': + return api_error(status.HTTP_400_BAD_REQUEST, 'Bad share type') + + permission = request.DATA.get('permission', 'r') + if permission not in ['r', 'rw']: + return api_error(status.HTTP_400_BAD_REQUEST, 'Bad permission') + + shared_repo = repo if path == '/' else sub_repo + success, failed = [], [] + if share_type == 'user': + share_to_users = request.DATA.getlist('username') + for to_user in share_to_users: + try: + if is_org_context(request): + org_id = request.user.org.org_id + # org_share_repo(org_id, shared_repo.id, username, to_user, permission) + else: + seafile_api.share_repo(shared_repo.repo_id, username, to_user, permission) + # send a signal when sharing repo successful + share_repo_to_user_successful.send(sender=None, + from_user=username, + to_user=to_user, + repo=shared_repo) + success.append(to_user) + except SearpcError as e: + logger.error(e) + failed.append(to_user) + continue + + if share_type == 'group': + pass + + return HttpResponse(json.dumps({ + "shared_success": success, + "shared_failed": failed + }), status=200, content_type=json_content_type) + + def delete(self, request, repo_id, format=None): + username = request.user.username + repo = get_repo(repo_id) + if not repo: + return api_error(status.HTTP_400_BAD_REQUEST, 'Repo not found.') + + shared_to_user, shared_to_group = self.handle_shared_to_args(request) + + path = request.GET.get('p', '/') + if seafile_api.get_dir_id_by_path(repo.id, path) is None: + return api_error(status.HTTP_400_BAD_REQUEST, 'Directory not found.') + + if path == '/': + shared_repo = repo + else: + try: + sub_repo = self.get_sub_repo_by_path(request, repo, path) + if sub_repo: + shared_repo = sub_repo + else: + return api_error(status.HTTP_400_BAD_REQUEST, 'No sub repo found') + except SearpcError as e: + logger.error(e) + return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, 'Failed to get sub repo') + + if shared_to_user: + shared_to = request.GET.get('username') + if shared_to is None or not is_valid_username(shared_to): + return api_error(status.HTTP_400_BAD_REQUEST, 'Bad argument.') + + if is_org_context(request): + org_id = request.user.org.org_id + # org_remove_share(org_id, repo_id, from_email, shared_to) + else: + seaserv.remove_share(shared_repo.id, username, shared_to) + + if shared_to_group: + pass + + return HttpResponse(json.dumps([{'success': True}]), status=200, + content_type=json_content_type) + + class DirSubRepoView(APIView): authentication_classes = (TokenAuthentication, ) permission_classes = (IsAuthenticated,) diff --git a/seahub/test_utils.py b/seahub/test_utils.py index feb71a2fb7..28b56ccb97 100644 --- a/seahub/test_utils.py +++ b/seahub/test_utils.py @@ -54,7 +54,9 @@ class Fixtures(Exam): return User.objects.create_user(password='secret', **kwargs) - def remove_user(self, email, source="DB"): + def remove_user(self, email=None, source="DB"): + if not email: + email = self.user.username ccnet_threaded_rpc.remove_emailuser(email, source) def create_repo(self, **kwargs): @@ -62,8 +64,10 @@ class Fixtures(Exam): 'test@test.com', None) return repo_id - def remove_repo(self): - return seafile_api.remove_repo(self.repo.id) + def remove_repo(self, repo_id=None): + if not repo_id: + repo_id = self.repo.id + return seafile_api.remove_repo(repo_id) def create_file(self, **kwargs): seafile_api.post_empty_file(**kwargs) diff --git a/tests/api/test_shares.py b/tests/api/test_shares.py index 267cfceb6f..cbaec300b8 100644 --- a/tests/api/test_shares.py +++ b/tests/api/test_shares.py @@ -1,5 +1,12 @@ #coding: UTF-8 +import json +from django.core.urlresolvers import reverse +from django.test import TestCase + +from seaserv import seafile_api + +from seahub.test_utils import Fixtures from tests.common.utils import urljoin from tests.api.apitestbase import ApiTestBase from tests.api.urls import SHARED_LINKS_URL, SHARED_LIBRARIES_URL, \ @@ -28,3 +35,92 @@ class SharesApiTest(ApiTestBase): self.assertIsNotNone(fileshare['token']) self.assertIsNotNone(fileshare['view_cnt']) self.assertIsNotNone(fileshare['path']) + + +class DirSharedItemsTest(TestCase, Fixtures): + def setUp(self): + self.folder_path = self.folder + sub_repo_id = seafile_api.create_virtual_repo(self.repo.id, + self.folder_path, + self.repo.name, '', + self.user.username) + # A user shares a folder to admin with permission 'rw. + seafile_api.share_repo(sub_repo_id, self.user.username, + self.admin.username, 'rw') + + def tearDown(self): + self.remove_repo() + + def _login_as(self, user): + self.client.post( + reverse('auth_login'), {'username': self.user.username, + 'password': 'secret'} + ) + + def test_can_list_all(self): + self._login_as(self.user) + + resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user,group' % ( + self.repo.id, + self.folder_path)) + + self.assertEqual(200, resp.status_code) + json_resp = json.loads(resp.content) + assert len(json_resp) == 1 + assert self.admin.username == json_resp[0]['user_info']['name'] + + def test_can_list_without_share_type_arg(self): + self._login_as(self.user) + + resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s' % ( + self.repo.id, + self.folder_path)) + + self.assertEqual(200, resp.status_code) + json_resp = json.loads(resp.content) + assert len(json_resp) == 1 + assert self.admin.username == json_resp[0]['user_info']['name'] + + def test_can_add(self): + self._login_as(self.user) + + resp = self.client.put( + '/api2/repos/%s/dir/shared_items/?p=%s' % (self.repo.id, + self.folder_path), + "share_type=user&username=a@a.com&username=b@b.com", + 'application/x-www-form-urlencoded', + ) + self.assertEqual(200, resp.status_code) + json_resp = json.loads(resp.content) + assert 'a@a.com' in json_resp['shared_success'] + assert 'b@b.com' in json_resp['shared_success'] + + def test_can_update(self): + self._login_as(self.user) + + resp = self.client.post('/api2/repos/%s/dir/shared_items/?p=%s' % ( + self.repo.id, + self.folder_path), { + + } + ) + print resp + + def test_can_delete(self): + self._login_as(self.user) + + resp = self.client.delete('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user&username=%s' % ( + self.repo.id, + self.folder_path, + self.admin.username + )) + self.assertEqual(200, resp.status_code) + json_resp = json.loads(resp.content) + assert json_resp[0]['success'] is True + + resp = self.client.get('/api2/repos/%s/dir/shared_items/?p=%s&share_type=user,group' % ( + self.repo.id, + self.folder_path)) + + json_resp = json.loads(resp.content) + assert len(json_resp) == 0