From c32ce41ce387a90df999ef62ed282eb6d705c2c4 Mon Sep 17 00:00:00 2001 From: lian Date: Mon, 10 Jul 2023 15:48:34 +0800 Subject: [PATCH] add `invisible` permission for folder permission (#5538) --- ...b-sub-folder-set-user-permission-dialog.js | 2 +- frontend/src/utils/utils.js | 6 +++++ seahub/api2/endpoints/dir.py | 7 ++++++ seahub/api2/views.py | 11 +++++++- seahub/constants.py | 1 + seahub/repo_api_tokens/utils.py | 25 +++++++++++++------ seahub/utils/repo.py | 4 +-- 7 files changed, 44 insertions(+), 12 deletions(-) diff --git a/frontend/src/components/dialog/lib-sub-folder-set-user-permission-dialog.js b/frontend/src/components/dialog/lib-sub-folder-set-user-permission-dialog.js index d32eebbb3a..dc343372d2 100644 --- a/frontend/src/components/dialog/lib-sub-folder-set-user-permission-dialog.js +++ b/frontend/src/components/dialog/lib-sub-folder-set-user-permission-dialog.js @@ -96,7 +96,7 @@ class LibSubFolderSetUserPermissionDialog extends React.Component { if (!isPro) { this.permissions = ['r', 'rw']; } else { - this.permissions = ['r', 'rw', 'cloud-edit', 'preview']; + this.permissions = ['r', 'rw', 'cloud-edit', 'preview', 'invisible']; } } diff --git a/frontend/src/utils/utils.js b/frontend/src/utils/utils.js index db29bf6fb5..e6eebcf25f 100644 --- a/frontend/src/utils/utils.js +++ b/frontend/src/utils/utils.js @@ -664,6 +664,9 @@ export const Utils = { case 'preview': title = gettext('Online Read-Only'); break; + case 'invisible': + title = gettext('Invisible'); + break; } return title; }, @@ -686,6 +689,9 @@ export const Utils = { case 'preview': title = gettext('User can only view files online via browser. Files can\'t be downloaded.'); break; + case 'invisible': + title = gettext('User can not see this folder.'); + break; } return title; }, diff --git a/seahub/api2/endpoints/dir.py b/seahub/api2/endpoints/dir.py index 7329ad8010..7508e4b0be 100644 --- a/seahub/api2/endpoints/dir.py +++ b/seahub/api2/endpoints/dir.py @@ -28,6 +28,7 @@ from seahub.base.models import UserStarredFiles from seahub.base.templatetags.seahub_tags import email2nickname, \ email2contact_email from seahub.utils.repo import parse_repo_perm +from seahub.constants import PERMISSION_INVISIBLE from seahub.settings import ENABLE_VIDEO_THUMBNAIL, THUMBNAIL_ROOT @@ -59,8 +60,14 @@ def get_dir_file_info_list(username, request_type, repo_obj, parent_dir, # only get dir info list if not request_type or request_type == 'd': + dir_list = [dirent for dirent in dir_file_list if stat.S_ISDIR(dirent.mode)] + for dirent in dir_list: + + if dirent.permission == PERMISSION_INVISIBLE: + continue + dir_info = {} dir_info["type"] = "dir" dir_info["id"] = dirent.obj_id diff --git a/seahub/api2/views.py b/seahub/api2/views.py index 9b671cc51d..7b383b79ed 100644 --- a/seahub/api2/views.py +++ b/seahub/api2/views.py @@ -49,7 +49,8 @@ from seahub.share.utils import is_repo_admin, check_group_share_in_permission, n from seahub.base.templatetags.seahub_tags import email2nickname, \ translate_seahub_time, translate_commit_desc_escape, \ email2contact_email -from seahub.constants import PERMISSION_READ_WRITE, PERMISSION_PREVIEW_EDIT +from seahub.constants import PERMISSION_READ_WRITE, PERMISSION_PREVIEW_EDIT, \ + PERMISSION_INVISIBLE from seahub.group.views import remove_group_common, \ rename_group_with_new_name, is_group_staff from seahub.group.utils import BadGroupNameError, ConflictGroupNameError, \ @@ -2058,6 +2059,10 @@ def get_dir_file_recursively(username, repo_id, path, all_dirs): path_id, username, -1, -1) for dirent in dirs: + + if dirent.permission == PERMISSION_INVISIBLE: + continue + entry = {} if stat.S_ISDIR(dirent.mode): entry["type"] = 'dir' @@ -2126,6 +2131,10 @@ def get_dir_entrys_by_id(request, repo, path, dir_id, request_type=None): dir_list, file_list = [], [] for dirent in dirs: + + if dirent.permission == PERMISSION_INVISIBLE: + continue + entry = {} if stat.S_ISDIR(dirent.mode): dtype = "dir" diff --git a/seahub/constants.py b/seahub/constants.py index cd4198f801..cb57ca7772 100644 --- a/seahub/constants.py +++ b/seahub/constants.py @@ -16,6 +16,7 @@ PERMISSION_PREVIEW_EDIT = 'cloud-edit' # preview only with edit on the web PERMISSION_READ = 'r' PERMISSION_READ_WRITE = 'rw' PERMISSION_ADMIN = 'admin' +PERMISSION_INVISIBLE = 'invisible' CUSTOM_PERMISSION_PREFIX = 'custom' DEFAULT_ADMIN = 'default_admin' diff --git a/seahub/repo_api_tokens/utils.py b/seahub/repo_api_tokens/utils.py index 09cffc543d..85b88e2077 100644 --- a/seahub/repo_api_tokens/utils.py +++ b/seahub/repo_api_tokens/utils.py @@ -14,6 +14,7 @@ from seahub.utils import is_pro_version, FILEEXT_TYPE_MAP, IMAGE, XMIND, VIDEO from seahub.utils.file_tags import get_files_tags_in_dir from seahub.utils.repo import is_group_repo_staff, is_repo_owner from seahub.utils.timeutils import timestamp_to_isoformat_timestr +from seahub.constants import PERMISSION_INVISIBLE logger = logging.getLogger(__name__) json_content_type = 'application/json; charset=utf-8' @@ -38,7 +39,6 @@ def permission_check_admin_owner(request, username, repo_id): # maybe add more def get_dir_file_recursively(repo_id, path, all_dirs): is_pro = is_pro_version() - path_id = seafile_api.get_dir_id_by_path(repo_id, path) dirs = seafile_api.list_dir_by_path(repo_id, path, -1, -1) for dirent in dirs: @@ -65,7 +65,7 @@ def get_dir_file_recursively(repo_id, path, all_dirs): all_dirs.append(entry) # Use dict to reduce memcache fetch cost in large for-loop. - file_list = [item for item in all_dirs if item['type'] == 'file'] + file_list = [item for item in all_dirs if item['type'] == 'file'] contact_email_dict = {} nickname_dict = {} modifiers_set = {x['modifier_email'] for x in file_list} @@ -79,7 +79,6 @@ def get_dir_file_recursively(repo_id, path, all_dirs): e['modifier_contact_email'] = contact_email_dict.get(e['modifier_email'], '') e['modifier_name'] = nickname_dict.get(e['modifier_email'], '') - if stat.S_ISDIR(dirent.mode): sub_path = posixpath.join(path, dirent.obj_name) get_dir_file_recursively(repo_id, sub_path, all_dirs) @@ -88,7 +87,7 @@ def get_dir_file_recursively(repo_id, path, all_dirs): def get_dir_file_info_list(username, request_type, repo_obj, parent_dir, - with_thumbnail, thumbnail_size): + with_thumbnail, thumbnail_size): repo_id = repo_obj.id dir_info_list = [] @@ -96,12 +95,15 @@ def get_dir_file_info_list(username, request_type, repo_obj, parent_dir, # get dirent(folder and file) list parent_dir_id = seafile_api.get_dir_id_by_path(repo_id, parent_dir) - dir_file_list = seafile_api.list_dir_with_perm(repo_id, - parent_dir, parent_dir_id, username, -1, -1) + dir_file_list = seafile_api.list_dir_with_perm(repo_id, parent_dir, + parent_dir_id, username, + -1, -1) try: starred_items = UserStarredFiles.objects.filter(email=username, - repo_id=repo_id, path__startswith=parent_dir, org_id=-1) + repo_id=repo_id, + path__startswith=parent_dir, + org_id=-1) starred_item_path_list = [f.path.rstrip('/') for f in starred_items] except Exception as e: logger.error(e) @@ -109,8 +111,14 @@ def get_dir_file_info_list(username, request_type, repo_obj, parent_dir, # only get dir info list if not request_type or request_type == 'd': + dir_list = [dirent for dirent in dir_file_list if stat.S_ISDIR(dirent.mode)] + for dirent in dir_list: + + if dirent.permission == PERMISSION_INVISIBLE: + continue + dir_info = {} dir_info["type"] = "dir" dir_info["id"] = dirent.obj_id @@ -211,7 +219,8 @@ def get_dir_file_info_list(username, request_type, repo_obj, parent_dir, # Then web browser will use this src to get thumbnail instead of # recreating it. thumbnail_file_path = os.path.join(THUMBNAIL_ROOT, - str(thumbnail_size), file_obj_id) + str(thumbnail_size), + file_obj_id) if os.path.exists(thumbnail_file_path): src = get_thumbnail_src(repo_id, thumbnail_size, file_path) file_info['encoded_thumbnail_src'] = quote(src) diff --git a/seahub/utils/repo.py b/seahub/utils/repo.py index 1f97830fe2..ab0a257572 100644 --- a/seahub/utils/repo.py +++ b/seahub/utils/repo.py @@ -8,7 +8,7 @@ import seaserv from seaserv import seafile_api, ccnet_api from seahub.constants import ( - PERMISSION_PREVIEW, PERMISSION_PREVIEW_EDIT, + PERMISSION_PREVIEW, PERMISSION_PREVIEW_EDIT, PERMISSION_INVISIBLE, PERMISSION_READ, PERMISSION_READ_WRITE, PERMISSION_ADMIN, REPO_STATUS_NORMAL, REPO_STATUS_READ_ONLY, CUSTOM_PERMISSION_PREFIX ) @@ -44,7 +44,7 @@ def normalize_repo_status_str(status): def get_available_repo_perms(): perms = [PERMISSION_READ, PERMISSION_READ_WRITE, PERMISSION_ADMIN] if is_pro_version(): - perms += [PERMISSION_PREVIEW, PERMISSION_PREVIEW_EDIT] + perms += [PERMISSION_PREVIEW, PERMISSION_PREVIEW_EDIT, PERMISSION_INVISIBLE] return perms