update admin transfer group

2025-08-18 23:18:27 +00:00 · 2016-08-04 18:01:44 +08:00 · 2016-08-04 18:01:44 +08:00 · c7acdce7de
commit c7acdce7de
parent 72efe4f8ea
3 changed files with 9 additions and 42 deletions
--- a/seahub/api2/endpoints/admin/groups.py
+++ b/seahub/api2/endpoints/admin/groups.py
@ -1,21 +1,20 @@
 import logging
 from django.utils.translation import ugettext as _
 from rest_framework.authentication import SessionAuthentication
 from rest_framework.permissions import IsAdminUser
 from rest_framework.response import Response
 from rest_framework.views import APIView
 from rest_framework import status
 from django.utils.translation import ugettext as _
 from seaserv import seafile_api, ccnet_api
 from pysearpc import SearpcError
 from seahub.base.accounts import User
 from seahub.utils import is_valid_username
 from seahub.utils.timeutils import timestamp_to_isoformat_timestr
-from seahub.group.utils import is_group_member, is_group_admin, \
+from seahub.group.utils import is_group_member, is_group_admin
    is_group_owner
 from seahub.api2.utils import api_error
 from seahub.api2.throttling import UserRateThrottle
@ -103,11 +102,6 @@ class AdminGroup(APIView):
            error_msg = 'new_owner %s invalid.' % new_owner
            return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
        old_owner = request.data.get('old_owner', None)
        if not old_owner or not is_valid_username(old_owner):
            error_msg = 'old_owner %s invalid.' % old_owner
            return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
        # recourse check
        group_id = int(group_id) # Checked by URL Conf
        group = ccnet_api.get_group(group_id)
@ -123,16 +117,8 @@ class AdminGroup(APIView):
            error_msg = 'User %s not found.' % new_owner
            return api_error(status.HTTP_404_NOT_FOUND, error_msg)
        old_owner = group.creator_name
        if new_owner == old_owner:
            error_msg = 'new_owner %s is the same as old_owner %s.' % \
                    (new_owner, old_owner)
            return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
        if not is_group_owner(group_id, old_owner):
            error_msg = _(u'User %s is not group owner.') % old_owner
            return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
        if is_group_owner(group_id, new_owner):
            error_msg = _(u'User %s is already group owner.') % new_owner
            return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
--- a/static/scripts/sysadmin-app/views/group.js
+++ b/static/scripts/sysadmin-app/views/group.js
@ -93,8 +93,7 @@ define([
                    dataType: 'json',
                    beforeSend: Common.prepareCSRFToken,
                    data: {
-                        'new_owner': email,
+                        'new_owner': email
                        'old_owner': cur_owner
                    },
                    success: function() {
                        $.modal.close();
--- a/tests/api/endpoints/admin/test_groups.py
+++ b/tests/api/endpoints/admin/test_groups.py
@ -37,7 +37,7 @@ class GroupTest(BaseTestCase):
        self.login_as(self.admin)
        url = reverse('api-v2.1-admin-group', args=[self.group_id])
-        data = 'old_owner=%s&new_owner=%s' % (self.user_name, self.admin_name)
+        data = 'new_owner=%s' % self.admin_name
        resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
        self.assertEqual(200, resp.status_code)
@ -49,7 +49,7 @@ class GroupTest(BaseTestCase):
        self.login_as(self.user)
        url = reverse('api-v2.1-admin-group', args=[self.group_id])
-        data = 'old_owner=%s&new_owner=%s' % (self.user_name, self.admin_name)
+        data = 'new_owner=%s' % self.admin_name
        resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
        self.assertEqual(403, resp.status_code)
@ -58,33 +58,15 @@ class GroupTest(BaseTestCase):
        self.login_as(self.admin)
        # invalid old owner
        url = reverse('api-v2.1-admin-group', args=[self.group_id])
        data = 'invalid_old_owner=%s&new_owner=%s' % (self.user_name, self.admin_name)
        resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
        self.assertEqual(400, resp.status_code)
        # invalid new owner
        url = reverse('api-v2.1-admin-group', args=[self.group_id])
-        data = 'old_owner=%s&invalid_new_owner=%s' % (self.user_name, self.admin_name)
+        data = 'invalid_new_owner=%s' % self.admin_name
        resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
        self.assertEqual(400, resp.status_code)
        # new_owner is the same as old_owner
        url = reverse('api-v2.1-admin-group', args=[self.group_id])
        data = 'old_owner=%s&new_owner=%s' % (self.user_name, self.user_name)
        resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
        self.assertEqual(400, resp.status_code)
        # old_owner is not group owner.
        url = reverse('api-v2.1-admin-group', args=[self.group_id])
        data = 'old_owner=%s&new_owner=%s' % (self.admin_name, self.admin_name)
        resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
        self.assertEqual(400, resp.status_code)
        # new owner not exist
        url = reverse('api-v2.1-admin-group', args=[self.group_id])
-        data = 'old_owner=%s&new_owner=%s' % (self.user_name, 'invalid@user.com')
+        data = 'new_owner=invalid@email.com'
        resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
        self.assertEqual(404, resp.status_code)