fix repo trash button (#6254)

* fix repo trash button

* optimize code

---------

Co-authored-by: 孙永强 <11704063+s-yongqiang@user.noreply.gitee.com>

frontend/src/repo-folder-trash.js

@@ -21,7 +21,8 @@ const {
   repoID,
   repoFolderName,
   path,
-  enableClean
+  enableClean,
+  isRepoAdmin
 } = window.app.pageOptions;
 
 class RepoFolderTrash extends React.Component {
@@ -203,7 +204,7 @@ class RepoFolderTrash extends React.Component {
                 </a>
                 <div className="d-flex justify-content-between align-items-center op-bar">
                   <p className="m-0 text-truncate d-flex"><span className="mr-1">{gettext('Current path: ')}</span>{showFolder ? this.renderFolderPath() : <span className="text-truncate" title={repoFolderName}>{repoFolderName}</span>}</p>
-                  {(path == '/' && enableClean && !showFolder) &&
+                  {(path == '/' && enableClean && !showFolder && isRepoAdmin) &&
                   <button className="btn btn-secondary clean flex-shrink-0 ml-4" onClick={this.cleanTrash}>{gettext('Clean')}</button>
                   }
                 </div>

seahub/api2/endpoints/repo_trash.py

@@ -14,7 +14,7 @@ from seahub.api2.utils import api_error
 
 from seahub.signals import clean_up_repo_trash
 from seahub.utils.timeutils import timestamp_to_isoformat_timestr
-from seahub.utils.repo import get_repo_owner
+from seahub.utils.repo import get_repo_owner, is_repo_admin
 from seahub.views import check_folder_permission
 from seahub.group.utils import is_group_admin
 from seahub.api2.endpoints.group_owned_libraries import get_group_id_by_repo_owner
@@ -229,13 +229,7 @@ class RepoTrash(APIView):
             error_msg = 'Permission denied.'
             return api_error(status.HTTP_403_FORBIDDEN, error_msg)
 
-        if '@seafile_group' in repo_owner:
+        if not is_repo_admin(username, repo_id):
-            group_id = get_group_id_by_repo_owner(repo_owner)
-            if not is_group_admin(group_id, username):
-                error_msg = 'Permission denied.'
-                return api_error(status.HTTP_403_FORBIDDEN, error_msg)
-        else:
-            if username != repo_owner:
             error_msg = 'Permission denied.'
             return api_error(status.HTTP_403_FORBIDDEN, error_msg)
 

seahub/templates/repo_folder_trash_react.html

@@ -15,7 +15,8 @@ window.app.pageOptions = {
   repoID: '{{repo.id}}',
   repoFolderName: '{{repo_folder_name|escapejs}}',
   path: '{{path|escapejs}}',
-  enableClean: {% if enable_clean %} true {% else %} false {% endif %}
+  enableClean: {% if enable_clean %} true {% else %} false {% endif %},
+  isRepoAdmin: {% if is_repo_admin %} true {% else %} false {% endif %}
 };
 </script>
 {% render_bundle 'repoFolderTrash' 'js' %}

seahub/views/__init__.py

@@ -22,7 +22,7 @@ from django.views.decorators.http import condition
 import seaserv
 from seaserv import get_repo, get_commits, \
     seafserv_threaded_rpc, is_repo_owner, \
-    get_file_size, seafile_api
+    get_file_size, seafile_api, ccnet_api
 from pysearpc import SearpcError
 
 from seahub.avatar.util import get_avatar_file_storage
@@ -46,7 +46,7 @@ from seahub.utils import render_permission_error, render_error, \
     is_windows_operating_system, get_file_history_suffix, IS_EMAIL_CONFIGURED, \
     normalize_file_path
 from seahub.utils.star import get_dir_starred_files
-from seahub.utils.repo import get_library_storages, parse_repo_perm
+from seahub.utils.repo import get_library_storages, parse_repo_perm, is_repo_admin
 from seahub.utils.file_op import check_file_lock
 from seahub.utils.timeutils import utc_to_local
 from seahub.utils.auth import get_login_bg_image_path
@@ -293,6 +293,7 @@ def get_unencry_rw_repos_by_user(request):
 @login_required
 def repo_folder_trash(request, repo_id):
     path = request.GET.get('path', '/')
+    username = request.user.username
 
     if not seafile_api.get_dir_id_by_path(repo_id, path) or \
         check_folder_permission(request, repo_id, path) != 'rw':
@@ -302,6 +303,8 @@ def repo_folder_trash(request, repo_id):
     if not repo:
         raise Http404
 
+    repo_admin = is_repo_admin(username, repo_id)
+
     if path == '/':
         name = repo.name
     else:
@@ -312,6 +315,7 @@ def repo_folder_trash(request, repo_id):
             'repo_folder_name': name,
             'path': path,
             'enable_clean': config.ENABLE_USER_CLEAN_TRASH,
+            'is_repo_admin': repo_admin
             })
 
 def can_access_repo_setting(request, repo_id, username):