[guest-user] add permission for guest user

disable generate shared link when user's role is GUEST
2025-08-06 09:34:00 +00:00 · 2015-06-12 16:04:10 +08:00 · 2015-06-12 16:04:10 +08:00 · d7cac0d24c
commit d7cac0d24c
parent 560a757e68
9 changed files with 40 additions and 4 deletions
--- a/seahub/api2/authentication.py
+++ b/seahub/api2/authentication.py
@ -70,6 +70,7 @@ class TokenAuthentication(BaseAuthentication):
            user.permissions.can_add_repo = lambda: False
            user.permissions.can_add_group = lambda: False
            user.permissions.can_view_org = lambda: False
            user.permissions.can_generate_shared_link = lambda: False
    def authenticate_v1(self, request, key):
        try:
--- a/seahub/api2/views.py
+++ b/seahub/api2/views.py
@ -787,6 +787,7 @@ class Repos(APIView):
        return Response(repos_json)
    def post(self, request, format=None):
        if not request.user.permissions.can_add_repo():
            return api_error(status.HTTP_403_FORBIDDEN,
                             'You do not have permission to create library.')
@ -1938,6 +1939,11 @@ class FileSharedLinkView(APIView):
    throttle_classes = (UserRateThrottle, )
    def put(self, request, repo_id, format=None):
        if not request.user.permissions.can_generate_shared_link():
            return api_error(status.HTTP_403_FORBIDDEN,
                             'You do not have permission to generate shared link.')
        # generate file shared link
        username = request.user.username
        path = unquote(request.DATA.get('p', '').encode('utf-8'))
--- a/seahub/base/accounts.py
+++ b/seahub/base/accounts.py
@ -104,6 +104,9 @@ class UserPermissions(object):
    def can_add_group(self):
        return True
    def can_generate_shared_link(self):
        return True
    def can_view_org(self):
        if MULTI_TENANCY:
            return True if self.user.org is not None else False
--- a/seahub/share/views.py
+++ b/seahub/share/views.py
@ -1367,6 +1367,12 @@ def ajax_get_upload_link(request):
        return HttpResponse(json.dumps(data), content_type=content_type)
    elif request.method == 'POST':
        if not request.user.permissions.can_generate_shared_link():
            err = _('You do not have permission to generate shared link')
            data = json.dumps({'error': err})
            return HttpResponse(data, status=403, content_type=content_type)
        repo_id = request.POST.get('repo_id', '')
        path = request.POST.get('p', '')
        use_passwd = True if int(request.POST.get('use_passwd', '0')) == 1 else False
@ -1433,6 +1439,12 @@ def ajax_get_download_link(request):
        return HttpResponse(json.dumps(data), content_type=content_type)
    elif request.method == 'POST':
        if not request.user.permissions.can_generate_shared_link():
            err = _('You do not have permission to generate shared link')
            data = json.dumps({'error': err})
            return HttpResponse(data, status=403, content_type=content_type)
        repo_id = request.POST.get('repo_id', '')
        share_type = request.POST.get('type', 'f')  # `f` or `d`
        path = request.POST.get('p', '')
--- a/seahub/templates/js/templates.html
+++ b/seahub/templates/js/templates.html
@ -132,7 +132,7 @@
    <button id="add-new-dir" class="op-btn">{% trans "New Folder" %}</button>
    <button id="add-new-file" class="op-btn">{% trans "New File" %}</button>
    <% } %>
-    <% if (!encrypted) { %>
+    <% if (!encrypted && can_generate_shared_link) { %>
    <button class="op-btn" id="share-cur-dir">{% trans "Share" %}</button>
    <% } %>
    <% if (path == '/') { %>
@ -205,7 +205,7 @@
        <div class="repo-file-op vh">
            <div class="displayed-op">
                <a class="op download" href="{{ SITE_ROOT }}repo/download_dir/<%= repo_id %>/?p=<% print(encodeURIComponent(dirent_path)); %>" title="{% trans "Download" %}"><img src="{{ MEDIA_URL }}img/download-orange.png" alt="" /></a>
-                <% if (!repo_encrypted) { %>
+                <% if (!repo_encrypted && can_generate_shared_link) { %>
                <a class="op share" href="#" title="{% trans "Share" %}"><img src="{{ MEDIA_URL }}img/share-orange.png" alt="" /></a>
                <% } %>
                <% if (dirent.perm == 'rw') { %>
@ -272,7 +272,7 @@
        <div class="repo-file-op vh">
            <div class="displayed-op">
                <a class="op download" href="{{ SITE_ROOT }}repo/<%= repo_id %>/<%= dirent.obj_id %>/download/?p=<% print(encodeURIComponent(dirent_path)); %>" title="{% trans "Download" %}"><img src="{{ MEDIA_URL }}img/download-orange.png" alt="" /></a>
-                <% if (!repo_encrypted) { %>
+                <% if (!repo_encrypted && can_generate_shared_link) { %>
                <a class="op share" href="#" title="{% trans "Share" %}"><img src="{{ MEDIA_URL }}img/share-orange.png" alt="" /></a>
                <% } %>
                <% if (dirent.perm == 'rw') { %>
--- a/seahub/templates/libraries.html
+++ b/seahub/templates/libraries.html
@ -56,7 +56,9 @@
            <li class="tab"><a href="#shared-libs/" class="a" id="shared-lib-tab">{% trans "Shared" %}</a></li>
        </ul>
        <div class="fright">
            {% if user.permissions.can_add_repo %}
            <button class="repo-create"><img src="{{ MEDIA_URL }}img/add.png" alt="" class="add vam" /><span class="vam">{% trans "New Library" %}</span></button>
            {% endif %}
            {% if sub_lib_enabled %}
            <button id="sub-lib-create" class="hide" title="{% trans "New Sub-library" %}"><img src="{{ MEDIA_URL }}img/add.png" alt="" class="add vam" /><span class="vam">{% trans "New Sub-library" %}</span></button>
            {% endif %}
@ -251,6 +253,7 @@ app["pageOptions"] = {
    username: "{{request.user.username}}",
    events_enabled: {% if events_enabled %} true {% else %} false {% endif %},
    can_add_repo: {% if user.permissions.can_add_repo %} true {% else %} false {% endif %},
    can_generate_shared_link: {% if user.permissions.can_generate_shared_link %} true {% else %} false {% endif %},
    is_staff: {% if request.user.is_staff %} true {% else %} false {% endif %},
    repo_password_min_length: {{ repo_password_min_length }},
    guide_enabled: {% if guide_enabled %} true {% else %} false {% endif %},
--- a/static/scripts/app/router.js
+++ b/static/scripts/app/router.js
@ -14,7 +14,7 @@ define([
    var Router = Backbone.Router.extend({
        routes: {
-            '': 'showMyRepos',
+            '': 'showRepos',
            'my-libs/': 'showMyRepos',
            'my-libs/lib/:repo_id(/*path)': 'showMyRepoDir',
            'my-sub-libs/': 'showMySubRepos',
@ -61,6 +61,15 @@ define([
            }
        },
        showRepos: function() {
            this.switchCurrentView(this.myHomeView);
            if (app.pageOptions.can_add_repo) {
                this.myHomeView.showMyRepos();
            } else {
                this.myHomeView.showSharedRepos();
            }
        },
        showMyRepos: function() {
            this.switchCurrentView(this.myHomeView);
            this.myHomeView.showMyRepos();
--- a/static/scripts/app/views/dir.js
+++ b/static/scripts/app/views/dir.js
@ -273,6 +273,7 @@ define([
                    site_root: app.pageOptions.site_root,
                    is_repo_owner: dir.is_repo_owner,
                    is_virtual: dir.is_virtual,
                    can_generate_shared_link: app.pageOptions.can_generate_shared_link,
                    enable_upload_folder: app.pageOptions.enable_upload_folder
                })));
            },
--- a/static/scripts/app/views/dirent.js
+++ b/static/scripts/app/views/dirent.js
@ -38,6 +38,7 @@ define([
                category: dir.category,
                repo_id: dir.repo_id,
                is_repo_owner: dir.is_repo_owner,
                can_generate_shared_link: app.pageOptions.can_generate_shared_link,
                repo_encrypted: dir.encrypted
            }));
            return this;