can set sub-path permission with admin (#1962)

* can set sub-path permission with admin

* fixup after rebase

tests/api/test_repo_group_folder_perm.py

@@ -23,8 +23,24 @@ class RepoGroupFolderPermTest(BaseTestCase):
         self.remove_repo()
         self.remove_group()
 
-    def test_can_get_folder_perm(self):
+    def share_repo_to_admin_with_admin_permission(self):
+        # share user's repo to admin with 'admin' permission
+        self.logout()
+        self.login_as(self.user)
+        share_url = reverse('api2-dir-shared-items', kwargs=dict(repo_id=self.repo.id))
+        data = "share_type=user&permission=admin&username=%s" % self.admin.username
+        self.client.put(share_url, data, 'application/x-www-form-urlencoded')
+        self.logout()
 
+    def share_repo_to_group_with_admin_permission(self):
+        self.logout()
+        self.login_as(self.user)
+        share_group_url = reverse('api2-dir-shared-items', kwargs=dict(repo_id=self.repo.id))
+        data = "share_type=group&permission=admin&group_id=%s" % self.group.id
+        self.client.put(share_group_url, data, 'application/x-www-form-urlencoded')
+        self.logout()
+
+    def test_can_get_folder_perm(self):
         if not LOCAL_PRO_DEV_ENV:
             return
 
@@ -42,6 +58,43 @@ class RepoGroupFolderPermTest(BaseTestCase):
         assert json_resp[0]['permission'] == self.perm_r
         assert json_resp[0]['folder_path'] == self.user_folder_path
 
+    def test_can_get_folder_perm_with_admin(self):
+        if not LOCAL_PRO_DEV_ENV:
+            return
+        self.share_repo_to_admin_with_admin_permission()
+        self.login_as(self.admin)
+
+        seafile_api.add_folder_group_perm(self.user_repo_id,
+            self.user_folder_path, self.perm_r, self.group_id)
+        resp = self.client.get(reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]))
+        self.assertEqual(200, resp.status_code)
+
+        json_resp = json.loads(resp.content)
+        assert json_resp[0]['group_id'] == self.group_id
+        assert json_resp[0]['repo_id'] == self.user_repo_id
+        assert json_resp[0]['permission'] == self.perm_r
+        assert json_resp[0]['folder_path'] == self.user_folder_path
+
+    def test_can_get_folder_perm_with_admin_group(self):
+        if not LOCAL_PRO_DEV_ENV:
+            return
+        self.share_repo_to_group_with_admin_permission()
+        self.add_admin_to_group()
+        self.login_as(self.admin)
+
+        seafile_api.add_folder_group_perm(self.user_repo_id,
+            self.user_folder_path, self.perm_r, self.group_id)
+        resp = self.client.get(reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]))
+        self.assertEqual(200, resp.status_code)
+
+        json_resp = json.loads(resp.content)
+        assert json_resp[0]['group_id'] == self.group_id
+        assert json_resp[0]['repo_id'] == self.user_repo_id
+        assert json_resp[0]['permission'] == self.perm_r
+        assert json_resp[0]['folder_path'] == self.user_folder_path
+
+
+
     def test_can_not_get_if_not_repo_owner(self):
         self.login_as(self.admin)
         resp = self.client.get(reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]))
@@ -68,6 +121,47 @@ class RepoGroupFolderPermTest(BaseTestCase):
         json_resp = json.loads(resp.content)
         assert json_resp[0]['permission'] == self.perm_rw
 
+    def test_can_modify_folder_perm_with_admin(self):
+        if not LOCAL_PRO_DEV_ENV:
+            return
+        self.share_repo_to_admin_with_admin_permission()
+        self.login_as(self.admin)
+
+        seafile_api.add_folder_group_perm(self.user_repo_id,
+            self.user_folder_path, self.perm_r, self.group_id)
+
+        url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id])
+        data = 'group_id=%s&folder_path=%s&permission=%s' % (self.group_id,
+            self.user_folder_path, self.perm_rw)
+
+        resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
+        self.assertEqual(200, resp.status_code)
+
+        resp = self.client.get(reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]))
+        json_resp = json.loads(resp.content)
+        assert json_resp[0]['permission'] == self.perm_rw
+
+    def test_can_modify_folder_perm_with_admin_group(self):
+        if not LOCAL_PRO_DEV_ENV:
+            return
+        self.share_repo_to_group_with_admin_permission()
+        self.add_admin_to_group()
+        self.login_as(self.admin)
+
+        seafile_api.add_folder_group_perm(self.user_repo_id,
+            self.user_folder_path, self.perm_r, self.group_id)
+
+        url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id])
+        data = 'group_id=%s&folder_path=%s&permission=%s' % (self.group_id,
+            self.user_folder_path, self.perm_rw)
+
+        resp = self.client.put(url, data, 'application/x-www-form-urlencoded')
+        self.assertEqual(200, resp.status_code)
+
+        resp = self.client.get(reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]))
+        json_resp = json.loads(resp.content)
+        assert json_resp[0]['permission'] == self.perm_rw
+
     def test_can_not_modify_if_not_repo_owner(self):
         self.login_as(self.admin)
 
@@ -116,6 +210,53 @@ class RepoGroupFolderPermTest(BaseTestCase):
         assert json_resp[0]['permission'] == self.perm_rw
         assert json_resp[0]['folder_path'] == self.user_folder_path
 
+    def test_can_add_folder_perm_with_admin(self):
+        if not LOCAL_PRO_DEV_ENV:
+            return
+        self.share_repo_to_admin_with_admin_permission()
+        self.login_as(self.admin)
+
+        url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id])
+        data = {
+            "group_id": self.group_id,
+            "folder_path": self.user_folder_path,
+            "permission": self.perm_rw
+        }
+
+        resp = self.client.post(url, data)
+        self.assertEqual(200, resp.status_code)
+
+        resp = self.client.get(reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]))
+        json_resp = json.loads(resp.content)
+        assert json_resp[0]['group_id'] == self.group_id
+        assert json_resp[0]['repo_id'] == self.user_repo_id
+        assert json_resp[0]['permission'] == self.perm_rw
+        assert json_resp[0]['folder_path'] == self.user_folder_path
+
+    def test_can_add_folder_perm_with_admin_group(self):
+        if not LOCAL_PRO_DEV_ENV:
+            return
+        self.share_repo_to_group_with_admin_permission()
+        self.add_admin_to_group()
+        self.login_as(self.admin)
+
+        url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id])
+        data = {
+            "group_id": self.group_id,
+            "folder_path": self.user_folder_path,
+            "permission": self.perm_rw
+        }
+
+        resp = self.client.post(url, data)
+        self.assertEqual(200, resp.status_code)
+
+        resp = self.client.get(reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]))
+        json_resp = json.loads(resp.content)
+        assert json_resp[0]['group_id'] == self.group_id
+        assert json_resp[0]['repo_id'] == self.user_repo_id
+        assert json_resp[0]['permission'] == self.perm_rw
+        assert json_resp[0]['folder_path'] == self.user_folder_path
+
     def test_can_not_add_if_not_repo_owner(self):
         self.login_as(self.admin)
 
@@ -175,6 +316,51 @@ class RepoGroupFolderPermTest(BaseTestCase):
         json_resp = json.loads(resp.content)
         assert len(json_resp) == 0
 
+    def test_can_delete_folder_perm_with_admin(self):
+        if not LOCAL_PRO_DEV_ENV:
+            return
+        self.share_repo_to_admin_with_admin_permission()
+        self.login_as(self.admin)
+
+        seafile_api.add_folder_group_perm(self.user_repo_id,
+            self.user_folder_path, self.perm_r, self.group_id)
+
+        resp = self.client.get(reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]))
+        json_resp = json.loads(resp.content)
+        assert len(json_resp) == 1
+
+        url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id])
+        data = 'group_id=%s&folder_path=%s' % (self.group_id, self.user_folder_path)
+        resp = self.client.delete(url, data, 'application/x-www-form-urlencoded')
+        self.assertEqual(200, resp.status_code)
+
+        resp = self.client.get(reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]))
+        json_resp = json.loads(resp.content)
+        assert len(json_resp) == 0
+
+    def test_can_delete_folder_perm_with_admin_group(self):
+        if not LOCAL_PRO_DEV_ENV:
+            return
+        self.share_repo_to_group_with_admin_permission()
+        self.add_admin_to_group()
+        self.login_as(self.admin)
+
+        seafile_api.add_folder_group_perm(self.user_repo_id,
+            self.user_folder_path, self.perm_r, self.group_id)
+
+        resp = self.client.get(reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]))
+        json_resp = json.loads(resp.content)
+        assert len(json_resp) == 1
+
+        url = reverse("api2-repo-group-folder-perm", args=[self.user_repo_id])
+        data = 'group_id=%s&folder_path=%s' % (self.group_id, self.user_folder_path)
+        resp = self.client.delete(url, data, 'application/x-www-form-urlencoded')
+        self.assertEqual(200, resp.status_code)
+
+        resp = self.client.get(reverse("api2-repo-group-folder-perm", args=[self.user_repo_id]))
+        json_resp = json.loads(resp.content)
+        assert len(json_resp) == 0
+
     def test_can_not_delete_if_not_repo_owner(self):
         self.login_as(self.admin)