From ee10b30bbf3cffb4d07fa07d0e142f4205e11436 Mon Sep 17 00:00:00 2001
From: zhengxie <xiez1989@gmail.com>
Date: Wed, 27 Aug 2014 10:31:15 +0800
Subject: [PATCH] Remove deprecated code

---
 seahub/api2/views.py     | 21 +++++++++---------
 seahub/views/__init__.py | 47 ++++++----------------------------------
 seahub/views/ajax.py     |  9 ++++----
 3 files changed, 23 insertions(+), 54 deletions(-)

diff --git a/seahub/api2/views.py b/seahub/api2/views.py
index 60093c0cd0..1806e606e4 100644
--- a/seahub/api2/views.py
+++ b/seahub/api2/views.py
@@ -57,7 +57,7 @@ from seahub.utils import gen_file_get_url, gen_token, gen_file_upload_url, \
     gen_file_share_link, gen_dir_share_link, is_org_context, gen_shared_link
 from seahub.utils.star import star_file, unstar_file
 from seahub.utils.file_types import IMAGE, DOCUMENT
-from seahub.views import access_to_repo, validate_owner, is_registered_user, \
+from seahub.views import validate_owner, is_registered_user, \
     group_events_data, get_diff, create_default_library, get_owned_repo_list, \
     list_inner_pub_repos, get_virtual_repos_by_owner
 from seahub.views.ajax import get_share_in_repo_list, get_groups_by_user, \
@@ -609,7 +609,8 @@ def check_set_repo_password(request, repo):
             return set_repo_password(request, repo, password)
 
 def check_repo_access_permission(request, repo):
-    if not check_permission(repo.id, request.user.username):
+    if not seafile_api.check_repo_access_permission(repo.id,
+                                                    request.user.username):
         return api_error(status.HTTP_403_FORBIDDEN, 'Forbid to access this repo.')
 
 class Repo(APIView):
@@ -3158,13 +3159,14 @@ def ajax_usermsgs(request, id_or_email):
 def html_repo_history_changes(request, repo_id):
     changes = {}
 
-    if not access_to_repo(request, repo_id, ''):
-        return HttpResponse(json.dumps({"err": 'Permission denied'}), status=400, content_type=json_content_type)
-
     repo = get_repo(repo_id)
     if not repo:
         return HttpResponse(json.dumps({"err": 'Library does not exist'}), status=400, content_type=json_content_type)
 
+    resp = check_repo_access_permission(request, repo)
+    if resp:
+        return resp
+
     if repo.encrypted and not is_passwd_set(repo_id, request.user.username):
         return HttpResponse(json.dumps({"err": 'Library is encrypted'}), status=400, content_type=json_content_type)
 
@@ -3316,17 +3318,16 @@ class RepoHistoryChange(APIView):
     throttle_classes = (UserRateThrottle, )
 
     def get(self, request, repo_id, format=None):
-        if not access_to_repo(request, repo_id, ''):
-            return HttpResponse(json.dumps({"err": 'Permission denied'}),
-                                status=400,
-                                content_type=json_content_type)
-
         repo = get_repo(repo_id)
         if not repo:
             return HttpResponse(json.dumps({"err": 'Library does not exist'}),
                                 status=400,
                                 content_type=json_content_type)
 
+        resp = check_repo_access_permission(request, repo)
+        if resp:
+            return resp
+
         if repo.encrypted and not is_passwd_set(repo_id, request.user.username):
             return HttpResponse(json.dumps({"err": 'Library is encrypted'}),
                                 status=400,
diff --git a/seahub/views/__init__.py b/seahub/views/__init__.py
index d20c7dfab4..7b30a2d963 100644
--- a/seahub/views/__init__.py
+++ b/seahub/views/__init__.py
@@ -97,30 +97,6 @@ def is_registered_user(email):
 
     return True if user else False
 
-def access_to_repo(request, repo_id, repo_ap=None):
-    """
-    Check whether user in the request can access to repo, which means user can
-    view directory entries on repo page. Only repo owner or person who is shared
-    can access to repo.
-
-    NOTE: This function is deprecated, use `get_user_permission`.
-    """
-    if not request.user.is_authenticated():
-        token = request.COOKIES.get('anontoken', None)
-        return True if token else False
-    else:
-        return True if check_permission(repo_id, request.user.username) else False
-
-def get_user_permission(request, repo_id):
-    """
-    NOTE: This function is deprecated, use `check_repo_access_permission`.
-    """
-    if request.user.is_authenticated():
-        return check_permission(repo_id, request.user.username)
-    else:
-        token = request.COOKIES.get('anontoken', None)
-        return 'r' if token else ''
-
 def get_system_default_repo_id():
     try:
         return seaserv.seafserv_threaded_rpc.get_system_default_repo_id()
@@ -711,13 +687,14 @@ def repo_history(request, repo_id):
 def repo_view_snapshot(request, repo_id):
     """List repo snapshots.
     """
-    if not access_to_repo(request, repo_id, ''):
-        return render_permission_error(request, _(u'Unable to view library snapshots'))
-
     repo = get_repo(repo_id)
     if not repo:
         raise Http404
 
+    # perm check
+    if check_repo_access_permission(repo.id, request.user) is None:
+        raise Http404
+
     username = request.user.username
     try:
         server_crypto = UserOptions.objects.is_server_crypto(username)
@@ -771,8 +748,9 @@ def repo_history_revert(request, repo_id):
     if not repo:
         raise Http404
 
-    if not access_to_repo(request, repo_id):
-        return render_permission_error(request, _(u'You have no permission to restore library'))
+    # perm check
+    if check_repo_access_permission(repo.id, request.user) is None:
+        raise Http404
 
     username = request.user.username
     try:
@@ -847,17 +825,6 @@ def get_diff(repo_id, arg1, arg2):
 
     return lists
 
-@login_required
-def modify_token(request, repo_id):
-    if not validate_owner(request, repo_id):
-        return HttpResponseRedirect(reverse('repo', args=[repo_id]))
-
-    token = request.POST.get('token', '')
-    if token:
-        seafserv_threaded_rpc.set_repo_token(repo_id, token)
-
-    return HttpResponseRedirect(reverse('repo', args=[repo_id]))
-
 def create_default_library(request):
     """Create a default library for user.
 
diff --git a/seahub/views/ajax.py b/seahub/views/ajax.py
index 40a166ccc8..22f47ffe7c 100644
--- a/seahub/views/ajax.py
+++ b/seahub/views/ajax.py
@@ -29,7 +29,7 @@ from seahub.message.models import UserMessage
 from seahub.signals import upload_file_successful, repo_created, repo_deleted
 from seahub.views import get_repo_dirents, validate_owner, \
     check_repo_access_permission, get_unencry_rw_repos_by_user, \
-    get_system_default_repo_id, access_to_repo, get_diff, group_events_data, \
+    get_system_default_repo_id, get_diff, group_events_data, \
     get_owned_repo_list
 
 from seahub.views.repo import get_nav_path, get_fileshare, get_dir_share_link, \
@@ -1559,13 +1559,14 @@ def repo_history_changes(request, repo_id):
     changes = {} 
     content_type = 'application/json; charset=utf-8'
 
-    if not access_to_repo(request, repo_id, ''): 
-        return HttpResponse(json.dumps(changes), content_type=content_type)
-
     repo = get_repo(repo_id)
     if not repo:
         return HttpResponse(json.dumps(changes), content_type=content_type)
 
+    # perm check
+    if check_repo_access_permission(repo.id, request.user) is None:
+        return HttpResponse(json.dumps(changes), content_type=content_type)
+
     username = request.user.username
     try: 
         server_crypto = UserOptions.objects.is_server_crypto(username)