repo related user for file participant (#3885)

* repo related user for file participant

* repo related user API test

* fix get_related_users_by_repo

* fix avatar_url

seahub/api2/endpoints/file_participants.py

@@ -54,7 +54,6 @@ class FileParticipantsView(APIView):
 
             for participant in participant_queryset:
                 participant_info = get_user_common_info(participant.username)
-                participant_info['avatar_url'] = request.build_absolute_uri(participant_info['avatar_url'])
                 participant_list.append(participant_info)
         except Exception as e:
             logger.error(e)

seahub/api2/endpoints/repo_related_users.py

@@ -0,0 +1,60 @@
+# Copyright (c) 2012-2019 Seafile Ltd.
+# -*- coding: utf-8 -*-
+import logging
+
+from rest_framework import status
+from rest_framework.authentication import SessionAuthentication
+from rest_framework.permissions import IsAuthenticated
+from rest_framework.response import Response
+from rest_framework.views import APIView
+from seaserv import seafile_api
+
+from seahub.api2.authentication import TokenAuthentication
+from seahub.api2.throttling import UserRateThrottle
+from seahub.api2.utils import api_error, get_user_common_info
+from seahub.utils import is_org_context
+from seahub.views import check_folder_permission
+from seahub.utils.repo import get_related_users_by_repo
+
+logger = logging.getLogger(__name__)
+
+
+class RepoRelatedUsersView(APIView):
+    authentication_classes = (TokenAuthentication, SessionAuthentication)
+    permission_classes = (IsAuthenticated,)
+    throttle_classes = (UserRateThrottle,)
+
+    def get(self, request, repo_id, format=None):
+        """List all users who can view this library.
+
+        Not support public repo
+        """
+        # resource check
+        repo = seafile_api.get_repo(repo_id)
+        if not repo:
+            error_msg = 'Library %s not found.' % repo_id
+            return api_error(status.HTTP_404_NOT_FOUND, error_msg)
+
+        # permission check
+        if not check_folder_permission(request, repo_id, '/'):
+            return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
+
+        # org check
+        org_id = None
+        if is_org_context(request):
+            org_id = request.user.org.org_id
+
+        # main
+        user_list = list()
+
+        try:
+            related_user_list = get_related_users_by_repo(repo_id, org_id)
+
+            for email in related_user_list:
+                user_info = get_user_common_info(email)
+                user_list.append(user_info)
+        except Exception as e:
+            logger.error(e)
+            return api_error(status.HTTP_500_INTERNAL_SERVER_ERROR, 'Internal Server Error')
+
+        return Response({'user_list': user_list})

seahub/urls.py

@@ -147,6 +147,7 @@ from seahub.api2.endpoints.admin.notifications import AdminNotificationsView
 from seahub.api2.endpoints.admin.work_weixin import AdminWorkWeixinDepartments, \
     AdminWorkWeixinDepartmentMembers, AdminWorkWeixinUsersBatch, AdminWorkWeixinDepartmentsImport
 from seahub.api2.endpoints.file_participants import FileParticipantsView, FileParticipantView
+from seahub.api2.endpoints.repo_related_users import RepoRelatedUsersView
 
 urlpatterns = [
     url(r'^accounts/', include('seahub.base.registration_urls')),
@@ -360,6 +361,7 @@ urlpatterns = [
     url(r'^api/v2.1/repos/(?P<repo_id>[-0-9a-f]{36})/tagged-files/(?P<repo_tag_id>\d+)/$', TaggedFilesView.as_view(), name='api-v2.1-tagged-files'),
     url(r'^api/v2.1/repos/(?P<repo_id>[-0-9a-f]{36})/file/participants/$', FileParticipantsView.as_view(), name='api-v2.1-file-participants'),
     url(r'^api/v2.1/repos/(?P<repo_id>[-0-9a-f]{36})/file/participant/$', FileParticipantView.as_view(), name='api-v2.1-file-participant'),
+    url(r'^api/v2.1/repos/(?P<repo_id>[-0-9a-f]{36})/related-users/$', RepoRelatedUsersView.as_view(), name='api-v2.1-related-user'),
 
     # user::related-files
     url(r'^api/v2.1/related-files/$', RelatedFilesView.as_view(), name='api-v2.1-related-files'),

seahub/utils/repo.py

@@ -262,21 +262,17 @@ def get_related_users_by_repo(repo_id, org_id=None):
 
     users = []
 
-    if org_id:
-        repo_owner = seafile_api.get_org_repo_owner(repo_id)
-        user_shared_to = seafile_api.list_org_repo_shared_to(org_id,
-                repo_owner, repo_id)
+    # 1. users repo has been shared to
+    if org_id > 0:
+        users.extend(seafile_api.org_get_shared_users_by_repo(org_id, repo_id))
+        owner = seafile_api.get_org_repo_owner(repo_id)
     else:
-        repo_owner = seafile_api.get_repo_owner(repo_id)
-        user_shared_to = seafile_api.list_repo_shared_to(
-                repo_owner, repo_id)
+        users.extend(seafile_api.get_shared_users_by_repo(repo_id))
+        owner = seafile_api.get_repo_owner(repo_id)
 
-    # 1. repo owner
-    users.append(repo_owner)
-
-    # 2. users repo has been shared to
-    for user in user_shared_to:
-        users.append(user.user)
+    # 2. repo owner
+    if owner not in users:
+        users.append(owner)
 
     # 3. members of groups repo has been shared to
     groups = get_shared_groups_by_repo(repo_id, org_id)

tests/api/endpoints/test_repo_related_users.py

@@ -0,0 +1,53 @@
+# -*- coding: utf-8 -*-
+import json
+
+from django.core.urlresolvers import reverse
+from seaserv import seafile_api, ccnet_api
+
+from seahub.test_utils import BaseTestCase
+from tests.common.utils import randstring
+
+
+class RepoRelatedUsersViewTest(BaseTestCase):
+
+    def setUp(self):
+        self.login_as(self.user)
+        self.group_id = self.group.id
+        self.group_name = self.group.group_name
+        self.repo_id = self.repo.id
+
+        self.url = reverse('api-v2.1-related-user', args=[self.repo_id])
+
+        # add tmp user to group
+        self.tmp_user = self.create_user(
+            'user_%s@test.com' % randstring(4), is_staff=False)
+        ccnet_api.group_add_member(self.group_id, self.user.username, self.tmp_user.username)
+
+        # share repo to group
+        seafile_api.set_group_repo(
+            self.repo_id, self.group_id, self.user.username, 'rw')
+
+        # share repo to admin
+        seafile_api.share_repo(
+                self.repo.id, self.user.username,
+                self.admin.username, 'rw')
+
+    def tearDown(self):
+        self.remove_group()
+        self.remove_repo()
+        self.remove_user(self.tmp_user.username)
+
+    def test_can_get(self):
+        resp = self.client.get(self.url)
+        self.assertEqual(200, resp.status_code)
+
+        json_resp = json.loads(resp.content)
+        user_list = json_resp.get('user_list')
+
+        assert user_list
+        assert len(user_list) == 3
+
+        usernames = [user_info.get('email') for user_info in user_list]
+        assert self.user.username in usernames
+        assert self.tmp_user.username in usernames
+        assert self.admin.username in usernames