mirror of
https://github.com/haiwen/seahub.git
synced 2025-09-10 11:21:29 +00:00
629 lines
27 KiB
Python
629 lines
27 KiB
Python
# Copyright (c) 2012-2016 Seafile Ltd.
|
|
import logging
|
|
import json
|
|
|
|
from django.http import HttpResponse
|
|
from pysearpc import SearpcError
|
|
from rest_framework import status
|
|
from rest_framework.authentication import SessionAuthentication
|
|
from rest_framework.permissions import IsAuthenticated
|
|
from rest_framework.views import APIView
|
|
|
|
from django.utils.translation import gettext as _
|
|
|
|
import seaserv
|
|
from seaserv import seafile_api, ccnet_api
|
|
from constance import config
|
|
|
|
from seahub.api2.authentication import TokenAuthentication
|
|
from seahub.api2.permissions import IsRepoAccessible
|
|
from seahub.api2.throttling import UserRateThrottle
|
|
from seahub.api2.utils import api_error
|
|
from seahub.api2.endpoints.utils import is_org_user
|
|
|
|
from seahub.base.templatetags.seahub_tags import email2nickname, \
|
|
email2contact_email
|
|
from seahub.base.accounts import User
|
|
from seahub.group.utils import is_group_member, is_group_admin
|
|
from seahub.share.models import ExtraSharePermission, ExtraGroupsSharePermission
|
|
from seahub.share.utils import is_repo_admin, share_dir_to_user, \
|
|
share_dir_to_group, update_user_dir_permission, \
|
|
update_group_dir_permission, check_user_share_out_permission, \
|
|
check_group_share_out_permission, normalize_custom_permission_name
|
|
from seahub.utils import (is_org_context, is_valid_username,
|
|
send_perm_audit_msg)
|
|
from seahub.share.signals import share_repo_to_user_successful, share_repo_to_group_successful, \
|
|
change_repo_perm_successful, delete_repo_perm_successful
|
|
from seahub.constants import PERMISSION_READ, PERMISSION_READ_WRITE, \
|
|
PERMISSION_ADMIN
|
|
from seahub.utils.repo import get_available_repo_perms
|
|
from seahub.avatar.templatetags.avatar_tags import api_avatar_url
|
|
from seahub.settings import ENABLE_SHARE_TO_DEPARTMENT
|
|
|
|
|
|
logger = logging.getLogger(__name__)
|
|
json_content_type = 'application/json; charset=utf-8'
|
|
|
|
|
|
class DirSharedItemsEndpoint(APIView):
|
|
"""Support uniform interface(list, share, unshare, modify) for sharing
|
|
library/folder to users/groups.
|
|
"""
|
|
authentication_classes = (TokenAuthentication, SessionAuthentication)
|
|
permission_classes = (IsAuthenticated, IsRepoAccessible)
|
|
throttle_classes = (UserRateThrottle,)
|
|
|
|
def list_user_shared_items(self, request, repo_id, path):
|
|
|
|
if is_org_context(request):
|
|
# when calling seafile API to share authority related functions, change the uesrname to repo owner.
|
|
repo_owner = seafile_api.get_org_repo_owner(repo_id)
|
|
org_id = request.user.org.org_id
|
|
if path == '/':
|
|
share_items = seafile_api.list_org_repo_shared_to(org_id,
|
|
repo_owner,
|
|
repo_id)
|
|
else:
|
|
share_items = seafile_api.get_org_shared_users_for_subdir(org_id,
|
|
repo_id,
|
|
path,
|
|
repo_owner)
|
|
else:
|
|
repo_owner = seafile_api.get_repo_owner(repo_id)
|
|
if path == '/':
|
|
share_items = seafile_api.list_repo_shared_to(repo_owner, repo_id)
|
|
else:
|
|
share_items = seafile_api.get_shared_users_for_subdir(repo_id,
|
|
path, repo_owner)
|
|
|
|
# change is_admin to True if user is repo admin.
|
|
admin_users = ExtraSharePermission.objects.get_admin_users_by_repo(repo_id)
|
|
ret = []
|
|
for item in share_items:
|
|
avatar_url, is_default, date_uploaded = api_avatar_url(item.user, 72)
|
|
ret.append({
|
|
"share_type": "user",
|
|
"user_info": {
|
|
"name": item.user,
|
|
"nickname": email2nickname(item.user),
|
|
"contact_email": email2contact_email(item.user),
|
|
"avatar_url": avatar_url,
|
|
},
|
|
"permission": item.perm,
|
|
"is_admin": item.user in admin_users
|
|
})
|
|
return ret
|
|
|
|
def list_group_shared_items(self, request, repo_id, path):
|
|
if is_org_context(request):
|
|
# when calling seafile API to share authority related functions, change the uesrname to repo owner.
|
|
repo_owner = seafile_api.get_org_repo_owner(repo_id)
|
|
org_id = request.user.org.org_id
|
|
if path == '/':
|
|
share_items = seafile_api.list_org_repo_shared_group(org_id,
|
|
repo_owner,
|
|
repo_id)
|
|
else:
|
|
share_items = seafile_api.get_org_shared_groups_for_subdir(org_id,
|
|
repo_id,
|
|
path,
|
|
repo_owner)
|
|
else:
|
|
repo_owner = seafile_api.get_repo_owner(repo_id)
|
|
if path == '/':
|
|
share_items = seafile_api.list_repo_shared_group_by_user(repo_owner, repo_id)
|
|
else:
|
|
share_items = seafile_api.get_shared_groups_for_subdir(repo_id,
|
|
path, repo_owner)
|
|
ret = []
|
|
# change is_admin to True if user in admin groups.
|
|
admin_groups = ExtraGroupsSharePermission.objects.get_admin_groups_by_repo(repo_id)
|
|
for item in share_items:
|
|
|
|
if '@seafile_group' in repo_owner and \
|
|
repo_owner.split('@')[0] == str(item.group_id):
|
|
continue
|
|
|
|
group_id = item.group_id
|
|
group = ccnet_api.get_group(group_id)
|
|
if not group:
|
|
if is_org_context(request):
|
|
if path == '/':
|
|
seafile_api.del_org_group_repo(repo_id, org_id, group_id)
|
|
else:
|
|
seafile_api.org_unshare_subdir_for_group(
|
|
org_id, repo_id, path, repo_owner, group_id)
|
|
else:
|
|
if path == '/':
|
|
seafile_api.unset_group_repo(repo_id, group_id, repo_owner)
|
|
else:
|
|
seafile_api.unshare_subdir_for_group(repo_id, path,
|
|
repo_owner, group_id)
|
|
continue
|
|
|
|
ret.append({
|
|
"share_type": "group",
|
|
"group_info": {
|
|
"id": group_id,
|
|
"name": group.group_name,
|
|
},
|
|
"permission": item.perm,
|
|
"is_admin": group_id in admin_groups,
|
|
})
|
|
return ret
|
|
|
|
def handle_shared_to_args(self, request):
|
|
share_type = request.GET.get('share_type', None)
|
|
shared_to_user = False
|
|
shared_to_group = False
|
|
if share_type:
|
|
for e in share_type.split(','):
|
|
e = e.strip()
|
|
if e not in ['user', 'group']:
|
|
continue
|
|
if e == 'user':
|
|
shared_to_user = True
|
|
if e == 'group':
|
|
shared_to_group = True
|
|
else:
|
|
shared_to_user = True
|
|
shared_to_group = True
|
|
|
|
return (shared_to_user, shared_to_group)
|
|
|
|
def get_repo_owner(self, request, repo_id):
|
|
if is_org_context(request):
|
|
return seafile_api.get_org_repo_owner(repo_id)
|
|
else:
|
|
return seafile_api.get_repo_owner(repo_id)
|
|
|
|
def has_shared_to_user(self, request, repo_id, path, username):
|
|
items = self.list_user_shared_items(request, repo_id, path)
|
|
|
|
has_shared = False
|
|
for item in items:
|
|
if username == item['user_info']['name']:
|
|
has_shared = True
|
|
break
|
|
|
|
return has_shared
|
|
|
|
def has_shared_to_group(self, request, repo_id, path, group_id):
|
|
items = self.list_group_shared_items(request, repo_id, path)
|
|
|
|
has_shared = False
|
|
for item in items:
|
|
if group_id == item['group_info']['id']:
|
|
has_shared = True
|
|
break
|
|
|
|
return has_shared
|
|
|
|
def get(self, request, repo_id, format=None):
|
|
"""List shared items(shared to users/groups) for a folder/library.
|
|
"""
|
|
repo = seafile_api.get_repo(repo_id)
|
|
if not repo:
|
|
return api_error(status.HTTP_404_NOT_FOUND, 'Library %s not found.' % repo_id)
|
|
|
|
shared_to_user, shared_to_group = self.handle_shared_to_args(request)
|
|
|
|
path = request.GET.get('p', '/')
|
|
if seafile_api.get_dir_id_by_path(repo.id, path) is None:
|
|
return api_error(status.HTTP_404_NOT_FOUND, 'Folder %s not found.' % path)
|
|
|
|
ret = []
|
|
if shared_to_user:
|
|
ret += self.list_user_shared_items(request, repo_id, path)
|
|
|
|
if shared_to_group:
|
|
ret += self.list_group_shared_items(request, repo_id, path)
|
|
|
|
return HttpResponse(json.dumps(ret), status=200,
|
|
content_type=json_content_type)
|
|
|
|
def post(self, request, repo_id, format=None):
|
|
"""Update shared item permission.
|
|
"""
|
|
if not request.user.permissions.can_share_repo():
|
|
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
|
|
|
|
username = request.user.username
|
|
repo = seafile_api.get_repo(repo_id)
|
|
if not repo:
|
|
return api_error(status.HTTP_404_NOT_FOUND, 'Library %s not found.' % repo_id)
|
|
|
|
path = request.GET.get('p', '/')
|
|
if seafile_api.get_dir_id_by_path(repo.id, path) is None:
|
|
return api_error(status.HTTP_404_NOT_FOUND, 'Folder %s not found.' % path)
|
|
|
|
permission = request.data.get('permission', PERMISSION_READ)
|
|
if permission not in get_available_repo_perms():
|
|
permission = normalize_custom_permission_name(permission)
|
|
if not permission:
|
|
return api_error(status.HTTP_400_BAD_REQUEST, 'permission invalid.')
|
|
|
|
repo_owner = self.get_repo_owner(request, repo_id)
|
|
if repo_owner != username and not is_repo_admin(username, repo_id):
|
|
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
|
|
|
|
shared_to_user, shared_to_group = self.handle_shared_to_args(request)
|
|
if shared_to_user:
|
|
shared_to = request.GET.get('username')
|
|
if shared_to is None or not is_valid_username(shared_to):
|
|
return api_error(status.HTTP_400_BAD_REQUEST, 'Email %s invalid.' % shared_to)
|
|
|
|
try:
|
|
User.objects.get(email=shared_to)
|
|
except User.DoesNotExist:
|
|
return api_error(status.HTTP_400_BAD_REQUEST, 'Invalid user, should be registered')
|
|
|
|
if is_org_context(request):
|
|
# when calling seafile API to share authority related functions, change the uesrname to repo owner.
|
|
repo_owner = seafile_api.get_org_repo_owner(repo_id)
|
|
org_id = request.user.org.org_id
|
|
|
|
update_user_dir_permission(repo_id, path, repo_owner, shared_to, permission, org_id)
|
|
else:
|
|
repo_owner = seafile_api.get_repo_owner(repo_id)
|
|
|
|
update_user_dir_permission(repo_id, path, repo_owner, shared_to, permission)
|
|
|
|
org_id = None
|
|
if is_org_context(request):
|
|
org_id = request.user.org.org_id
|
|
change_repo_perm_successful.send(
|
|
sender=None,
|
|
from_user=username,
|
|
to_user=shared_to,
|
|
repo=repo,
|
|
path=path,
|
|
permission=permission,
|
|
org_id=org_id
|
|
)
|
|
|
|
send_perm_audit_msg('modify-repo-perm', username, shared_to,
|
|
repo_id, path, permission)
|
|
|
|
if shared_to_group:
|
|
gid = request.GET.get('group_id')
|
|
try:
|
|
gid = int(gid)
|
|
except ValueError:
|
|
return api_error(status.HTTP_400_BAD_REQUEST, 'group_id %s invalid.' % gid)
|
|
group = seaserv.get_group(gid)
|
|
if not group:
|
|
return api_error(status.HTTP_404_NOT_FOUND, 'Group %s not found.' % gid)
|
|
|
|
if is_org_context(request):
|
|
# when calling seafile API to share authority related functions, change the uesrname to repo owner.
|
|
repo_owner = seafile_api.get_org_repo_owner(repo_id)
|
|
org_id = request.user.org.org_id
|
|
|
|
update_group_dir_permission(repo_id, path, repo_owner, gid, permission, org_id)
|
|
else:
|
|
repo_owner = seafile_api.get_repo_owner(repo_id)
|
|
|
|
update_group_dir_permission(repo_id, path, repo_owner, gid, permission, None)
|
|
|
|
send_perm_audit_msg('modify-repo-perm', username, gid,
|
|
repo_id, path, permission)
|
|
|
|
return HttpResponse(json.dumps({'success': True}), status=200,
|
|
content_type=json_content_type)
|
|
|
|
def put(self, request, repo_id, format=None):
|
|
|
|
if not request.user.permissions.can_share_repo():
|
|
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
|
|
|
|
username = request.user.username
|
|
repo = seafile_api.get_repo(repo_id)
|
|
if not repo:
|
|
return api_error(status.HTTP_404_NOT_FOUND, 'Library %s not found.' % repo_id)
|
|
|
|
path = request.GET.get('p', '/')
|
|
if seafile_api.get_dir_id_by_path(repo.id, path) is None:
|
|
return api_error(status.HTTP_404_NOT_FOUND, 'Folder %s not found.' % path)
|
|
|
|
if repo.encrypted and path != '/':
|
|
return api_error(status.HTTP_400_BAD_REQUEST, 'Folder invalid.')
|
|
|
|
share_type = request.data.get('share_type')
|
|
if share_type != 'user' and share_type != 'group':
|
|
return api_error(status.HTTP_400_BAD_REQUEST, 'share_type invalid.')
|
|
|
|
repo_owner = self.get_repo_owner(request, repo_id)
|
|
if repo_owner != username and not is_repo_admin(username, repo_id):
|
|
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
|
|
|
|
permission = request.data.get('permission', PERMISSION_READ)
|
|
if permission not in get_available_repo_perms():
|
|
permission = normalize_custom_permission_name(permission)
|
|
if not permission:
|
|
return api_error(status.HTTP_400_BAD_REQUEST, 'permission invalid.')
|
|
|
|
result = {}
|
|
result['failed'] = []
|
|
result['success'] = []
|
|
|
|
if share_type == 'user':
|
|
share_to_users = request.data.getlist('username')
|
|
for to_user in share_to_users:
|
|
if not is_valid_username(to_user):
|
|
result['failed'].append({
|
|
'email': to_user,
|
|
'error_msg': _('username invalid.')
|
|
})
|
|
continue
|
|
|
|
try:
|
|
User.objects.get(email=to_user)
|
|
except User.DoesNotExist:
|
|
result['failed'].append({
|
|
'email': to_user,
|
|
'error_msg': _('User %s not found.') % to_user
|
|
})
|
|
continue
|
|
|
|
if self.has_shared_to_user(request, repo_id, path, to_user):
|
|
result['failed'].append({
|
|
'email': to_user,
|
|
'error_msg': _('This item has been shared to %s.') % email2nickname(to_user)
|
|
})
|
|
continue
|
|
|
|
try:
|
|
org_id = None
|
|
if is_org_context(request):
|
|
org_id = request.user.org.org_id
|
|
|
|
if not is_org_user(to_user, int(org_id)):
|
|
org_name = request.user.org.org_name
|
|
error_msg = f'User {to_user} is not member of organization {org_name}.'
|
|
|
|
result['failed'].append({
|
|
'email': to_user,
|
|
'error_msg': error_msg
|
|
})
|
|
continue
|
|
|
|
# when calling seafile API to share authority related functions,
|
|
# change the uesrname to repo owner.
|
|
repo_owner = seafile_api.get_org_repo_owner(repo_id)
|
|
# can't share to owner
|
|
if to_user == repo_owner:
|
|
error_msg = "Library can not be shared to owner"
|
|
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
|
|
|
|
share_dir_to_user(repo, path, repo_owner, username, to_user, permission, org_id)
|
|
else:
|
|
if is_org_user(to_user):
|
|
error_msg = 'User %s is a member of organization.' % to_user
|
|
result['failed'].append({
|
|
'email': to_user,
|
|
'error_msg': error_msg
|
|
})
|
|
continue
|
|
|
|
repo_owner = seafile_api.get_repo_owner(repo_id)
|
|
# can't share to owner
|
|
if to_user == repo_owner:
|
|
error_msg = "Library can not be shared to owner"
|
|
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
|
|
|
|
share_dir_to_user(repo, path, repo_owner, username, to_user, permission, None)
|
|
|
|
avatar_url, is_default, date_uploaded = api_avatar_url(to_user, 72)
|
|
result['success'].append({
|
|
"share_type": "user",
|
|
"user_info": {
|
|
"name": to_user,
|
|
"nickname": email2nickname(to_user),
|
|
"contact_email": email2contact_email(to_user),
|
|
"avatar_url": avatar_url,
|
|
},
|
|
"permission": PERMISSION_READ_WRITE if permission == PERMISSION_ADMIN else permission,
|
|
"is_admin": permission == PERMISSION_ADMIN
|
|
})
|
|
|
|
# send a signal when sharing repo successful
|
|
share_repo_to_user_successful.send(sender=None, from_user=username,
|
|
to_user=to_user, repo=repo,
|
|
path=path, org_id=org_id)
|
|
|
|
send_perm_audit_msg('add-repo-perm', username, to_user,
|
|
repo_id, path, permission)
|
|
except SearpcError as e:
|
|
logger.error(e)
|
|
result['failed'].append({
|
|
'email': to_user,
|
|
'error_msg': 'Internal Server Error'
|
|
})
|
|
continue
|
|
|
|
if share_type == 'group':
|
|
group_ids = request.data.getlist('group_id')
|
|
for gid in group_ids:
|
|
try:
|
|
gid = int(gid)
|
|
except ValueError:
|
|
result['failed'].append({
|
|
'error_msg': 'group_id %s invalid.' % gid
|
|
})
|
|
continue
|
|
|
|
group = ccnet_api.get_group(gid)
|
|
if not group:
|
|
result['failed'].append({
|
|
'error_msg': 'Group %s not found' % gid
|
|
})
|
|
continue
|
|
|
|
if not config.ENABLE_SHARE_TO_ALL_GROUPS and \
|
|
not is_group_member(gid, username):
|
|
result['failed'].append({
|
|
'group_name': group.group_name,
|
|
'error_msg': 'Permission denied.'
|
|
})
|
|
continue
|
|
|
|
# is sharing repo to department
|
|
if group.parent_group_id != 0:
|
|
|
|
if not ENABLE_SHARE_TO_DEPARTMENT or \
|
|
ENABLE_SHARE_TO_DEPARTMENT and not is_group_admin(gid, username):
|
|
result['failed'].append({
|
|
'group_name': group.group_name,
|
|
'error_msg': 'Permission denied.'
|
|
})
|
|
continue
|
|
|
|
if self.has_shared_to_group(request, repo_id, path, gid):
|
|
result['failed'].append({
|
|
'group_name': group.group_name,
|
|
'error_msg': _('This item has been shared to %s.') % group.group_name
|
|
})
|
|
continue
|
|
|
|
try:
|
|
org_id = None
|
|
if is_org_context(request):
|
|
# when calling seafile API to share authority related functions,
|
|
# change the uesrname to repo owner.
|
|
repo_owner = seafile_api.get_org_repo_owner(repo_id)
|
|
org_id = request.user.org.org_id
|
|
|
|
share_dir_to_group(repo, path, repo_owner, username, gid, permission, org_id)
|
|
else:
|
|
repo_owner = seafile_api.get_repo_owner(repo_id)
|
|
|
|
share_dir_to_group(repo, path, repo_owner, username, gid, permission, None)
|
|
|
|
result['success'].append({
|
|
"share_type": "group",
|
|
"group_info": {
|
|
"id": gid,
|
|
"name": group.group_name,
|
|
},
|
|
"permission": PERMISSION_READ_WRITE if permission == PERMISSION_ADMIN else permission,
|
|
"is_admin": permission == PERMISSION_ADMIN
|
|
})
|
|
|
|
share_repo_to_group_successful.send(sender=None,
|
|
from_user=username,
|
|
group_id=gid, repo=repo,
|
|
path=path, org_id=org_id)
|
|
|
|
send_perm_audit_msg('add-repo-perm', username, gid,
|
|
repo_id, path, permission)
|
|
except SearpcError as e:
|
|
logger.error(e)
|
|
result['failed'].append({
|
|
'group_name': group.group_name,
|
|
'error_msg': 'Internal Server Error'
|
|
})
|
|
continue
|
|
|
|
return HttpResponse(json.dumps(result),
|
|
status=200,
|
|
content_type=json_content_type)
|
|
|
|
def delete(self, request, repo_id, format=None):
|
|
|
|
if not request.user.permissions.can_share_repo():
|
|
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
|
|
|
|
username = request.user.username
|
|
repo = seafile_api.get_repo(repo_id)
|
|
if not repo:
|
|
return api_error(status.HTTP_404_NOT_FOUND, 'Library %s not found.' % repo_id)
|
|
|
|
path = request.GET.get('p', '/')
|
|
if seafile_api.get_dir_id_by_path(repo.id, path) is None:
|
|
return api_error(status.HTTP_404_NOT_FOUND, 'Folder %s not found.' % path)
|
|
|
|
repo_owner = self.get_repo_owner(request, repo_id)
|
|
if repo_owner != username and not is_repo_admin(username, repo_id):
|
|
return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.')
|
|
|
|
shared_to_user, shared_to_group = self.handle_shared_to_args(request)
|
|
if shared_to_user:
|
|
shared_to = request.GET.get('username')
|
|
if shared_to is None or not is_valid_username(shared_to):
|
|
return api_error(status.HTTP_400_BAD_REQUEST, 'Email %s invalid.' % shared_to)
|
|
|
|
permission = check_user_share_out_permission(repo_id, path, shared_to, is_org_context(request))
|
|
|
|
if is_org_context(request):
|
|
# when calling seafile API to share authority related functions, change the uesrname to repo owner.
|
|
org_id = request.user.org.org_id
|
|
if path == '/':
|
|
seaserv.seafserv_threaded_rpc.org_remove_share(
|
|
org_id, repo_id, repo_owner, shared_to)
|
|
else:
|
|
seafile_api.org_unshare_subdir_for_user(
|
|
org_id, repo_id, path, repo_owner, shared_to)
|
|
|
|
else:
|
|
if path == '/':
|
|
seaserv.remove_share(repo_id, repo_owner, shared_to)
|
|
else:
|
|
seafile_api.unshare_subdir_for_user(
|
|
repo_id, path, repo_owner, shared_to)
|
|
|
|
# Delete share permission at ExtraSharePermission table.
|
|
if path == '/':
|
|
ExtraSharePermission.objects.delete_share_permission(repo_id,
|
|
shared_to)
|
|
|
|
org_id = None
|
|
if is_org_context(request):
|
|
org_id = request.user.org.org_id
|
|
delete_repo_perm_successful.send(
|
|
sender=None,
|
|
from_user=username,
|
|
to_user=shared_to,
|
|
repo=repo,
|
|
path=path,
|
|
org_id=org_id
|
|
)
|
|
send_perm_audit_msg('delete-repo-perm', username, shared_to,
|
|
repo_id, path, permission)
|
|
|
|
if shared_to_group:
|
|
group_id = request.GET.get('group_id')
|
|
try:
|
|
group_id = int(group_id)
|
|
except ValueError:
|
|
return api_error(status.HTTP_400_BAD_REQUEST, 'group_id %s invalid' % group_id)
|
|
|
|
# hacky way to get group repo permission
|
|
is_org = is_org_context(request)
|
|
permission = check_group_share_out_permission(repo_id, path, group_id, is_org)
|
|
|
|
if is_org:
|
|
# when calling seafile API to share authority related functions, change the uesrname to repo owner.
|
|
org_id = request.user.org.org_id
|
|
if path == '/':
|
|
seaserv.del_org_group_repo(repo_id, org_id, group_id)
|
|
else:
|
|
seafile_api.org_unshare_subdir_for_group(
|
|
org_id, repo_id, path, repo_owner, group_id)
|
|
else:
|
|
if path == '/':
|
|
seafile_api.unset_group_repo(repo_id, group_id, username)
|
|
else:
|
|
seafile_api.unshare_subdir_for_group(
|
|
repo_id, path, repo_owner, group_id)
|
|
|
|
# delete share permission if repo is deleted
|
|
if path == '/':
|
|
ExtraGroupsSharePermission.objects.delete_share_permission(repo_id,
|
|
group_id)
|
|
send_perm_audit_msg('delete-repo-perm', username, group_id,
|
|
repo_id, path, permission)
|
|
|
|
return HttpResponse(json.dumps({'success': True}), status=200,
|
|
content_type=json_content_type)
|