update

haiwen · May 9, 2024 · f55ebfb · f55ebfb
1 parent 276b663
commit f55ebfb
Show file tree

Hide file tree

Showing 8 changed files with 62 additions and 76 deletions.
diff --git a/frontend/src/pages/groups/group-view.js b/frontend/src/pages/groups/group-view.js
@@ -1,7 +1,7 @@
 import React,{ Fragment } from 'react';
 import PropTypes from 'prop-types';
 import cookie from 'react-cookies';
-import { gettext, username, canAddRepo } from '../../utils/constants';
+import { gettext, username, canAddRepo, isMultiTenancy } from '../../utils/constants';
 import { seafileAPI } from '../../utils/seafile-api';
 import { Utils } from '../../utils/utils';
 import Loading from '../../components/loading';
@@ -482,7 +482,9 @@ class GroupView extends React.Component {
                             <ul className="sf-popover-list">
                               <li><a href="#" className="sf-popover-item" onClick={this.toggleImportMembersDialog} >{gettext('Import Members')}</a></li>
                               <li><a href="#" className="sf-popover-item" onClick={this.toggleManageMembersDialog} >{gettext('Manage Members')}</a></li>
+                              {this.state.currentGroup.owner != 'system admin' && !isMultiTenancy &&
                               <li><a href="#" className="sf-popover-item" onClick={this.toggleInviteMembersDialog} >{gettext('Invite Members')}</a></li>
+                              }
                             </ul>
                             }
                             {

diff --git a/frontend/src/utils/constants.js b/frontend/src/utils/constants.js
@@ -97,6 +97,8 @@ export const onlyofficeConverterExtensions = window.app.pageOptions.onlyofficeCo
 
 export const canSetExProps = window.app.pageOptions.canSetExProps || false;
 
+export const isMultiTenancy = window.app.pageOptions.isMultiTenacy;
+
 // seafile_ai
 export const enableSeafileAI = window.app.pageOptions.enableSeafileAI || false;
 

diff --git a/seahub/api2/endpoints/group_members.py b/seahub/api2/endpoints/group_members.py
@@ -26,13 +26,13 @@
 from seahub.utils.error_msg import file_type_error_msg
 from seahub.base.accounts import User
 from seahub.group.signals import add_user_to_group
+from seahub.group.views import group_invite
 from seahub.group.utils import is_group_member, is_group_admin, \
     is_group_owner, is_group_admin_or_owner, get_group_member_info
 from seahub.profile.models import Profile, GroupInviteLinkModel
 from .utils import api_check_group
 
-from seahub.settings import SERVICE_URL, MULTI_TENANCY
-from seahub.auth.decorators import login_required
+from seahub.settings import MULTI_TENANCY
 logger = logging.getLogger(__name__)
 
 
@@ -555,11 +555,6 @@ def get(self, request):
         return response
 
 
-def is_group_owner_or_admin(group, email):
-    if email == group.creator_name:
-        return True
-    return ccnet_api.check_group_staff(group.id, email)
-
 
 class GroupInviteLinks(APIView):
     authentication_classes = (TokenAuthentication, SessionAuthentication)
@@ -576,14 +571,18 @@ def get(self, request, group_id):
 
         group = ccnet_api.get_group(group_id)
         if MULTI_TENANCY:
-            error_msg = ' Multiple tenancy is not supported.'
+            error_msg = 'Feature disabled.'
+            return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
+
+        if group.creator_name == "system admin":
+            error_msg = 'Forbidden to operate department group'
             return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
 
         if not group:
             error_msg = 'group not found.'
             return api_error(status.HTTP_404_NOT_FOUND, error_msg)
 
-        if not is_group_owner_or_admin(group, email):
+        if not is_group_admin_or_owner(group_id, email):
             error_msg = 'Permission denied.'
             return api_error(status.HTTP_403_FORBIDDEN, error_msg)
 
@@ -603,14 +602,18 @@ def post(self, request, group_id):
 
         group = ccnet_api.get_group(group_id)
         if MULTI_TENANCY:
-            error_msg = ' Multiple tenancy is not supported.'
+            error_msg = ' Feature disabled.'
+            return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
+
+        if group.creator_name == "system admin":
+            error_msg = 'Forbidden to operate department group'
             return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
 
         if not group:
             error_msg = 'group not found.'
             return api_error(status.HTTP_404_NOT_FOUND, error_msg)
 
-        if not is_group_owner_or_admin(group, email):
+        if not is_group_admin_or_owner(group_id, email):
             error_msg = 'Permission denied.'
             return api_error(status.HTTP_403_FORBIDDEN, error_msg)
 
@@ -635,14 +638,18 @@ def delete(self, request, group_id, token):
 
         group = ccnet_api.get_group(group_id)
         if MULTI_TENANCY:
-            error_msg = ' Multiple tenancy is not supported.'
+            error_msg = ' Feature disabled.'
+            return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
+
+        if group.creator_name == "system admin":
+            error_msg = 'Forbidden to operate department group'
             return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
 
         if not group:
             error_msg = 'group not found.'
             return api_error(status.HTTP_404_NOT_FOUND, error_msg)
 
-        if not is_group_owner_or_admin(group, email):
+        if not is_group_admin_or_owner(group_id, email):
             error_msg = 'Permission denied.'
             return api_error(status.HTTP_403_FORBIDDEN, error_msg)
 
@@ -655,29 +662,3 @@ def delete(self, request, group_id, token):
         return Response({'success': True})
 
 
-@login_required
-def group_invite(request, token):
-    """
-    registered user add to group
-    """
-    email = request.user.username
-    next_url = request.GET.get('next', '/')
-    redirect_to = SERVICE_URL.rstrip('/') + '/' + next_url.lstrip('/')
-    group_invite_link = GroupInviteLinkModel.objects.filter(token=token).first()
-    if not group_invite_link:
-        return render_error(request, _('Group invite link does not exist'))
-
-    if is_group_member(group_invite_link.group_id, email):
-
-        return HttpResponseRedirect(redirect_to)
-
-    if not group_invite_link.created_by:
-        return render_error(request, _('Group invite link broken'))
-
-    try:
-        ccnet_api.group_add_member(group_invite_link.group_id, group_invite_link.created_by, email)
-    except Exception as e:
-        logger.error(f'group invite add user failed. {e}')
-        return render_error(request, 'Internal Server Error')
-
-    return HttpResponseRedirect(redirect_to)
diff --git a/seahub/group/views.py b/seahub/group/views.py
@@ -18,11 +18,11 @@
 from seahub.base.decorators import sys_staff_required, require_POST
 from seahub.group.utils import validate_group_name, BadGroupNameError, \
     ConflictGroupNameError, is_group_member
-from seahub.settings import SITE_ROOT
+from seahub.settings import SITE_ROOT, SERVICE_URL
 from seahub.utils import send_html_email, is_org_context, \
     get_site_name
 from seahub.share.models import ExtraGroupsSharePermission
-
+from seahub.profile.models import GroupInviteLinkModel
 
 # Get an instance of a logger
 logger = logging.getLogger(__name__)
@@ -170,3 +170,30 @@ def send_group_member_add_mail(request, group, from_user, to_user):
 
     subject = _('You are invited to join a group on %s') % get_site_name()
     send_html_email(subject, 'group/add_member_email.html', c, None, [to_user])
+
+@login_required
+def group_invite(request, token):
+    """
+    registered user add to group
+    """
+    email = request.user.username
+    next_url = request.GET.get('next', '/')
+    redirect_to = SERVICE_URL.rstrip('/') + '/' + next_url.lstrip('/')
+    group_invite_link = GroupInviteLinkModel.objects.filter(token=token).first()
+    if not group_invite_link:
+        return render_error(request, _('Group invite link does not exist'))
+
+    if is_group_member(group_invite_link.group_id, email):
+
+        return HttpResponseRedirect(redirect_to)
+
+    if not group_invite_link.created_by:
+        return render_error(request, _('Group invite link broken'))
+
+    try:
+        ccnet_api.group_add_member(group_invite_link.group_id, group_invite_link.created_by, email)
+    except Exception as e:
+        logger.error(f'group invite add user failed. {e}')
+        return render_error(request, 'Internal Server Error')
+
+    return HttpResponseRedirect(redirect_to)
diff --git a/seahub/profile/models.py b/seahub/profile/models.py
@@ -47,6 +47,7 @@ class Meta:
         db_table = 'group_invite_link'
 
     def to_dict(self):
+        from seahub.base.templatetags.seahub_tags import email2nickname
         result = {
             'id': self.pk,
             'token': self.token,
@@ -280,34 +281,4 @@ def remove_user_for_inst_deleted(sender, **kwargs):
 
 
 
-from seahub.profile.settings import NICKNAME_CACHE_PREFIX
-from seahub.utils import normalize_cache_key
-from django import template
-
-register = template.Library()
-
-
-@register.filter(name='email2nickname')
-def email2nickname(value):
-    """
-    Return nickname if it exists and it's not an empty string,
-    otherwise return short email.
-    """
-    if not value:
-        return ''
-
-    key = normalize_cache_key(value, NICKNAME_CACHE_PREFIX)
-    cached_nickname = cache.get(key)
-    if cached_nickname and cached_nickname.strip():
-        return cached_nickname.strip()
-
-    profile = get_first_object_or_none(Profile.objects.filter(user=value))
-    if profile is not None and profile.nickname and profile.nickname.strip():
-        nickname = profile.nickname.strip()
-    else:
-        contact_email = email2contact_email(value)
-        nickname = contact_email.split('@')[0]
-
-    cache.set(key, nickname, NICKNAME_CACHE_TIMEOUT)
-    return nickname
 
diff --git a/seahub/templates/base_for_react.html b/seahub/templates/base_for_react.html
@@ -151,6 +151,7 @@
             enableSeafileAI: {% if enable_seafile_ai %} true {% else %} false {% endif %},
             canSetExProps: {% if can_set_ex_props %} true {% else %} false {% endif %},
             enableSeaTableIntegration: {% if enable_seatable_integration %} true {% else %} false {% endif %},
+            isMultiTenacy: {% if multi_tenancy %} true {% else %} false {% endif %}
         }
      };
 </script>

diff --git a/seahub/urls.py b/seahub/urls.py
@@ -298,7 +298,7 @@
     path('my-libs/deleted/', react_fake_view, name="my_libs_deleted"),
     path('org/', react_fake_view, name="org"),
     path('invitations/', react_fake_view, name="invitations"),
-
+    re_path(r'^group-invite/(?P<token>[-0-9a-f]{8})/$', group_invite, name='group_invite'),
     re_path(r'^ajax/repo/(?P<repo_id>[-0-9a-f]{36})/history/changes/$', repo_history_changes, name='repo_history_changes'),
     re_path(r'^ajax/u/d/(?P<token>[-0-9a-f]+)/upload/$', get_file_upload_url_ul, name='get_file_upload_url_ul'),
     path('ajax/upload-file-done/', upload_file_done, name='upload_file_done'),
@@ -346,7 +346,7 @@
 
     re_path(r'^api/v2.1/groups/(?P<group_id>\d+)/invite-links/$', GroupInviteLinks.as_view(),name='api-v2.1-group-invite-links'),
     re_path(r'^api/v2.1/groups/(?P<group_id>\d+)/invite-links/(?P<token>[-0-9a-f]{8})/$', GroupInviteLink.as_view(), name='api-v2.1-group-invite-link'),
-    re_path(r'^group-invite/(?P<token>[-0-9a-f]{8})/$', group_invite, name='group_invite'),
+
     ## address book
     re_path(r'^api/v2.1/address-book/groups/(?P<group_id>\d+)/sub-groups/$', AddressBookGroupsSubGroups.as_view(), name='api-v2.1-address-book-groups-sub-groups'),
     re_path(r'^api/v2.1/address-book/groups/(?P<group_id>\d+)/search-member/$', AddressBookGroupsSearchMember.as_view(), name='api-v2.1-address-book-search-member'),

diff --git a/seahub/views/__init__.py b/seahub/views/__init__.py
@@ -57,7 +57,8 @@
     UPLOAD_LINK_EXPIRE_DAYS_MIN, UPLOAD_LINK_EXPIRE_DAYS_MAX, UPLOAD_LINK_EXPIRE_DAYS_DEFAULT, \
     SEAFILE_COLLAB_SERVER, ENABLE_RESET_ENCRYPTED_REPO_PASSWORD, \
     ADDITIONAL_SHARE_DIALOG_NOTE, ADDITIONAL_APP_BOTTOM_LINKS, ADDITIONAL_ABOUT_DIALOG_LINKS, \
-    DTABLE_WEB_SERVER, EX_PROPS_TABLE, SEATABLE_EX_PROPS_BASE_API_TOKEN, EX_EDITABLE_COLUMNS
+    DTABLE_WEB_SERVER, EX_PROPS_TABLE, SEATABLE_EX_PROPS_BASE_API_TOKEN, EX_EDITABLE_COLUMNS, \
+    MULTI_TENANCY
 
 from seahub.wopi.settings import ENABLE_OFFICE_WEB_APP
 from seahub.ocm.settings import ENABLE_OCM, OCM_REMOTE_SERVERS
@@ -1243,5 +1244,6 @@ def react_fake_view(request, **kwargs):
         'group_import_members_extra_msg': GROUP_IMPORT_MEMBERS_EXTRA_MSG,
         'request_from_onlyoffice_desktop_editor': ONLYOFFICE_DESKTOP_EDITOR_HTTP_USER_AGENT in request.headers.get('user-agent', ''),
         'enable_sso_to_thirdpart_website': settings.ENABLE_SSO_TO_THIRDPART_WEBSITE,
-        'can_set_ex_props': DTABLE_WEB_SERVER and SEATABLE_EX_PROPS_BASE_API_TOKEN and EX_PROPS_TABLE and EX_EDITABLE_COLUMNS
+        'can_set_ex_props': DTABLE_WEB_SERVER and SEATABLE_EX_PROPS_BASE_API_TOKEN and EX_PROPS_TABLE and EX_EDITABLE_COLUMNS,
+        'multi_tenancy': MULTI_TENANCY
     })