From f55ebfbd2cb250b92dd1f3b6176e1cc8562b3514 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=AD=99=E6=B0=B8=E5=BC=BA?=
<11704063+s-yongqiang@user.noreply.gitee.com>
Date: Thu, 9 May 2024 15:43:12 +0800
Subject: [PATCH] update
---
frontend/src/pages/groups/group-view.js | 4 +-
frontend/src/utils/constants.js | 2 +
seahub/api2/endpoints/group_members.py | 59 +++++++++----------------
seahub/group/views.py | 31 ++++++++++++-
seahub/profile/models.py | 31 +------------
seahub/templates/base_for_react.html | 1 +
seahub/urls.py | 4 +-
seahub/views/__init__.py | 6 ++-
8 files changed, 62 insertions(+), 76 deletions(-)
diff --git a/frontend/src/pages/groups/group-view.js b/frontend/src/pages/groups/group-view.js
index a63a058c2f9..7be274e027f 100644
--- a/frontend/src/pages/groups/group-view.js
+++ b/frontend/src/pages/groups/group-view.js
@@ -1,7 +1,7 @@
import React,{ Fragment } from 'react';
import PropTypes from 'prop-types';
import cookie from 'react-cookies';
-import { gettext, username, canAddRepo } from '../../utils/constants';
+import { gettext, username, canAddRepo, isMultiTenancy } from '../../utils/constants';
import { seafileAPI } from '../../utils/seafile-api';
import { Utils } from '../../utils/utils';
import Loading from '../../components/loading';
@@ -482,7 +482,9 @@ class GroupView extends React.Component {
}
{
diff --git a/frontend/src/utils/constants.js b/frontend/src/utils/constants.js
index bf537b7313c..19404640396 100644
--- a/frontend/src/utils/constants.js
+++ b/frontend/src/utils/constants.js
@@ -97,6 +97,8 @@ export const onlyofficeConverterExtensions = window.app.pageOptions.onlyofficeCo
export const canSetExProps = window.app.pageOptions.canSetExProps || false;
+export const isMultiTenancy = window.app.pageOptions.isMultiTenacy;
+
// seafile_ai
export const enableSeafileAI = window.app.pageOptions.enableSeafileAI || false;
diff --git a/seahub/api2/endpoints/group_members.py b/seahub/api2/endpoints/group_members.py
index b6810e6c38f..43a133f95d2 100644
--- a/seahub/api2/endpoints/group_members.py
+++ b/seahub/api2/endpoints/group_members.py
@@ -26,13 +26,13 @@
from seahub.utils.error_msg import file_type_error_msg
from seahub.base.accounts import User
from seahub.group.signals import add_user_to_group
+from seahub.group.views import group_invite
from seahub.group.utils import is_group_member, is_group_admin, \
is_group_owner, is_group_admin_or_owner, get_group_member_info
from seahub.profile.models import Profile, GroupInviteLinkModel
from .utils import api_check_group
-from seahub.settings import SERVICE_URL, MULTI_TENANCY
-from seahub.auth.decorators import login_required
+from seahub.settings import MULTI_TENANCY
logger = logging.getLogger(__name__)
@@ -555,11 +555,6 @@ def get(self, request):
return response
-def is_group_owner_or_admin(group, email):
- if email == group.creator_name:
- return True
- return ccnet_api.check_group_staff(group.id, email)
-
class GroupInviteLinks(APIView):
authentication_classes = (TokenAuthentication, SessionAuthentication)
@@ -576,14 +571,18 @@ def get(self, request, group_id):
group = ccnet_api.get_group(group_id)
if MULTI_TENANCY:
- error_msg = ' Multiple tenancy is not supported.'
+ error_msg = 'Feature disabled.'
+ return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
+
+ if group.creator_name == "system admin":
+ error_msg = 'Forbidden to operate department group'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if not group:
error_msg = 'group not found.'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
- if not is_group_owner_or_admin(group, email):
+ if not is_group_admin_or_owner(group_id, email):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
@@ -603,14 +602,18 @@ def post(self, request, group_id):
group = ccnet_api.get_group(group_id)
if MULTI_TENANCY:
- error_msg = ' Multiple tenancy is not supported.'
+ error_msg = ' Feature disabled.'
+ return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
+
+ if group.creator_name == "system admin":
+ error_msg = 'Forbidden to operate department group'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if not group:
error_msg = 'group not found.'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
- if not is_group_owner_or_admin(group, email):
+ if not is_group_admin_or_owner(group_id, email):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
@@ -635,14 +638,18 @@ def delete(self, request, group_id, token):
group = ccnet_api.get_group(group_id)
if MULTI_TENANCY:
- error_msg = ' Multiple tenancy is not supported.'
+ error_msg = ' Feature disabled.'
+ return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
+
+ if group.creator_name == "system admin":
+ error_msg = 'Forbidden to operate department group'
return api_error(status.HTTP_400_BAD_REQUEST, error_msg)
if not group:
error_msg = 'group not found.'
return api_error(status.HTTP_404_NOT_FOUND, error_msg)
- if not is_group_owner_or_admin(group, email):
+ if not is_group_admin_or_owner(group_id, email):
error_msg = 'Permission denied.'
return api_error(status.HTTP_403_FORBIDDEN, error_msg)
@@ -655,29 +662,3 @@ def delete(self, request, group_id, token):
return Response({'success': True})
-@login_required
-def group_invite(request, token):
- """
- registered user add to group
- """
- email = request.user.username
- next_url = request.GET.get('next', '/')
- redirect_to = SERVICE_URL.rstrip('/') + '/' + next_url.lstrip('/')
- group_invite_link = GroupInviteLinkModel.objects.filter(token=token).first()
- if not group_invite_link:
- return render_error(request, _('Group invite link does not exist'))
-
- if is_group_member(group_invite_link.group_id, email):
-
- return HttpResponseRedirect(redirect_to)
-
- if not group_invite_link.created_by:
- return render_error(request, _('Group invite link broken'))
-
- try:
- ccnet_api.group_add_member(group_invite_link.group_id, group_invite_link.created_by, email)
- except Exception as e:
- logger.error(f'group invite add user failed. {e}')
- return render_error(request, 'Internal Server Error')
-
- return HttpResponseRedirect(redirect_to)
diff --git a/seahub/group/views.py b/seahub/group/views.py
index f644bb259da..a666d247800 100644
--- a/seahub/group/views.py
+++ b/seahub/group/views.py
@@ -18,11 +18,11 @@
from seahub.base.decorators import sys_staff_required, require_POST
from seahub.group.utils import validate_group_name, BadGroupNameError, \
ConflictGroupNameError, is_group_member
-from seahub.settings import SITE_ROOT
+from seahub.settings import SITE_ROOT, SERVICE_URL
from seahub.utils import send_html_email, is_org_context, \
get_site_name
from seahub.share.models import ExtraGroupsSharePermission
-
+from seahub.profile.models import GroupInviteLinkModel
# Get an instance of a logger
logger = logging.getLogger(__name__)
@@ -170,3 +170,30 @@ def send_group_member_add_mail(request, group, from_user, to_user):
subject = _('You are invited to join a group on %s') % get_site_name()
send_html_email(subject, 'group/add_member_email.html', c, None, [to_user])
+
+@login_required
+def group_invite(request, token):
+ """
+ registered user add to group
+ """
+ email = request.user.username
+ next_url = request.GET.get('next', '/')
+ redirect_to = SERVICE_URL.rstrip('/') + '/' + next_url.lstrip('/')
+ group_invite_link = GroupInviteLinkModel.objects.filter(token=token).first()
+ if not group_invite_link:
+ return render_error(request, _('Group invite link does not exist'))
+
+ if is_group_member(group_invite_link.group_id, email):
+
+ return HttpResponseRedirect(redirect_to)
+
+ if not group_invite_link.created_by:
+ return render_error(request, _('Group invite link broken'))
+
+ try:
+ ccnet_api.group_add_member(group_invite_link.group_id, group_invite_link.created_by, email)
+ except Exception as e:
+ logger.error(f'group invite add user failed. {e}')
+ return render_error(request, 'Internal Server Error')
+
+ return HttpResponseRedirect(redirect_to)
diff --git a/seahub/profile/models.py b/seahub/profile/models.py
index 914577ffc15..ec1c44c2401 100644
--- a/seahub/profile/models.py
+++ b/seahub/profile/models.py
@@ -47,6 +47,7 @@ class Meta:
db_table = 'group_invite_link'
def to_dict(self):
+ from seahub.base.templatetags.seahub_tags import email2nickname
result = {
'id': self.pk,
'token': self.token,
@@ -280,34 +281,4 @@ def remove_user_for_inst_deleted(sender, **kwargs):
-from seahub.profile.settings import NICKNAME_CACHE_PREFIX
-from seahub.utils import normalize_cache_key
-from django import template
-
-register = template.Library()
-
-
-@register.filter(name='email2nickname')
-def email2nickname(value):
- """
- Return nickname if it exists and it's not an empty string,
- otherwise return short email.
- """
- if not value:
- return ''
-
- key = normalize_cache_key(value, NICKNAME_CACHE_PREFIX)
- cached_nickname = cache.get(key)
- if cached_nickname and cached_nickname.strip():
- return cached_nickname.strip()
-
- profile = get_first_object_or_none(Profile.objects.filter(user=value))
- if profile is not None and profile.nickname and profile.nickname.strip():
- nickname = profile.nickname.strip()
- else:
- contact_email = email2contact_email(value)
- nickname = contact_email.split('@')[0]
-
- cache.set(key, nickname, NICKNAME_CACHE_TIMEOUT)
- return nickname
diff --git a/seahub/templates/base_for_react.html b/seahub/templates/base_for_react.html
index daadec85d74..a65c8db01f5 100644
--- a/seahub/templates/base_for_react.html
+++ b/seahub/templates/base_for_react.html
@@ -151,6 +151,7 @@
enableSeafileAI: {% if enable_seafile_ai %} true {% else %} false {% endif %},
canSetExProps: {% if can_set_ex_props %} true {% else %} false {% endif %},
enableSeaTableIntegration: {% if enable_seatable_integration %} true {% else %} false {% endif %},
+ isMultiTenacy: {% if multi_tenancy %} true {% else %} false {% endif %}
}
};
diff --git a/seahub/urls.py b/seahub/urls.py
index 0968e1e22bb..ae804eff265 100644
--- a/seahub/urls.py
+++ b/seahub/urls.py
@@ -298,7 +298,7 @@
path('my-libs/deleted/', react_fake_view, name="my_libs_deleted"),
path('org/', react_fake_view, name="org"),
path('invitations/', react_fake_view, name="invitations"),
-
+ re_path(r'^group-invite/(?P[-0-9a-f]{8})/$', group_invite, name='group_invite'),
re_path(r'^ajax/repo/(?P[-0-9a-f]{36})/history/changes/$', repo_history_changes, name='repo_history_changes'),
re_path(r'^ajax/u/d/(?P[-0-9a-f]+)/upload/$', get_file_upload_url_ul, name='get_file_upload_url_ul'),
path('ajax/upload-file-done/', upload_file_done, name='upload_file_done'),
@@ -346,7 +346,7 @@
re_path(r'^api/v2.1/groups/(?P\d+)/invite-links/$', GroupInviteLinks.as_view(),name='api-v2.1-group-invite-links'),
re_path(r'^api/v2.1/groups/(?P\d+)/invite-links/(?P[-0-9a-f]{8})/$', GroupInviteLink.as_view(), name='api-v2.1-group-invite-link'),
- re_path(r'^group-invite/(?P[-0-9a-f]{8})/$', group_invite, name='group_invite'),
+
## address book
re_path(r'^api/v2.1/address-book/groups/(?P\d+)/sub-groups/$', AddressBookGroupsSubGroups.as_view(), name='api-v2.1-address-book-groups-sub-groups'),
re_path(r'^api/v2.1/address-book/groups/(?P\d+)/search-member/$', AddressBookGroupsSearchMember.as_view(), name='api-v2.1-address-book-search-member'),
diff --git a/seahub/views/__init__.py b/seahub/views/__init__.py
index dbc7105232b..7e07a20e546 100644
--- a/seahub/views/__init__.py
+++ b/seahub/views/__init__.py
@@ -57,7 +57,8 @@
UPLOAD_LINK_EXPIRE_DAYS_MIN, UPLOAD_LINK_EXPIRE_DAYS_MAX, UPLOAD_LINK_EXPIRE_DAYS_DEFAULT, \
SEAFILE_COLLAB_SERVER, ENABLE_RESET_ENCRYPTED_REPO_PASSWORD, \
ADDITIONAL_SHARE_DIALOG_NOTE, ADDITIONAL_APP_BOTTOM_LINKS, ADDITIONAL_ABOUT_DIALOG_LINKS, \
- DTABLE_WEB_SERVER, EX_PROPS_TABLE, SEATABLE_EX_PROPS_BASE_API_TOKEN, EX_EDITABLE_COLUMNS
+ DTABLE_WEB_SERVER, EX_PROPS_TABLE, SEATABLE_EX_PROPS_BASE_API_TOKEN, EX_EDITABLE_COLUMNS, \
+ MULTI_TENANCY
from seahub.wopi.settings import ENABLE_OFFICE_WEB_APP
from seahub.ocm.settings import ENABLE_OCM, OCM_REMOTE_SERVERS
@@ -1243,5 +1244,6 @@ def react_fake_view(request, **kwargs):
'group_import_members_extra_msg': GROUP_IMPORT_MEMBERS_EXTRA_MSG,
'request_from_onlyoffice_desktop_editor': ONLYOFFICE_DESKTOP_EDITOR_HTTP_USER_AGENT in request.headers.get('user-agent', ''),
'enable_sso_to_thirdpart_website': settings.ENABLE_SSO_TO_THIRDPART_WEBSITE,
- 'can_set_ex_props': DTABLE_WEB_SERVER and SEATABLE_EX_PROPS_BASE_API_TOKEN and EX_PROPS_TABLE and EX_EDITABLE_COLUMNS
+ 'can_set_ex_props': DTABLE_WEB_SERVER and SEATABLE_EX_PROPS_BASE_API_TOKEN and EX_PROPS_TABLE and EX_EDITABLE_COLUMNS,
+ 'multi_tenancy': MULTI_TENANCY
})