optimize wiki2 permission (#6108)

haiwen · May 23, 2024 · 6c2af87 · 6c2af87
1 parent 1cbea9d
commit 6c2af87
Show file tree

Hide file tree

Showing 7 changed files with 19 additions and 93 deletions.
diff --git a/frontend/src/pages/wiki2/index.js b/frontend/src/pages/wiki2/index.js
@@ -4,7 +4,7 @@ import MediaQuery from 'react-responsive';
 import { Modal } from 'reactstrap';
 import { Utils } from '../../utils/utils';
 import wikiAPI from '../../utils/wiki-api';
-import { slug, wikiId, siteRoot, initialPath, isDir, sharedToken, hasIndex, lang, isEditWiki, gettext } from '../../utils/constants';
+import { slug, wikiId, siteRoot, initialPath, isDir, sharedToken, hasIndex, lang, isWiki2, gettext } from '../../utils/constants';
 import Dirent from '../../models/dirent';
 import WikiConfig from './models/wiki-config';
 import TreeNode from '../../components/tree-view/tree-node';
@@ -46,7 +46,6 @@ class Wiki extends Component {
       currentPageId: '',
       config: new WikiConfig({}),
       repoId: '',
-      can_edit_file: false,
       seadoc_access_token: '',
       docUuid: '',
       assets_url: '',
@@ -78,7 +77,7 @@ class Wiki extends Component {
   }
 
   handlePath = () => {
-    return isEditWiki ? 'wikis/' : 'published/';
+    return isWiki2 ? 'wikis/' : 'published/';
   };
 
   getWikiConfig = () => {
@@ -222,7 +221,6 @@ class Wiki extends Component {
         permission: data.permission,
         lastModified: moment.unix(data.last_modified).fromNow(),
         latestContributor: data.latest_contributor,
-        can_edit_file: data.can_edit_file,
         seadoc_access_token: data.seadoc_access_token,
         assets_url: data.assets_url,
         isViewFile: true,
@@ -581,7 +579,7 @@ class Wiki extends Component {
   render() {
     return (
       <div id="main" className="wiki-main">
-        {/* {isEditWiki &&
+        {/* {isWiki2 &&
           <WikiLeftBar
             config={this.state.config}
             repoId={this.state.repoId}
@@ -618,7 +616,6 @@ class Wiki extends Component {
           onMenuClick={this.onMenuClick}
           onSearchedClick={this.onSearchedClick}
           onMainNavBarClick={this.onMainNavBarClick}
-          can_edit_file={this.state.can_edit_file}
           seadoc_access_token={this.state.seadoc_access_token}
           assets_url={this.state.assets_url}
         />

diff --git a/frontend/src/pages/wiki2/main-panel.js b/frontend/src/pages/wiki2/main-panel.js
@@ -1,7 +1,7 @@
 import React, { Component, Fragment } from 'react';
 import PropTypes from 'prop-types';
 import { SdocWikiViewer } from '@seafile/sdoc-editor';
-import { gettext, repoID, siteRoot, username, isEditWiki } from '../../utils/constants';
+import { gettext, repoID, siteRoot, username, isWiki2 } from '../../utils/constants';
 import SeafileMarkdownViewer from '../../components/seafile-markdown-viewer';
 import Loading from '../../components/loading';
 import { Utils } from '../../utils/utils';
@@ -24,7 +24,6 @@ const propTypes = {
   onSearchedClick: PropTypes.func.isRequired,
   onMainNavBarClick: PropTypes.func.isRequired,
   onLinkClick: PropTypes.func.isRequired,
-  can_edit_file: PropTypes.bool,
   seadoc_access_token: PropTypes.string,
   assets_url: PropTypes.string,
 };
@@ -87,7 +86,7 @@ class MainPanel extends Component {
   };
 
   static getDerivedStateFromProps(props, state) {
-    const { can_edit_file, seadoc_access_token } = props;
+    const { seadoc_access_token } = props;
     const config = window.app.config;
     const pageOptions = window.app.pageOptions;
     const { assetsUrl, seadocServerUrl: sdocServer, } = window.wiki.config;
@@ -97,7 +96,6 @@ class MainPanel extends Component {
       ...pageOptions,
       sdocServer,
       assetsUrl: assetsUrl || props.assets_url,
-      can_edit_file,
       accessToken: seadoc_access_token,
       serviceUrl: config.serviceURL,
       assets_url: config.assetsUrl,
@@ -110,9 +108,9 @@ class MainPanel extends Component {
     const { content, permission, pathExist, isDataLoading, isViewFile } = this.props;
     const isViewingFile = pathExist && !isDataLoading && isViewFile;
     const editorContent = content && JSON.parse(content);
-    const isReadOnly = permission.indexOf('w') === -1 || !window.seafile.can_edit_file;
+    const isReadOnly = !(permission === 'rw');
     return (
-      <div className="main-panel wiki-main-panel" style={{ flex: isEditWiki ? '1 0 76%' : '1 0 80%' }}>
+      <div className="main-panel wiki-main-panel" style={{ flex: isWiki2 ? '1 0 76%' : '1 0 80%' }}>
         <div className="main-panel-hide hide">{this.props.content}</div>
         <div className={`main-panel-north panel-top ${this.props.permission === 'rw' ? 'border-left-show' : ''}`}>
           {!username &&

diff --git a/frontend/src/pages/wiki2/side-panel.js b/frontend/src/pages/wiki2/side-panel.js
@@ -1,7 +1,7 @@
 import React, { Component } from 'react';
 import PropTypes from 'prop-types';
 import deepCopy from 'deep-copy';
-import { gettext, repoID, isEditWiki } from '../../utils/constants';
+import { gettext, repoID, isWiki2 } from '../../utils/constants';
 import toaster from '../../components/toast';
 import Loading from '../../components/loading';
 // import TreeView from '../../components/tree-view/tree-view';
@@ -75,7 +75,7 @@ class SidePanel extends Component {
             onNodeExpanded={this.props.onNodeExpanded}
           />
         )} */}
-        {isEditWiki &&
+        {isWiki2 &&
           <ViewStructureFooter
             onToggleAddView={this.openAddPageDialog}
             onToggleAddFolder={this.onToggleAddFolder}
@@ -341,7 +341,7 @@ class SidePanel extends Component {
     return (
       <div className="wiki-pages-container">
         <ViewStructure
-          isEditMode={isEditWiki}
+          isEditMode={isWiki2}
           navigation={navigation}
           views={pages}
           onToggleAddView={this.openAddPageDialog}

diff --git a/frontend/src/utils/constants.js b/frontend/src/utils/constants.js
@@ -121,7 +121,7 @@ export const sharedToken = window.wiki ? window.wiki.config.sharedToken : '';
 export const sharedType = window.wiki ? window.wiki.config.sharedType : '';
 export const hasIndex = window.wiki ? window.wiki.config.hasIndex : '';
 export const assetsUrl = window.wiki ? window.wiki.config.assetsUrl : '';
-export const isEditWiki = window.wiki ? window.wiki.config.isEditWiki : false;
+export const isWiki2 = window.wiki ? window.wiki.config.isWiki2 : false;
 
 // file history
 export const PER_PAGE = 25;

diff --git a/seahub/api2/endpoints/wiki2.py b/seahub/api2/endpoints/wiki2.py
@@ -342,9 +342,7 @@ def get(self, request, wiki_id):
             error_msg = "Wiki not found."
             return api_error(status.HTTP_404_NOT_FOUND, error_msg)
 
-        parent_dir = os.path.dirname(path)
-        permission = check_folder_permission(request, wiki.repo_id, parent_dir)
-
+        permission = check_folder_permission(request, wiki.repo_id, '/')
         if not permission:
             error_msg = 'Permission denied.'
             return api_error(status.HTTP_403_FORBIDDEN, error_msg)
@@ -393,37 +391,7 @@ def get(self, request, wiki_id):
             latest_contributor, last_modified = None, 0
 
         assets_url = '/api/v2.1/seadoc/download-image/' + file_uuid
-
-        # check file lock info
-        try:
-            is_locked, locked_by_me = check_file_lock(wiki.repo_id, path, request.user.username)
-        except Exception as e:
-            logger.error(e)
-            is_locked = False
-            locked_by_me = False
-
-        locked_by_online_office = if_locked_by_online_office(wiki.repo_id, path)
-
-        can_edit_file = True
-        if parse_repo_perm(permission).can_edit_on_web is False:
-            can_edit_file = False
-        elif is_locked and not locked_by_me:
-            can_edit_file = False
-
-        if is_pro_version() and can_edit_file:
-            try:
-                if not is_locked:
-                    seafile_api.lock_file(wiki.repo_id, path, ONLINE_OFFICE_LOCK_OWNER,
-                                          int(time.time()) + 40 * 60)
-                elif locked_by_online_office:
-                    seafile_api.refresh_file_lock(wiki.repo_id, path,
-                                                  int(time.time()) + 40 * 60)
-            except Exception as e:
-                logger.error(e)
-
-        seadoc_perm = 'rw' if can_edit_file else 'r'
-        filename = os.path.basename(path)
-        seadoc_access_token = gen_seadoc_access_token(file_uuid, filename, request.user.username, permission=seadoc_perm)
+        seadoc_access_token = gen_seadoc_access_token(file_uuid, filename, request.user.username, permission=permission)
 
         return Response({
             "content": content,
@@ -432,6 +400,5 @@ def get(self, request, wiki_id):
             "permission": permission,
             "seadoc_server_url": SEADOC_SERVER_URL,
             "seadoc_access_token": seadoc_access_token,
-            "can_edit_file": can_edit_file,
             "assets_url": assets_url,
         })
diff --git a/seahub/templates/wiki/wiki_edit.html b/seahub/templates/wiki/wiki_edit.html
@@ -46,13 +46,12 @@
             repoId: "{{ wiki.repo_id }}",
             repoName: "{{ wiki.name }}",
             initial_path: "{{ file_path|escapejs }}",
-            permission: "{{ user_can_write }}",
             isDir: "{{ is_dir }}",
-            isEditWiki: true,
+            isWiki2: true,
             assetsUrl: "{{ assets_url }}",
             seadocServerUrl: "{{ seadoc_server_url }}",
             seadocAccessToken: "{{ seadoc_access_token }}",
-            canEditFile: "{{ can_edit_file }}"
+            permission: "{{ permission }}",
         }
     };
 </script>

diff --git a/seahub/wiki2/views.py b/seahub/wiki2/views.py
@@ -38,7 +38,8 @@ def wiki_view(request, wiki_id, file_path):
 
     # perm check
     req_user = request.user.username
-    if not can_edit_wiki(wiki, req_user):
+    permission = check_folder_permission(request, wiki.repo_id, '/')
+    if not permission:
         return render_permission_error(request, 'Permission denied.')
 
     is_dir = None
@@ -55,16 +56,9 @@ def wiki_view(request, wiki_id, file_path):
     last_modified = 0
     assets_url = ''
     seadoc_access_token = ''
-    can_edit_file = False
     file_type, ext = get_file_type_and_ext(posixpath.basename(file_path))
     repo = seafile_api.get_repo(wiki.repo_id)
     if is_dir is False and file_type == SEADOC:
-        parent_dir = os.path.dirname(file_path)
-
-        permission = check_folder_permission(request, wiki.repo_id, parent_dir)
-        if not permission:
-            return render_permission_error(request, 'Permission denied.')
-
         file_uuid = get_seadoc_file_uuid(repo, file_path)
         assets_url = '/api/v2.1/seadoc/download-image/' + file_uuid
         try:
@@ -74,43 +68,14 @@ def wiki_view(request, wiki_id, file_path):
         except Exception as e:
             logger.warning(e)
 
-        # check file lock info
-        try:
-            is_locked, locked_by_me = check_file_lock(wiki.repo_id, file_path, req_user)
-        except Exception as e:
-            logger.error(e)
-            is_locked = False
-            locked_by_me = False
-
-        locked_by_online_office = if_locked_by_online_office(wiki.repo_id, file_path)
-
-        can_edit_file = True
-        if parse_repo_perm(permission).can_edit_on_web is False:
-            can_edit_file = False
-        elif is_locked and not locked_by_me:
-            can_edit_file = False
-
-        if is_pro_version() and can_edit_file:
-            try:
-                if not is_locked:
-                    seafile_api.lock_file(wiki.repo_id, file_path, ONLINE_OFFICE_LOCK_OWNER,
-                                          int(time.time()) + 40 * 60)
-                elif locked_by_online_office:
-                    seafile_api.refresh_file_lock(wiki.repo_id, file_path,
-                                                  int(time.time()) + 40 * 60)
-            except Exception as e:
-                logger.error(e)
-
-        seadoc_perm = 'rw' if can_edit_file else 'r'
         filename = os.path.basename(file_path)
-        seadoc_access_token = gen_seadoc_access_token(file_uuid, filename, req_user, permission=seadoc_perm)
+        seadoc_access_token = gen_seadoc_access_token(file_uuid, filename, req_user, permission=permission)
 
     last_modified = datetime.fromtimestamp(last_modified)
 
     return render(request, "wiki/wiki_edit.html", {
         "wiki": wiki,
         "repo_name": repo.name if repo else '',
-        "user_can_write": True,
         "file_path": file_path,
         "filename": os.path.splitext(os.path.basename(file_path))[0],
         "outlines": outlines,
@@ -121,5 +86,5 @@ def wiki_view(request, wiki_id, file_path):
         "assets_url": assets_url,
         "seadoc_server_url": SEADOC_SERVER_URL,
         "seadoc_access_token": seadoc_access_token,
-        "can_edit_file": can_edit_file,
+        "permission": permission,
     })