From 58512dd17d7be0dcbd77e90e97d6259783d11fb4 Mon Sep 17 00:00:00 2001 From: Ranjiwei <32759763+r350178982@users.noreply.github.com> Date: Mon, 24 Jun 2024 17:20:24 +0800 Subject: [PATCH] update (#6253) --- seahub/api2/endpoints/custom_share_permissions.py | 6 ------ seahub/api2/endpoints/dir_shared_items.py | 3 --- seahub/api2/endpoints/shared_folders.py | 3 --- seahub/api2/endpoints/shared_repos.py | 3 --- 4 files changed, 15 deletions(-) diff --git a/seahub/api2/endpoints/custom_share_permissions.py b/seahub/api2/endpoints/custom_share_permissions.py index 66cff48d659..dedcf47093b 100644 --- a/seahub/api2/endpoints/custom_share_permissions.py +++ b/seahub/api2/endpoints/custom_share_permissions.py @@ -29,9 +29,6 @@ def get(self, request, repo_id): """List custom share permissions """ # permission check - if not request.user.permissions.can_share_repo(): - return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') - if not check_folder_permission(request, repo_id, '/'): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) @@ -104,9 +101,6 @@ def get(self, request, repo_id, permission_id): """get a custom share permission """ # permission check - if not request.user.permissions.can_share_repo(): - return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') - if not check_folder_permission(request, repo_id, '/'): error_msg = 'Permission denied.' return api_error(status.HTTP_403_FORBIDDEN, error_msg) diff --git a/seahub/api2/endpoints/dir_shared_items.py b/seahub/api2/endpoints/dir_shared_items.py index 79bfbc863dc..e69e951a47e 100644 --- a/seahub/api2/endpoints/dir_shared_items.py +++ b/seahub/api2/endpoints/dir_shared_items.py @@ -202,9 +202,6 @@ def has_shared_to_group(self, request, repo_id, path, group_id): def get(self, request, repo_id, format=None): """List shared items(shared to users/groups) for a folder/library. """ - if not request.user.permissions.can_share_repo(): - return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') - repo = seafile_api.get_repo(repo_id) if not repo: return api_error(status.HTTP_404_NOT_FOUND, 'Library %s not found.' % repo_id) diff --git a/seahub/api2/endpoints/shared_folders.py b/seahub/api2/endpoints/shared_folders.py index 8e84372f10c..40d637ebe50 100644 --- a/seahub/api2/endpoints/shared_folders.py +++ b/seahub/api2/endpoints/shared_folders.py @@ -33,9 +33,6 @@ def get(self, request, format=None): Permission checking: 1. all authenticated user can perform this action. """ - if not request.user.permissions.can_share_repo(): - return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') - shared_repos = [] username = request.user.username diff --git a/seahub/api2/endpoints/shared_repos.py b/seahub/api2/endpoints/shared_repos.py index 7b91c21ced1..918af74b023 100644 --- a/seahub/api2/endpoints/shared_repos.py +++ b/seahub/api2/endpoints/shared_repos.py @@ -38,9 +38,6 @@ def get(self, request, format=None): Permission checking: 1. all authenticated user can perform this action. """ - if not request.user.permissions.can_share_repo(): - return api_error(status.HTTP_403_FORBIDDEN, 'Permission denied.') - shared_repos = [] username = request.user.username try: