B: Fix renaming folders in user location

rsconcept/backend/apps/library/tests/s_views/t_library.py

@@ -183,39 +183,58 @@ class TestLibraryViewset(EndpointTester):
 
     @decl_endpoint('/api/library/rename-location', method='patch')
     def test_rename_location(self):
-        self.owned.location = '/U/temp'
+        self.owned.location = '/S/temp'
         self.owned.save()
-        self.unowned.location = '/U/temp'
+        self.unowned.location = '/S/temp'
         self.unowned.save()
         owned2 = LibraryItem.objects.create(
             title='Test3',
             alias='T3',
             owner=self.user,
-            location='/U/temp/123'
+            location='/S/temp/123'
         )
 
+        data = {
+            'target': '/S/temp',
+            'new_location': '/S/temp2'
+        }
+
+        self.executeBadData(data={})
+        self.executeBadData(data={'target:': '/S/temp'})
+        self.executeBadData(data={'new_location:': '/S/temp'})
+        self.executeBadData(data={'target:': 'invalid', 'new_location': '/S/temp'})
+        self.executeBadData(data={'target:': '/S/temp', 'new_location': 'invalid'})
+        self.executeOK(data=data)
+        self.owned.refresh_from_db()
+        self.unowned.refresh_from_db()
+        owned2.refresh_from_db()
+        self.assertEqual(self.owned.location, '/S/temp2')
+        self.assertEqual(self.unowned.location, '/S/temp')
+        self.assertEqual(owned2.location, '/S/temp2/123')
+
+        self.toggle_admin(True)
+        self.executeOK(data=data)
+        self.unowned.refresh_from_db()
+        self.assertEqual(self.unowned.location, '/S/temp2')
+
+    @decl_endpoint('/api/library/rename-location', method='patch')
+    def test_rename_location_user(self):
+        self.owned.location = '/U/temp'
+        self.owned.save()
+        self.unowned.location = '/U/temp'
+        self.unowned.save()
+
         data = {
             'target': '/U/temp',
             'new_location': '/U/temp2'
         }
 
-        self.executeBadData(data={})
-        self.executeBadData(data={'target:': '/U/temp'})
-        self.executeBadData(data={'new_location:': '/U/temp'})
-        self.executeBadData(data={'target:': 'invalid', 'new_location': '/U/temp'})
-        self.executeBadData(data={'target:': '/U/temp', 'new_location': 'invalid'})
+        self.toggle_admin(True)
         self.executeOK(data=data)
         self.owned.refresh_from_db()
         self.unowned.refresh_from_db()
-        owned2.refresh_from_db()
         self.assertEqual(self.owned.location, '/U/temp2')
         self.assertEqual(self.unowned.location, '/U/temp')
-        self.assertEqual(owned2.location, '/U/temp2/123')
-
-        self.toggle_admin(True)
-        self.executeOK(data=data)
-        self.unowned.refresh_from_db()
-        self.assertEqual(self.unowned.location, '/U/temp2')
 
     @decl_endpoint('/api/library/{item}/set-editors', method='patch')
     def test_set_editors(self):

rsconcept/backend/apps/library/views/library.py

@@ -115,13 +115,15 @@ class LibraryViewSet(viewsets.ModelViewSet):
         if new_location.startswith(m.LocationHead.LIBRARY) and not self.request.user.is_staff:
             return Response(status=c.HTTP_403_FORBIDDEN)
 
+        user_involved = new_location.startswith(m.LocationHead.USER) or target.startswith(m.LocationHead.USER)
+
         with transaction.atomic():
             changed: list[m.LibraryItem] = []
             items = m.LibraryItem.objects \
                 .filter(Q(location=target) | Q(location__startswith=f'{target}/')) \
                 .only('location', 'owner_id')
             for item in items:
-                if item.owner_id == self.request.user.pk or self.request.user.is_staff:
+                if item.owner_id == self.request.user.pk or (self.request.user.is_staff and not user_involved):
                     item.location = item.location.replace(target, new_location)
                     changed.append(item)
             if changed: