feat(webdav): option to disable system file uploads (#2871)

pull/2892/head
Aaron Liu 2025-09-12 14:04:51 +08:00
parent fe7cf5d0d8
commit a581851f84
4 changed files with 23 additions and 10 deletions

2
assets

@ -1 +1 @@
Subproject commit e53eb86a326475487eec2dd831307b6fe71f57ae
Subproject commit dcf21d5eb9fbb635e81ab3c13b44e1233db5cac9

View File

@ -257,6 +257,7 @@ func FileTypeFromString(s string) FileType {
const (
DavAccountReadOnly DavAccountOption = iota
DavAccountProxy
DavAccountDisableSysFiles
)
const (

View File

@ -9,6 +9,12 @@ import (
"context"
"errors"
"fmt"
"net/http"
"net/url"
"path"
"strings"
"time"
"github.com/cloudreve/Cloudreve/v4/application/dependency"
"github.com/cloudreve/Cloudreve/v4/ent"
"github.com/cloudreve/Cloudreve/v4/inventory"
@ -26,11 +32,6 @@ import (
"github.com/gin-gonic/gin"
"github.com/samber/lo"
"golang.org/x/tools/container/intsets"
"net/http"
"net/url"
"path"
"strings"
"time"
)
const (
@ -228,6 +229,12 @@ func handlePut(c *gin.Context, user *ent.User, fm manager.FileManager) (status i
return purposeStatusCodeFromError(err), err
}
if user.Edges.DavAccounts[0].Options.Enabled(int(types.DavAccountDisableSysFiles)) {
if strings.HasPrefix(reqPath.Name(), ".") {
return http.StatusMethodNotAllowed, nil
}
}
release, ls, status, err := confirmLock(c, fm, user, ancestor, nil, uri, nil)
if err != nil {
return status, err

View File

@ -86,10 +86,11 @@ func (service *ListDavAccountsService) List(c *gin.Context) (*ListDavAccountResp
type (
CreateDavAccountService struct {
Uri string `json:"uri" binding:"required"`
Name string `json:"name" binding:"required,min=1,max=255"`
Readonly bool `json:"readonly"`
Proxy bool `json:"proxy"`
Uri string `json:"uri" binding:"required"`
Name string `json:"name" binding:"required,min=1,max=255"`
Readonly bool `json:"readonly"`
Proxy bool `json:"proxy"`
DisableSysFiles bool `json:"disable_sys_files"`
}
CreateDavAccountParamCtx struct{}
)
@ -173,6 +174,10 @@ func (service *CreateDavAccountService) validateAndGetBs(user *ent.User) (*bools
boolset.Set(types.DavAccountReadOnly, true, &bs)
}
if service.DisableSysFiles {
boolset.Set(types.DavAccountDisableSysFiles, true, &bs)
}
if service.Proxy && user.Edges.Group.Permissions.Enabled(int(types.GroupPermissionWebDAVProxy)) {
boolset.Set(types.DavAccountProxy, true, &bs)
}