mirror of https://github.com/cloudreve/Cloudreve
133 lines
3.0 KiB
Go
133 lines
3.0 KiB
Go
package middleware
|
|
|
|
import (
|
|
"fmt"
|
|
model "github.com/HFO4/cloudreve/models"
|
|
"github.com/HFO4/cloudreve/pkg/serializer"
|
|
"github.com/HFO4/cloudreve/pkg/util"
|
|
"github.com/gin-gonic/gin"
|
|
)
|
|
|
|
// ShareOwner 检查当前登录用户是否为分享所有者
|
|
func ShareOwner() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
var user *model.User
|
|
if userCtx, ok := c.Get("user"); ok {
|
|
user = userCtx.(*model.User)
|
|
} else {
|
|
c.JSON(200, serializer.Err(serializer.CodeCheckLogin, "请先登录", nil))
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
if share, ok := c.Get("share"); ok {
|
|
if share.(*model.Share).Creator().ID != user.ID {
|
|
c.JSON(200, serializer.Err(serializer.CodeNotFound, "分享不存在", nil))
|
|
c.Abort()
|
|
return
|
|
}
|
|
}
|
|
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
// ShareAvailable 检查分享是否可用
|
|
func ShareAvailable() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
var user *model.User
|
|
if userCtx, ok := c.Get("user"); ok {
|
|
user = userCtx.(*model.User)
|
|
} else {
|
|
user = model.NewAnonymousUser()
|
|
}
|
|
|
|
share := model.GetShareByHashID(c.Param("id"))
|
|
|
|
if share == nil || !share.IsAvailable() {
|
|
c.JSON(200, serializer.Err(serializer.CodeNotFound, "分享不存在或已失效", nil))
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
c.Set("user", user)
|
|
c.Set("share", share)
|
|
c.Next()
|
|
}
|
|
}
|
|
|
|
// ShareCanPreview 检查分享是否可被预览
|
|
func ShareCanPreview() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
if share, ok := c.Get("share"); ok {
|
|
if share.(*model.Share).PreviewEnabled {
|
|
c.Next()
|
|
return
|
|
}
|
|
c.JSON(200, serializer.Err(serializer.CodeNoPermissionErr, "此分享无法预览",
|
|
nil))
|
|
c.Abort()
|
|
return
|
|
}
|
|
c.Abort()
|
|
}
|
|
}
|
|
|
|
// CheckShareUnlocked 检查分享是否已解锁
|
|
func CheckShareUnlocked() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
if shareCtx, ok := c.Get("share"); ok {
|
|
share := shareCtx.(*model.Share)
|
|
// 分享是否已解锁
|
|
if share.Password != "" {
|
|
sessionKey := fmt.Sprintf("share_unlock_%d", share.ID)
|
|
unlocked := util.GetSession(c, sessionKey) != nil
|
|
if !unlocked {
|
|
c.JSON(200, serializer.Err(serializer.CodeNoPermissionErr,
|
|
"无权访问此分享", nil))
|
|
c.Abort()
|
|
return
|
|
}
|
|
}
|
|
|
|
c.Next()
|
|
return
|
|
}
|
|
c.Abort()
|
|
}
|
|
}
|
|
|
|
// BeforeShareDownload 分享被下载前的检查
|
|
func BeforeShareDownload() gin.HandlerFunc {
|
|
return func(c *gin.Context) {
|
|
if shareCtx, ok := c.Get("share"); ok {
|
|
if userCtx, ok := c.Get("user"); ok {
|
|
share := shareCtx.(*model.Share)
|
|
user := userCtx.(*model.User)
|
|
|
|
// 检查用户是否可以下载此分享的文件
|
|
err := share.CanBeDownloadBy(user)
|
|
if err != nil {
|
|
c.JSON(200, serializer.Err(serializer.CodeNoPermissionErr, err.Error(),
|
|
nil))
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
// 对积分、下载次数进行更新
|
|
err = share.DownloadBy(user, c)
|
|
if err != nil {
|
|
c.JSON(200, serializer.Err(serializer.CodeNoPermissionErr, err.Error(),
|
|
nil))
|
|
c.Abort()
|
|
return
|
|
}
|
|
|
|
c.Next()
|
|
return
|
|
}
|
|
}
|
|
c.Abort()
|
|
}
|
|
}
|