filebrowser/api.go

322 lines
7.5 KiB
Go
Raw Normal View History

2017-07-02 16:40:52 +00:00
package filemanager
import (
"context"
"fmt"
"io"
"net/http"
"net/url"
2017-07-02 16:40:52 +00:00
"os"
"strings"
)
func cleanURL(path string) (string, string) {
if path == "" {
return "", ""
}
path = strings.TrimPrefix(path, "/")
i := strings.Index(path, "/")
if i == -1 {
return "", path
}
return path[0:i], path[i:len(path)]
}
func serveAPI(c *requestContext, w http.ResponseWriter, r *http.Request) (int, error) {
2017-07-03 07:59:49 +00:00
if r.URL.Path == "/auth/get" {
return authHandler(c, w, r)
2017-07-02 16:40:52 +00:00
}
2017-07-03 07:59:49 +00:00
if r.URL.Path == "/auth/renew" {
return renewAuthHandler(c, w, r)
}
valid, _ := validateAuth(c, r)
2017-07-02 16:40:52 +00:00
if !valid {
return http.StatusForbidden, nil
}
var router string
router, r.URL.Path = cleanURL(r.URL.Path)
if !c.us.Allowed(r.URL.Path) {
return http.StatusForbidden, nil
}
if router == "checksum" || router == "download" {
var err error
c.fi, err = getInfo(r.URL, c.fm, c.us)
if err != nil {
return errorToHTTP(err, false), err
}
}
switch router {
case "download":
return downloadHandler(c, w, r)
case "checksum":
return checksumHandler(c, w, r)
case "command":
return command(c, w, r)
case "search":
return search(c, w, r)
case "resource":
return resourceHandler(c, w, r)
}
return http.StatusNotFound, nil
}
func resourceHandler(c *requestContext, w http.ResponseWriter, r *http.Request) (int, error) {
switch r.Method {
case http.MethodGet:
return getHandler(c, w, r)
case http.MethodDelete:
return deleteHandler(c, w, r)
case http.MethodPut:
2017-07-04 20:02:46 +00:00
return postPutHandler(c, w, r)
case http.MethodPatch:
return patchHandler(c, w, r)
2017-07-02 16:40:52 +00:00
case http.MethodPost:
2017-07-04 20:02:46 +00:00
return postPutHandler(c, w, r)
2017-07-02 16:40:52 +00:00
}
/* // Execute beforeSave if it is a PUT request.
if r.Method == http.MethodPut {
if err := c.fm.BeforeSave(r, c.fm, c.us); err != nil {
return http.StatusInternalServerError, err
}
}
// Execute afterSave if it is a PUT request.
if r.Method == http.MethodPut {
if err := c.fm.AfterSave(r, c.fm, c.us); err != nil {
return http.StatusInternalServerError, err
}
} */
return http.StatusNotImplemented, nil
}
func getHandler(c *requestContext, w http.ResponseWriter, r *http.Request) (int, error) {
// Obtains the information of the directory/file.
f, err := getInfo(r.URL, c.fm, c.us)
if err != nil {
return errorToHTTP(err, false), err
}
// If it's a dir and the path doesn't end with a trailing slash,
// redirect the user.
if f.IsDir && !strings.HasSuffix(r.URL.Path, "/") {
r.URL.Path = r.URL.Path + "/"
}
// If it is a dir, go and serve the listing.
if f.IsDir {
c.fi = f
return listingHandler(c, w, r)
}
// Tries to get the file type.
if err = f.RetrieveFileType(); err != nil {
return errorToHTTP(err, true), err
}
// If it can't be edited or the user isn't allowed to,
// serve it as a listing, with a preview of the file.
if !f.CanBeEdited() || !c.us.AllowEdit {
f.Kind = "preview"
} else {
// Otherwise, we just bring the editor in!
f.Kind = "editor"
err = f.getEditor()
if err != nil {
return http.StatusInternalServerError, err
}
}
return renderJSON(w, f)
}
func listingHandler(c *requestContext, w http.ResponseWriter, r *http.Request) (int, error) {
f := c.fi
f.Kind = "listing"
err := f.getListing(c, r)
if err != nil {
return errorToHTTP(err, true), err
}
listing := f.listing
cookieScope := c.fm.RootURL()
if cookieScope == "" {
cookieScope = "/"
}
// Copy the query values into the Listing struct
listing.Sort, listing.Order, err = handleSortOrder(w, r, cookieScope)
if err != nil {
return http.StatusBadRequest, err
}
listing.ApplySort()
listing.Display = displayMode(w, r, cookieScope)
return renderJSON(w, f)
}
func deleteHandler(c *requestContext, w http.ResponseWriter, r *http.Request) (int, error) {
// Prevent the removal of the root directory.
if r.URL.Path == "/" {
return http.StatusForbidden, nil
}
// Remove the file or folder.
2017-07-03 07:59:49 +00:00
err := c.us.FileSystem.RemoveAll(context.TODO(), r.URL.Path)
2017-07-02 16:40:52 +00:00
if err != nil {
return errorToHTTP(err, true), err
}
return http.StatusOK, nil
}
2017-07-04 20:02:46 +00:00
func postPutHandler(c *requestContext, w http.ResponseWriter, r *http.Request) (int, error) {
// Checks if the current request is for a directory and not a file.
2017-07-02 16:40:52 +00:00
if strings.HasSuffix(r.URL.Path, "/") {
2017-07-04 20:02:46 +00:00
// If the method is PUT, we return 405 Method not Allowed, because
// POST should be used instead.
if r.Method == http.MethodPut {
return http.StatusMethodNotAllowed, nil
}
// Otherwise we try to create the directory.
2017-07-03 07:59:49 +00:00
err := c.us.FileSystem.Mkdir(context.TODO(), r.URL.Path, 0666)
2017-07-02 16:40:52 +00:00
return errorToHTTP(err, false), err
}
2017-07-04 20:02:46 +00:00
// If using POST method, we are trying to create a new file so it is not
// desirable to override an already existent file. Thus, we check
// if the file already exists. If so, we just return a 409 Conflict.
if r.Method == http.MethodPost {
if _, err := c.us.FileSystem.Stat(context.TODO(), r.URL.Path); err == nil {
return http.StatusConflict, nil
}
}
// Create/Open the file.
2017-07-03 07:59:49 +00:00
f, err := c.us.FileSystem.OpenFile(context.TODO(), r.URL.Path, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0666)
2017-07-02 16:40:52 +00:00
defer f.Close()
if err != nil {
return errorToHTTP(err, false), err
}
2017-07-04 20:02:46 +00:00
// Copies the new content for the file.
2017-07-02 16:40:52 +00:00
_, err = io.Copy(f, r.Body)
if err != nil {
return errorToHTTP(err, false), err
}
2017-07-04 20:02:46 +00:00
// Gets the info about the file.
2017-07-02 16:40:52 +00:00
fi, err := f.Stat()
if err != nil {
return errorToHTTP(err, false), err
}
2017-07-04 20:02:46 +00:00
// Writes the ETag Header.
2017-07-02 16:40:52 +00:00
etag := fmt.Sprintf(`"%x%x"`, fi.ModTime().UnixNano(), fi.Size())
w.Header().Set("ETag", etag)
return http.StatusOK, nil
}
2017-07-04 20:02:46 +00:00
func patchHandler(c *requestContext, w http.ResponseWriter, r *http.Request) (int, error) {
2017-07-02 17:16:02 +00:00
dst := r.Header.Get("Destination")
dst, err := url.QueryUnescape(dst)
if err != nil {
return errorToHTTP(err, true), err
}
2017-07-02 17:16:02 +00:00
src := r.URL.Path
2017-07-03 07:59:49 +00:00
if dst == "/" || src == "/" {
return http.StatusForbidden, nil
}
err = c.us.FileSystem.Rename(context.TODO(), src, dst)
2017-07-02 17:16:02 +00:00
return errorToHTTP(err, true), err
}
2017-07-02 16:40:52 +00:00
// displayMode obtaisn the display mode from URL, or from the
// cookie.
func displayMode(w http.ResponseWriter, r *http.Request, scope string) string {
displayMode := r.URL.Query().Get("display")
if displayMode == "" {
if displayCookie, err := r.Cookie("display"); err == nil {
displayMode = displayCookie.Value
}
}
if displayMode == "" || (displayMode != "mosaic" && displayMode != "list") {
displayMode = "mosaic"
}
http.SetCookie(w, &http.Cookie{
Name: "display",
Value: displayMode,
MaxAge: 31536000,
Path: scope,
Secure: r.TLS != nil,
})
return displayMode
}
// handleSortOrder gets and stores for a Listing the 'sort' and 'order',
// and reads 'limit' if given. The latter is 0 if not given. Sets cookies.
func handleSortOrder(w http.ResponseWriter, r *http.Request, scope string) (sort string, order string, err error) {
sort = r.URL.Query().Get("sort")
order = r.URL.Query().Get("order")
// If the query 'sort' or 'order' is empty, use defaults or any values
// previously saved in Cookies.
switch sort {
case "":
sort = "name"
if sortCookie, sortErr := r.Cookie("sort"); sortErr == nil {
sort = sortCookie.Value
}
2017-07-03 17:49:08 +00:00
case "name", "size":
2017-07-02 16:40:52 +00:00
http.SetCookie(w, &http.Cookie{
Name: "sort",
Value: sort,
MaxAge: 31536000,
Path: scope,
Secure: r.TLS != nil,
})
}
switch order {
case "":
order = "asc"
if orderCookie, orderErr := r.Cookie("order"); orderErr == nil {
order = orderCookie.Value
}
case "asc", "desc":
http.SetCookie(w, &http.Cookie{
Name: "order",
Value: order,
MaxAge: 31536000,
Path: scope,
Secure: r.TLS != nil,
})
}
return
}