filebrowser/filemanager.go

549 lines
14 KiB
Go
Raw Normal View History

2017-06-20 10:40:52 +00:00
package filemanager
2017-06-24 11:12:15 +00:00
import (
2017-08-20 07:42:38 +00:00
"crypto/rand"
2017-06-25 10:40:23 +00:00
"errors"
"fmt"
2017-07-08 16:51:47 +00:00
"log"
2017-06-24 11:12:15 +00:00
"net/http"
2017-07-08 16:51:47 +00:00
"os"
"os/exec"
2017-07-29 10:02:18 +00:00
"reflect"
2017-08-20 07:42:38 +00:00
"regexp"
2017-06-24 11:12:15 +00:00
"strings"
2017-08-19 11:35:44 +00:00
"time"
2017-06-24 11:12:15 +00:00
2017-08-20 07:42:38 +00:00
"golang.org/x/crypto/bcrypt"
2017-06-24 11:12:15 +00:00
rice "github.com/GeertJohan/go.rice"
2017-08-20 07:42:38 +00:00
"github.com/hacdias/fileutils"
2017-07-08 16:51:47 +00:00
"github.com/mholt/caddy"
"github.com/robfig/cron"
2017-06-24 11:12:15 +00:00
)
2017-09-03 09:41:14 +00:00
// Version is the current File Manager version.
const Version = "(untracked)"
2017-09-03 09:41:14 +00:00
2017-08-20 07:42:38 +00:00
var (
ErrExist = errors.New("the resource already exists")
ErrNotExist = errors.New("the resource does not exist")
ErrEmptyRequest = errors.New("request body is empty")
ErrEmptyPassword = errors.New("password is empty")
ErrEmptyUsername = errors.New("username is empty")
ErrEmptyScope = errors.New("scope is empty")
ErrWrongDataType = errors.New("wrong data type")
ErrInvalidUpdateField = errors.New("invalid field to update")
ErrInvalidOption = errors.New("Invalid option")
)
2017-06-25 14:24:16 +00:00
// FileManager is a file manager instance. It should be creating using the
// 'New' function and not directly.
2017-06-24 11:12:15 +00:00
type FileManager struct {
2017-08-20 08:21:36 +00:00
// Cron job to manage schedulings.
2017-08-19 11:35:44 +00:00
Cron *cron.Cron
// The key used to sign the JWT tokens.
2017-08-19 11:35:44 +00:00
Key []byte
2017-06-24 11:12:15 +00:00
// The static assets.
2017-08-19 11:35:44 +00:00
Assets *rice.Box
2017-08-20 08:21:36 +00:00
// The Store is used to manage users, shareable links and
// other stuff that is saved on the database.
Store *Store
2017-07-03 07:59:49 +00:00
// PrefixURL is a part of the URL that is already trimmed from the request URL before it
// arrives to our handlers. It may be useful when using File Manager as a middleware
// such as in caddy-filemanager plugin. It is only useful in certain situations.
2017-07-03 07:59:49 +00:00
PrefixURL string
2017-06-27 09:31:50 +00:00
2017-07-03 07:59:49 +00:00
// BaseURL is the path where the GUI will be accessible. It musn't end with
// a trailing slash and mustn't contain PrefixURL, if set. It shouldn't be
// edited directly. Use SetBaseURL.
BaseURL string
2017-06-24 11:12:15 +00:00
2017-08-02 13:10:05 +00:00
// NoAuth disables the authentication. When the authentication is disabled,
// there will only exist one user, called "admin".
NoAuth bool
// StaticGen is the static websit generator handler.
StaticGen StaticGen
2017-07-14 07:25:37 +00:00
// The Default User needed to build the New User page.
DefaultUser *User
2017-07-08 16:51:47 +00:00
// A map of events to a slice of commands.
Commands map[string][]string
2017-09-07 13:17:56 +00:00
// Global stylesheet.
CSS string
2017-08-20 08:21:36 +00:00
// NewFS should build a new file system for a given path.
NewFS FSBuilder
2017-06-24 11:12:15 +00:00
}
2017-09-07 17:27:30 +00:00
var commandEvents = []string{
"before_save",
"after_save",
"before_publish",
"after_publish",
"before_copy",
"after_copy",
"before_rename",
"after_rename",
"before_upload",
"after_upload",
"before_delete",
"after_delete",
}
2017-08-18 08:00:32 +00:00
// Command is a command function.
type Command func(r *http.Request, m *FileManager, u *User) error
2017-06-24 11:12:15 +00:00
2017-08-20 08:21:36 +00:00
// FSBuilder is the File System Builder.
type FSBuilder func(scope string) FileSystem
// Setup loads the configuration from the database and configures
// the Assets and the Cron job. It must always be run after
// creating a File Manager object.
func (m *FileManager) Setup() error {
2017-07-03 07:59:49 +00:00
// Creates a new File Manager instance with the Users
// map and Assets box.
2017-08-19 11:35:44 +00:00
m.Assets = rice.MustFindBox("./assets/dist")
m.Cron = cron.New()
2017-07-03 07:59:49 +00:00
// Tries to get the encryption key from the database.
// If it doesn't exist, create a new one of 256 bits.
2017-08-19 11:35:44 +00:00
err := m.Store.Config.Get("key", &m.Key)
if err != nil && err == ErrNotExist {
2017-07-25 08:01:29 +00:00
var bytes []byte
2017-08-19 11:35:44 +00:00
bytes, err = GenerateRandomBytes(64)
2017-07-25 08:01:29 +00:00
if err != nil {
2017-08-19 11:35:44 +00:00
return err
2017-07-25 08:01:29 +00:00
}
2017-08-19 11:35:44 +00:00
m.Key = bytes
err = m.Store.Config.Save("key", m.Key)
2017-06-25 08:11:25 +00:00
}
2017-07-03 07:59:49 +00:00
if err != nil {
2017-08-19 11:35:44 +00:00
return err
2017-07-03 07:59:49 +00:00
}
2017-09-07 13:17:56 +00:00
// Get the global CSS.
err = m.Store.Config.Get("css", &m.CSS)
if err != nil && err == ErrNotExist {
err = m.Store.Config.Save("css", "")
}
if err != nil {
return err
}
2017-07-08 17:08:11 +00:00
// Tries to get the event commands from the database.
// If they don't exist, initialize them.
2017-08-19 11:35:44 +00:00
err = m.Store.Config.Get("commands", &m.Commands)
2017-09-07 17:19:29 +00:00
if err == nil {
2017-09-07 17:27:30 +00:00
// Add hypothetically new command handlers.
for _, command := range commandEvents {
if _, ok := m.Commands[command]; ok {
continue
}
m.Commands[command] = []string{}
}
2017-09-07 17:19:29 +00:00
}
2017-08-20 08:55:45 +00:00
if err != nil && err == ErrNotExist {
2017-09-07 17:27:30 +00:00
m.Commands = map[string][]string{}
// Initialize the command handlers.
for _, command := range commandEvents {
m.Commands[command] = []string{}
2017-07-08 17:08:11 +00:00
}
2017-09-07 17:27:30 +00:00
2017-08-19 11:35:44 +00:00
err = m.Store.Config.Save("commands", m.Commands)
2017-07-08 17:08:11 +00:00
}
if err != nil {
2017-08-19 11:35:44 +00:00
return err
2017-07-08 17:08:11 +00:00
}
2017-08-19 11:35:44 +00:00
// Tries to fetch the users from the database.
2017-08-20 08:21:36 +00:00
users, err := m.Store.Users.Gets(m.NewFS)
2017-08-20 08:55:45 +00:00
if err != nil && err != ErrNotExist {
2017-08-19 11:35:44 +00:00
return err
2017-07-03 07:59:49 +00:00
}
// If there are no users in the database, it creates a new one
// based on 'base' User that must be provided by the function caller.
if len(users) == 0 {
2017-08-19 11:35:44 +00:00
u := *m.DefaultUser
2017-07-20 08:52:03 +00:00
u.Username = "admin"
2017-07-03 07:59:49 +00:00
// Hashes the password.
2017-08-19 11:35:44 +00:00
u.Password, err = HashPassword("admin")
2017-07-03 07:59:49 +00:00
if err != nil {
2017-08-19 11:35:44 +00:00
return err
2017-07-03 07:59:49 +00:00
}
2017-07-06 08:33:36 +00:00
// The first user must be an administrator.
2017-07-20 08:52:03 +00:00
u.Admin = true
u.AllowCommands = true
u.AllowNew = true
u.AllowEdit = true
2017-08-10 11:18:51 +00:00
u.AllowPublish = true
2017-07-03 07:59:49 +00:00
// Saves the user to the database.
2017-08-19 11:35:44 +00:00
if err := m.Store.Users.Save(&u); err != nil {
return err
2017-07-03 07:59:49 +00:00
}
}
2017-06-25 08:11:25 +00:00
2017-08-19 11:35:44 +00:00
m.DefaultUser.Username = ""
m.DefaultUser.Password = ""
2017-07-18 15:36:08 +00:00
2017-08-19 11:35:44 +00:00
m.Cron.AddFunc("@hourly", m.ShareCleaner)
m.Cron.Start()
2017-08-19 11:35:44 +00:00
return nil
}
2017-06-25 08:11:25 +00:00
// RootURL returns the actual URL where
// File Manager interface can be accessed.
func (m FileManager) RootURL() string {
2017-07-03 07:59:49 +00:00
return m.PrefixURL + m.BaseURL
2017-06-24 11:12:15 +00:00
}
// SetPrefixURL updates the prefixURL of a File
// Manager object.
2017-06-27 13:49:46 +00:00
func (m *FileManager) SetPrefixURL(url string) {
url = strings.TrimPrefix(url, "/")
url = strings.TrimSuffix(url, "/")
url = "/" + url
2017-07-03 07:59:49 +00:00
m.PrefixURL = strings.TrimSuffix(url, "/")
}
// SetBaseURL updates the baseURL of a File Manager
// object.
2017-06-25 08:11:25 +00:00
func (m *FileManager) SetBaseURL(url string) {
url = strings.TrimPrefix(url, "/")
url = strings.TrimSuffix(url, "/")
url = "/" + url
2017-07-03 07:59:49 +00:00
m.BaseURL = strings.TrimSuffix(url, "/")
2017-06-25 08:11:25 +00:00
}
2017-08-18 08:00:32 +00:00
// Attach attaches a static generator to the current File Manager.
func (m *FileManager) Attach(s StaticGen) error {
if reflect.TypeOf(s).Kind() != reflect.Ptr {
return errors.New("data should be a pointer to interface, not interface")
}
2017-08-18 08:00:32 +00:00
err := s.Setup()
if err != nil {
return err
}
2017-08-18 08:00:32 +00:00
m.StaticGen = s
2017-08-10 11:18:51 +00:00
2017-08-19 11:35:44 +00:00
err = m.Store.Config.Get("staticgen_"+s.Name(), s)
if err == ErrNotExist {
return m.Store.Config.Save("staticgen_"+s.Name(), s)
2017-08-10 11:18:51 +00:00
}
2017-08-19 11:35:44 +00:00
return err
}
2017-08-19 11:35:44 +00:00
// ShareCleaner removes sharing links that are no longer active.
// This function is set to run periodically.
2017-08-19 11:35:44 +00:00
func (m FileManager) ShareCleaner() {
// Get all links.
2017-08-19 11:35:44 +00:00
links, err := m.Store.Share.Gets()
if err != nil {
log.Print(err)
return
}
// Find the expired ones.
for i := range links {
if links[i].Expires && links[i].ExpireDate.Before(time.Now()) {
2017-08-19 11:35:44 +00:00
err = m.Store.Share.Delete(links[i].Hash)
if err != nil {
log.Print(err)
}
}
}
2017-08-19 11:35:44 +00:00
}
2017-07-08 16:51:47 +00:00
2017-07-08 17:08:11 +00:00
// Runner runs the commands for a certain event type.
func (m FileManager) Runner(event string, path string, destination string, user *User) error {
2017-07-12 14:28:35 +00:00
commands := []string{}
// Get the commands from the File Manager instance itself.
if val, ok := m.Commands[event]; ok {
commands = append(commands, val...)
}
// Execute the commands.
for _, command := range commands {
2017-07-08 16:51:47 +00:00
args := strings.Split(command, " ")
nonblock := false
if len(args) > 1 && args[len(args)-1] == "&" {
// Run command in background; non-blocking
nonblock = true
args = args[:len(args)-1]
}
command, args, err := caddy.SplitCommandAndArgs(strings.Join(args, " "))
if err != nil {
return err
}
cmd := exec.Command(command, args...)
cmd.Env = append(os.Environ(), fmt.Sprintf("FILE=%s", path))
cmd.Env = append(cmd.Env, fmt.Sprintf("ROOT=%s", string(user.Scope)))
cmd.Env = append(cmd.Env, fmt.Sprintf("TRIGGER=%s", event))
cmd.Env = append(cmd.Env, fmt.Sprintf("USERNAME=%s", user.Username))
if destination != "" {
cmd.Env = append(cmd.Env, fmt.Sprintf("DESTINATION=%s", destination))
}
2017-07-08 16:51:47 +00:00
cmd.Stdin = os.Stdin
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
if nonblock {
log.Printf("[INFO] Nonblocking Command:\"%s %s\"", command, strings.Join(args, " "))
if err := cmd.Start(); err != nil {
return err
}
continue
}
log.Printf("[INFO] Blocking Command:\"%s %s\"", command, strings.Join(args, " "))
if err := cmd.Run(); err != nil {
return err
}
}
return nil
}
2017-08-20 07:42:38 +00:00
// DefaultUser is used on New, when no 'base' user is provided.
var DefaultUser = User{
AllowCommands: true,
AllowEdit: true,
AllowNew: true,
AllowPublish: true,
2017-08-24 13:44:53 +00:00
LockPassword: false,
2017-08-20 07:42:38 +00:00
Commands: []string{},
Rules: []*Rule{},
CSS: "",
Admin: true,
Locale: "en",
2017-08-20 08:31:24 +00:00
Scope: ".",
2017-08-20 07:42:38 +00:00
FileSystem: fileutils.Dir("."),
2017-09-07 09:29:19 +00:00
ViewMode: "mosaic",
2017-08-20 07:42:38 +00:00
}
// User contains the configuration for each user.
type User struct {
// ID is the required primary key with auto increment0
ID int `storm:"id,increment"`
// Username is the user username used to login.
Username string `json:"username" storm:"index,unique"`
// The hashed password. This never reaches the front-end because it's temporarily
// emptied during JSON marshall.
Password string `json:"password"`
// Tells if this user is an admin.
Admin bool `json:"admin"`
2017-08-20 08:21:36 +00:00
// Scope is the path the user has access to.
Scope string `json:"filesystem"`
2017-08-20 07:42:38 +00:00
// FileSystem is the virtual file system the user has access.
2017-08-20 08:21:36 +00:00
FileSystem FileSystem `json:"-"`
2017-08-20 07:42:38 +00:00
// Rules is an array of access and deny rules.
Rules []*Rule `json:"rules"`
// Custom styles for this user.
CSS string `json:"css"`
// Locale is the language of the user.
Locale string `json:"locale"`
2017-08-24 13:44:53 +00:00
// Prevents the user to change its password.
LockPassword bool `json:"lockPassword"`
2017-08-20 07:42:38 +00:00
// These indicate if the user can perform certain actions.
AllowNew bool `json:"allowNew"` // Create files and folders
AllowEdit bool `json:"allowEdit"` // Edit/rename files
AllowCommands bool `json:"allowCommands"` // Execute commands
AllowPublish bool `json:"allowPublish"` // Publish content (to use with static gen)
// Commands is the list of commands the user can execute.
Commands []string `json:"commands"`
2017-09-07 09:29:19 +00:00
// User view mode for files and folders.
ViewMode string `json:"viewMode"`
2017-08-20 07:42:38 +00:00
}
// Allowed checks if the user has permission to access a directory/file.
func (u User) Allowed(url string) bool {
var rule *Rule
i := len(u.Rules) - 1
for i >= 0 {
rule = u.Rules[i]
if rule.Regex {
if rule.Regexp.MatchString(url) {
return rule.Allow
}
} else if strings.HasPrefix(url, rule.Path) {
return rule.Allow
}
i--
}
return true
}
// Rule is a dissalow/allow rule.
type Rule struct {
// Regex indicates if this rule uses Regular Expressions or not.
Regex bool `json:"regex"`
// Allow indicates if this is an allow rule. Set 'false' to be a disallow rule.
Allow bool `json:"allow"`
// Path is the corresponding URL path for this rule.
Path string `json:"path"`
// Regexp is the regular expression. Only use this when 'Regex' was set to true.
Regexp *Regexp `json:"regexp"`
}
// Regexp is a regular expression wrapper around native regexp.
type Regexp struct {
Raw string `json:"raw"`
regexp *regexp.Regexp
}
// MatchString checks if this string matches the regular expression.
func (r *Regexp) MatchString(s string) bool {
if r.regexp == nil {
r.regexp = regexp.MustCompile(r.Raw)
}
return r.regexp.MatchString(s)
}
// ShareLink is the information needed to build a shareable link.
type ShareLink struct {
Hash string `json:"hash" storm:"id,index"`
Path string `json:"path" storm:"index"`
Expires bool `json:"expires"`
ExpireDate time.Time `json:"expireDate"`
}
// Store is a collection of the stores needed to get
// and save information.
type Store struct {
Users UsersStore
Config ConfigStore
Share ShareStore
}
// UsersStore is the interface to manage users.
type UsersStore interface {
2017-08-20 08:21:36 +00:00
Get(id int, builder FSBuilder) (*User, error)
2017-08-20 08:55:45 +00:00
GetByUsername(username string, builder FSBuilder) (*User, error)
2017-08-20 08:21:36 +00:00
Gets(builder FSBuilder) ([]*User, error)
2017-08-20 07:42:38 +00:00
Save(u *User) error
Update(u *User, fields ...string) error
Delete(id int) error
}
// ConfigStore is the interface to manage configuration.
type ConfigStore interface {
Get(name string, to interface{}) error
Save(name string, from interface{}) error
}
// ShareStore is the interface to manage share links.
type ShareStore interface {
Get(hash string) (*ShareLink, error)
2017-08-20 07:49:09 +00:00
GetPermanent(path string) (*ShareLink, error)
2017-08-20 07:42:38 +00:00
GetByPath(path string) ([]*ShareLink, error)
Gets() ([]*ShareLink, error)
Save(s *ShareLink) error
Delete(hash string) error
}
// StaticGen is a static website generator.
type StaticGen interface {
SettingsPath() string
Name() string
Setup() error
Hook(c *Context, w http.ResponseWriter, r *http.Request) (int, error)
Preview(c *Context, w http.ResponseWriter, r *http.Request) (int, error)
Publish(c *Context, w http.ResponseWriter, r *http.Request) (int, error)
}
2017-08-20 08:21:36 +00:00
// FileSystem is the interface to work with the file system.
type FileSystem interface {
Mkdir(name string, perm os.FileMode) error
OpenFile(name string, flag int, perm os.FileMode) (*os.File, error)
RemoveAll(name string) error
Rename(oldName, newName string) error
Stat(name string) (os.FileInfo, error)
Copy(src, dst string) error
}
2017-08-20 07:42:38 +00:00
// Context contains the needed information to make handlers work.
type Context struct {
*FileManager
User *User
File *File
// On API handlers, Router is the APi handler we want.
Router string
}
// HashPassword generates an hash from a password using bcrypt.
func HashPassword(password string) (string, error) {
bytes, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
return string(bytes), err
}
// CheckPasswordHash compares a password with an hash to check if they match.
func CheckPasswordHash(password, hash string) bool {
err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
return err == nil
}
// GenerateRandomBytes returns securely generated random bytes.
// It will return an fm.Error if the system's secure random
// number generator fails to function correctly, in which
// case the caller should not continue.
func GenerateRandomBytes(n int) ([]byte, error) {
b := make([]byte, n)
_, err := rand.Read(b)
// Note that err == nil only if we read len(b) bytes.
if err != nil {
return nil, err
}
return b, nil
}