upload is now webdav
							parent
							
								
									ccc539c592
								
							
						
					
					
						commit
						0a755ec954
					
				|  | @ -299,27 +299,25 @@ var renameEvent = function(event) { | ||||||
| var handleFiles = function(files) { | var handleFiles = function(files) { | ||||||
|     let button = document.getElementById("upload"); |     let button = document.getElementById("upload"); | ||||||
|     let html = button.changeToLoading(); |     let html = button.changeToLoading(); | ||||||
|     let data = new FormData(); |  | ||||||
| 
 | 
 | ||||||
|     for (let i = 0; i < files.length; i++) { |     for (let i = 0; i < files.length; i++) { | ||||||
|         data.append(files[i].name, files[i]); |         let request = new XMLHttpRequest(); | ||||||
|     } |         request.open('PUT', toWebDavURL(window.location.pathname + files[i].name)); | ||||||
|  |         request.setRequestHeader('Token', token); | ||||||
|  |         request.send(files[i]); | ||||||
|  |         request.onreadystatechange = function() { | ||||||
|  |             if (request.readyState == 4) { | ||||||
|  |                 if (request.status == 201) { | ||||||
|  |                     reloadListing(); | ||||||
|  |                 } | ||||||
| 
 | 
 | ||||||
|     let request = new XMLHttpRequest(); |                 button.changeToDone((request.status != 201), html); | ||||||
|     request.open('POST', window.location.pathname); |  | ||||||
|     request.setRequestHeader("Upload", "true"); |  | ||||||
|     request.setRequestHeader('Token', token); |  | ||||||
|     request.send(data); |  | ||||||
|     request.onreadystatechange = function() { |  | ||||||
|         if (request.readyState == 4) { |  | ||||||
|             if (request.status == 200) { |  | ||||||
|                 reloadListing(); |  | ||||||
|             } |             } | ||||||
| 
 |  | ||||||
|             button.changeToDone((request.status != 200), html); |  | ||||||
|         } |         } | ||||||
|     } |     } | ||||||
| 
 | 
 | ||||||
|  | 
 | ||||||
|  | 
 | ||||||
|     return false; |     return false; | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
|  |  | ||||||
|  | @ -8,12 +8,8 @@ | ||||||
| package filemanager | package filemanager | ||||||
| 
 | 
 | ||||||
| import ( | import ( | ||||||
| 	e "errors" | 	"fmt" | ||||||
| 	"io" |  | ||||||
| 	"log" |  | ||||||
| 	"mime/multipart" |  | ||||||
| 	"net/http" | 	"net/http" | ||||||
| 	"os" |  | ||||||
| 	"os/exec" | 	"os/exec" | ||||||
| 	"path/filepath" | 	"path/filepath" | ||||||
| 	"strings" | 	"strings" | ||||||
|  | @ -58,7 +54,7 @@ func (f FileManager) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, err | ||||||
| 
 | 
 | ||||||
| 			// TODO: make allow and block rules relative to baseurl and webdav
 | 			// TODO: make allow and block rules relative to baseurl and webdav
 | ||||||
| 			// Checks if the user has permission to access the current directory.
 | 			// Checks if the user has permission to access the current directory.
 | ||||||
| 			if !user.Allowed(r.URL.Path) { | 			/*if !user.Allowed(r.URL.Path) { | ||||||
| 				if r.Method == http.MethodGet { | 				if r.Method == http.MethodGet { | ||||||
| 					return errors.PrintHTML(w, http.StatusForbidden, e.New("You don't have permission to access this page.")) | 					return errors.PrintHTML(w, http.StatusForbidden, e.New("You don't have permission to access this page.")) | ||||||
| 				} | 				} | ||||||
|  | @ -66,14 +62,17 @@ func (f FileManager) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, err | ||||||
| 				return http.StatusForbidden, nil | 				return http.StatusForbidden, nil | ||||||
| 			} | 			} | ||||||
| 
 | 
 | ||||||
|  | 			// TODO: How to exclude web dav clients? :/
 | ||||||
| 			// Security measures against CSRF attacks.
 | 			// Security measures against CSRF attacks.
 | ||||||
| 			if r.Method != http.MethodGet { | 			if r.Method != http.MethodGet { | ||||||
| 				if !c.CheckToken(r) { | 				if !c.CheckToken(r) { | ||||||
| 					return http.StatusForbidden, nil | 					return http.StatusForbidden, nil | ||||||
| 				} | 				} | ||||||
| 			} | 			} */ | ||||||
| 
 | 
 | ||||||
| 			if strings.HasPrefix(r.URL.Path, c.WebDavURL) { | 			if strings.HasPrefix(r.URL.Path, c.WebDavURL) { | ||||||
|  | 				fmt.Println("e") | ||||||
|  | 
 | ||||||
| 				switch r.Method { | 				switch r.Method { | ||||||
| 				case "PROPPATCH", "MOVE", "PATCH", "PUT", "DELETE": | 				case "PROPPATCH", "MOVE", "PATCH", "PUT", "DELETE": | ||||||
| 					if !user.AllowEdit { | 					if !user.AllowEdit { | ||||||
|  | @ -144,19 +143,11 @@ func (f FileManager) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, err | ||||||
| 			} | 			} | ||||||
| 
 | 
 | ||||||
| 			if r.Method == http.MethodPost { | 			if r.Method == http.MethodPost { | ||||||
| 				// Upload a new file.
 | 				/* TODO: search commands. USE PROPFIND? | ||||||
| 				if r.Header.Get("Upload") == "true" { |  | ||||||
| 					if !user.AllowNew { |  | ||||||
| 						return http.StatusUnauthorized, nil |  | ||||||
| 					} |  | ||||||
| 
 |  | ||||||
| 					return upload(w, r, c) |  | ||||||
| 				} |  | ||||||
| 
 |  | ||||||
| 				// Search and git commands.
 | 				// Search and git commands.
 | ||||||
| 				if r.Header.Get("Search") == "true" { | 				if r.Header.Get("Search") == "true" { | ||||||
| 					// TODO: search commands. USE PROPFIND?
 | 
 | ||||||
| 				} | 				} */ | ||||||
| 
 | 
 | ||||||
| 				// VCS commands.
 | 				// VCS commands.
 | ||||||
| 				if r.Header.Get("Command") != "" { | 				if r.Header.Get("Command") != "" { | ||||||
|  | @ -175,50 +166,6 @@ func (f FileManager) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, err | ||||||
| 	return f.Next.ServeHTTP(w, r) | 	return f.Next.ServeHTTP(w, r) | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| // upload is used to handle the upload requests to the server
 |  | ||||||
| func upload(w http.ResponseWriter, r *http.Request, c *config.Config) (int, error) { |  | ||||||
| 	// Parse the multipart form in the request
 |  | ||||||
| 	err := r.ParseMultipartForm(100000) |  | ||||||
| 	if err != nil { |  | ||||||
| 		log.Println(err) |  | ||||||
| 		return http.StatusInternalServerError, err |  | ||||||
| 	} |  | ||||||
| 
 |  | ||||||
| 	// For each file header in the multipart form
 |  | ||||||
| 	for _, headers := range r.MultipartForm.File { |  | ||||||
| 		// Handle each file
 |  | ||||||
| 		for _, header := range headers { |  | ||||||
| 			// Open the first file
 |  | ||||||
| 			var src multipart.File |  | ||||||
| 			if src, err = header.Open(); nil != err { |  | ||||||
| 				return http.StatusInternalServerError, err |  | ||||||
| 			} |  | ||||||
| 
 |  | ||||||
| 			filename := strings.Replace(r.URL.Path, c.BaseURL, c.PathScope, 1) |  | ||||||
| 			filename = filename + header.Filename |  | ||||||
| 			filename = filepath.Clean(filename) |  | ||||||
| 
 |  | ||||||
| 			// Create the file
 |  | ||||||
| 			var dst *os.File |  | ||||||
| 			if dst, err = os.Create(filename); nil != err { |  | ||||||
| 				if os.IsExist(err) { |  | ||||||
| 					return http.StatusConflict, err |  | ||||||
| 				} |  | ||||||
| 				return http.StatusInternalServerError, err |  | ||||||
| 			} |  | ||||||
| 
 |  | ||||||
| 			// Copy the file content
 |  | ||||||
| 			if _, err = io.Copy(dst, src); nil != err { |  | ||||||
| 				return http.StatusInternalServerError, err |  | ||||||
| 			} |  | ||||||
| 
 |  | ||||||
| 			defer dst.Close() |  | ||||||
| 		} |  | ||||||
| 	} |  | ||||||
| 
 |  | ||||||
| 	return http.StatusOK, nil |  | ||||||
| } |  | ||||||
| 
 |  | ||||||
| // command handles the requests for VCS related commands: git, svn and mercurial
 | // command handles the requests for VCS related commands: git, svn and mercurial
 | ||||||
| func command(w http.ResponseWriter, r *http.Request, c *config.Config, u *config.User) (int, error) { | func command(w http.ResponseWriter, r *http.Request, c *config.Config, u *config.User) (int, error) { | ||||||
| 	command := strings.Split(r.Header.Get("command"), " ") | 	command := strings.Split(r.Header.Get("command"), " ") | ||||||
|  |  | ||||||
		Loading…
	
		Reference in New Issue
	
	 Henrique Dias
						Henrique Dias