update

2016-10-18 17:56:35 +01:00 · 2016-10-18 17:56:35 +01:00 · 22e0ad0831
parent 0a755ec954
commit 22e0ad0831
5 changed files with 81 additions and 86 deletions
--- a/assets/embed/public/js/application.js
+++ b/assets/embed/public/js/application.js
@ -1,5 +1,7 @@
 'use strict';

+// TODO: way to get the webdav url
+
 var tempID = "_fm_internal_temporary_id"
 var selectedItems = [];
 var token = "";
@ -316,8 +318,6 @@ var handleFiles = function(files) {
        }
    }

-
-
    return false;
 }

--- a/directory/editor.go
+++ b/directory/editor.go
@ -42,23 +42,26 @@ func (i *Info) GetEditor() (*Editor, error) {
 	// Handle the content depending on the file extension
 	switch editor.Mode {
 	case "markdown", "asciidoc", "rst":
-		if HasFrontMatterRune(i.Raw) {
-			// Starts a new buffer and parses the file using Hugo's functions
-			buffer := bytes.NewBuffer(i.Raw)
-			page, err = parser.ReadFrom(buffer)
-			if err != nil {
-				return editor, err
-			}
-
-			// Parses the page content and the frontmatter
-			editor.Content = strings.TrimSpace(string(page.Content()))
-			editor.FrontMatter, _, err = frontmatter.Pretty(page.FrontMatter())
-			editor.Class = "complete"
-		} else {
-			// The editor will handle only content
+		if !HasFrontMatterRune(i.Raw) {
 			editor.Class = "content-only"
 			editor.Content = i.Content
+			break
 		}
+
+		// Starts a new buffer and parses the file using Hugo's functions
+		buffer := bytes.NewBuffer(i.Raw)
+		page, err = parser.ReadFrom(buffer)
+		editor.Class = "complete"
+
+		if err != nil {
+			editor.Class = "content-only"
+			editor.Content = i.Content
+			break
+		}
+
+		// Parses the page content and the frontmatter
+		editor.Content = strings.TrimSpace(string(page.Content()))
+		editor.FrontMatter, _, err = frontmatter.Pretty(page.FrontMatter())
 	case "json", "toml", "yaml":
 		// Defines the class and declares an error
 		editor.Class = "frontmatter-only"
@ -72,13 +75,15 @@ func (i *Info) GetEditor() (*Editor, error) {

 		// Check if there were any errors
 		if err != nil {
-			return editor, err
+			editor.Class = "content-only"
+			editor.Content = i.Content
+			break
 		}
 	default:
-		// The editor will handle only content
 		editor.Class = "content-only"
 		editor.Content = i.Content
 	}
+
 	return editor, nil
 }

--- a/directory/file.go
+++ b/directory/file.go
@ -145,8 +145,6 @@ func (i *Info) serveSingleFile(w http.ResponseWriter, r *http.Request, c *config
 		}

 		page.Info.Data = editor
-
-		// TODO: if serve Single File finds an error while parsing, show the raw content to edit instead of giving 500
 		return page.PrintAsHTML(w, "frontmatter", "editor")
 	}

--- a/directory/update.go
+++ b/directory/update.go
@ -16,54 +16,45 @@ import (

 // Update is used to update a file that was edited
 func (i *Info) Update(w http.ResponseWriter, r *http.Request, c *config.Config, u *config.User) (int, error) {
-	// TODO: review this
+	var (
+		data      map[string]interface{}
+		file      []byte
+		code      int
+		err       error
+		kind      string
+		rawBuffer = new(bytes.Buffer)
+	)

-	var data map[string]interface{}
-	kind := r.Header.Get("kind")
-
-	var file []byte
-	var code int
-
-	rawBuffer := new(bytes.Buffer)
+	kind = r.Header.Get("kind")
 	rawBuffer.ReadFrom(r.Body)

-	if kind == "" {
-		file = rawBuffer.Bytes()
-	} else {
-		err := json.Unmarshal(rawBuffer.Bytes(), &data)
+	if kind != "" {
+		err = json.Unmarshal(rawBuffer.Bytes(), &data)

 		if err != nil {
 			return http.StatusInternalServerError, err
 		}
-
-		switch kind {
-		case "frontmatter-only":
-			if file, code, err = ParseFrontMatterOnlyFile(data, i.Name); err != nil {
-				return http.StatusInternalServerError, err
-			}
-		case "content-only":
-			mainContent := data["content"].(string)
-			mainContent = strings.TrimSpace(mainContent)
-			file = []byte(mainContent)
-		case "complete":
-			if file, code, err = ParseCompleteFile(data, i.Name, u.FrontMatter); err != nil {
-				return http.StatusInternalServerError, err
-			}
-		default:
-			return http.StatusBadRequest, nil
-		}
 	}

-	// Overwrite the Body
+	switch kind {
+	case "frontmatter-only":
+		if file, code, err = ParseFrontMatterOnlyFile(data, i.Name); err != nil {
+			return http.StatusInternalServerError, err
+		}
+	case "content-only":
+		mainContent := data["content"].(string)
+		mainContent = strings.TrimSpace(mainContent)
+		file = []byte(mainContent)
+	case "complete":
+		if file, code, err = ParseCompleteFile(data, i.Name, u.FrontMatter); err != nil {
+			return http.StatusInternalServerError, err
+		}
+	default:
+		file = rawBuffer.Bytes()
+	}
+
+	// Overwrite the request Body
 	r.Body = ioutil.NopCloser(bytes.NewReader(file))
-
-	// Write the file
-	// err = ioutil.WriteFile(i.Path, file, 0666)
-
-	//if err != nil {
-	//return http.StatusInternalServerError, err
-	//	}
-
 	return code, nil
 }

--- a/filemanager.go
+++ b/filemanager.go
@ -8,7 +8,7 @@
 package filemanager

 import (
-	"fmt"
+	e "errors"
 	"net/http"
 	"os/exec"
 	"path/filepath"
@ -32,18 +32,21 @@ type FileManager struct {
 // ServeHTTP determines if the request is for this plugin, and if all prerequisites are met.
 func (f FileManager) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, error) {
 	var (
-		c           *config.Config
-		fi          *directory.Info
-		code        int
-		err         error
-		serveAssets bool
-		user        *config.User
+		c    *config.Config
+		fi   *directory.Info
+		code int
+		err  error
+		user *config.User
 	)

 	for i := range f.Configs {
 		if httpserver.Path(r.URL.Path).Matches(f.Configs[i].BaseURL) {
 			c = &f.Configs[i]
-			serveAssets = httpserver.Path(r.URL.Path).Matches(c.BaseURL + assets.BaseURL)
+
+			if r.Method == http.MethodGet && httpserver.Path(r.URL.Path).Matches(c.BaseURL+assets.BaseURL) {
+				return assets.Serve(w, r, c)
+			}
+
 			username, _, _ := r.BasicAuth()

 			if _, ok := c.Users[username]; ok {
@ -52,26 +55,10 @@ func (f FileManager) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, err
 				user = c.User
 			}

-			// TODO: make allow and block rules relative to baseurl and webdav
-			// Checks if the user has permission to access the current directory.
-			/*if !user.Allowed(r.URL.Path) {
-				if r.Method == http.MethodGet {
-					return errors.PrintHTML(w, http.StatusForbidden, e.New("You don't have permission to access this page."))
-				}
-
-				return http.StatusForbidden, nil
-			}
-
-			// TODO: How to exclude web dav clients? :/
-			// Security measures against CSRF attacks.
-			if r.Method != http.MethodGet {
-				if !c.CheckToken(r) {
+			if strings.HasPrefix(r.URL.Path, c.WebDavURL) {
+				if !user.Allowed(strings.TrimPrefix(r.URL.Path, c.WebDavURL)) {
 					return http.StatusForbidden, nil
 				}
-			} */
-
-			if strings.HasPrefix(r.URL.Path, c.WebDavURL) {
-				fmt.Println("e")

 				switch r.Method {
 				case "PROPPATCH", "MOVE", "PATCH", "PUT", "DELETE":
@ -95,8 +82,16 @@ func (f FileManager) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, err
 				return 0, nil
 			}

-			if r.Method == http.MethodGet && serveAssets {
-				return assets.Serve(w, r, c)
+			if !user.Allowed(strings.TrimPrefix(r.URL.Path, c.BaseURL)) {
+				if r.Method == http.MethodGet {
+					return errors.PrintHTML(
+						w,
+						http.StatusForbidden,
+						e.New("You don't have permission to access this page."),
+					)
+				}
+
+				return http.StatusForbidden, nil
 			}

 			if r.Method == http.MethodGet {
@ -143,6 +138,12 @@ func (f FileManager) ServeHTTP(w http.ResponseWriter, r *http.Request) (int, err
 			}

 			if r.Method == http.MethodPost {
+				// TODO: How to exclude web dav clients? :/
+				// Security measures against CSRF attacks.
+				if !c.CheckToken(r) {
+					return http.StatusForbidden, nil
+				}
+
 				/* TODO: search commands. USE PROPFIND?
 				// Search and git commands.
 				if r.Header.Get("Search") == "true" {