fix: rename global scope as root and fix root md

License: MIT
Signed-off-by: Henrique Dias <hacdias@gmail.com>
pull/615/head
Henrique Dias 2019-01-07 20:34:44 +00:00
parent 01ff03e426
commit 33a58c999a
11 changed files with 26 additions and 29 deletions

View File

@ -3,12 +3,11 @@ package auth
import (
"net/http"
"github.com/filebrowser/filebrowser/v2/settings"
"github.com/filebrowser/filebrowser/v2/users"
)
// Auther is the authentication interface.
type Auther interface {
// Auth is called to authenticate a request.
Auth(*http.Request, *users.Storage, *settings.Settings) (*users.User, error)
Auth(r *http.Request, s *users.Storage, root string) (*users.User, error)
}

View File

@ -26,7 +26,7 @@ type JSONAuth struct {
}
// Auth authenticates the user via a json in content body.
func (a *JSONAuth) Auth(r *http.Request, sto *users.Storage, set *settings.Settings) (*users.User, error) {
func (a *JSONAuth) Auth(r *http.Request, sto *users.Storage, root string) (*users.User, error) {
var cred jsonCred
if r.Body == nil {
@ -51,7 +51,7 @@ func (a *JSONAuth) Auth(r *http.Request, sto *users.Storage, set *settings.Setti
}
}
u, err := sto.Get(set.Scope, cred.Username)
u, err := sto.Get(root, cred.Username)
if err != nil || !users.CheckPwd(cred.Password, u.Password) {
return nil, os.ErrPermission
}

View File

@ -11,10 +11,9 @@ import (
const MethodNoAuth settings.AuthMethod = "noauth"
// NoAuth is no auth implementation of auther.
type NoAuth struct {
}
type NoAuth struct{}
// Auth uses authenticates user 1.
func (a *NoAuth) Auth(r *http.Request, sto *users.Storage, set *settings.Settings) (*users.User, error) {
return sto.Get(set.Scope, 1)
func (a *NoAuth) Auth(r *http.Request, sto *users.Storage, root string) (*users.User, error) {
return sto.Get(root, 1)
}

View File

@ -18,9 +18,9 @@ type ProxyAuth struct {
}
// Auth authenticates the user via an HTTP header.
func (a *ProxyAuth) Auth(r *http.Request, sto *users.Storage, set *settings.Settings) (*users.User, error) {
func (a *ProxyAuth) Auth(r *http.Request, sto *users.Storage, root string) (*users.User, error) {
username := r.Header.Get(a.Header)
user, err := sto.Get(set.Scope, username)
user, err := sto.Get(root, username)
if err == errors.ErrNotExist {
return nil, os.ErrPermission
}

View File

@ -39,7 +39,7 @@ func init() {
vaddP(f, "port", "p", 8080, "port to listen on")
vaddP(f, "cert", "t", "", "tls certificate")
vaddP(f, "key", "k", "", "tls key")
vaddP(f, "scope", "s", ".", "scope to prepend to a user's scope when it is relative")
vaddP(f, "root", "r", ".", "root to prepend to relative paths")
vaddP(f, "baseurl", "b", "", "base url")
vadd(f, "username", "admin", "username for the first user when using quick config")
vadd(f, "password", "", "hashed password for the first user when using quick config (default \"admin\")")
@ -115,9 +115,9 @@ user created with the credentials from options "username" and "password".`,
address := v.GetString("address")
cert := v.GetString("cert")
key := v.GetString("key")
scope := v.GetString("scope")
root := v.GetString("root")
scope, err := filepath.Abs(scope)
root, err := filepath.Abs(root)
checkErr(err)
settings, err := d.store.Settings.Get()
checkErr(err)
@ -127,7 +127,7 @@ user created with the credentials from options "username" and "password".`,
// they are needed during the execution and not only
// to start up the server.
settings.BaseURL = v.GetString("baseurl")
settings.Scope = scope
settings.Root = root
err = d.store.Settings.Save(settings)
checkErr(err)
@ -151,7 +151,7 @@ user created with the credentials from options "username" and "password".`,
if err := http.Serve(listener, handler); err != nil {
log.Fatal(err)
}
}, pythonConfig{noDB: true}),
}, pythonConfig{allowNoDB: true}),
}
func quickSetup(d pythonData) {

View File

@ -21,19 +21,17 @@ var usersUpdateCmd = &cobra.Command{
options you want to change.`,
Args: cobra.ExactArgs(1),
Run: python(func(cmd *cobra.Command, args []string, d pythonData) {
set, err := d.store.Settings.Get()
checkErr(err)
username, id := parseUsernameOrID(args[0])
password := mustGetString(cmd, "password")
newUsername := mustGetString(cmd, "username")
var err error
var user *users.User
if id != 0 {
user, err = d.store.Users.Get(set.Scope, id)
user, err = d.store.Users.Get("", id)
} else {
user, err = d.store.Users.Get(set.Scope, username)
user, err = d.store.Users.Get("", username)
}
checkErr(err)

View File

@ -73,7 +73,8 @@ type cobraFunc func(cmd *cobra.Command, args []string)
type pythonFunc func(cmd *cobra.Command, args []string, data pythonData)
type pythonConfig struct {
noDB bool
noDB bool
allowNoDB bool
}
type pythonData struct {
@ -91,7 +92,7 @@ func python(fn pythonFunc, cfg pythonConfig) cobraFunc {
if os.IsNotExist(err) {
data.hadDB = false
if !cfg.noDB {
if !cfg.noDB || !cfg.allowNoDB {
log.Fatal(path + " does not exid.store. Please run 'filebrowser config init' fird.store.")
}
} else if err != nil {

View File

@ -67,7 +67,7 @@ func withUser(fn handleFunc) handleFunc {
w.Header().Add("X-Renew-Token", "true")
}
d.user, err = d.store.Users.Get(d.settings.Scope, tk.User.ID)
d.user, err = d.store.Users.Get(d.settings.Root, tk.User.ID)
if err != nil {
return http.StatusInternalServerError, err
}
@ -91,7 +91,7 @@ var loginHandler = func(w http.ResponseWriter, r *http.Request, d *data) (int, e
return http.StatusInternalServerError, err
}
user, err := auther.Auth(r, d.store.Users, d.Settings)
user, err := auther.Auth(r, d.store.Users, d.Settings.Root)
if err == os.ErrPermission {
return http.StatusForbidden, nil
} else if err != nil {

View File

@ -13,7 +13,7 @@ var withHashFile = func(fn handleFunc) handleFunc {
return errToStatus(err), err
}
user, err := d.store.Users.Get(d.settings.Scope, link.UserID)
user, err := d.store.Users.Get(d.settings.Root, link.UserID)
if err != nil {
return errToStatus(err), err
}

View File

@ -61,7 +61,7 @@ func withSelfOrAdmin(fn handleFunc) handleFunc {
}
var usersGetHandler = withAdmin(func(w http.ResponseWriter, r *http.Request, d *data) (int, error) {
users, err := d.store.Users.Gets(d.settings.Scope)
users, err := d.store.Users.Gets(d.settings.Root)
if err != nil {
return http.StatusInternalServerError, err
}
@ -78,7 +78,7 @@ var usersGetHandler = withAdmin(func(w http.ResponseWriter, r *http.Request, d *
})
var userGetHandler = withSelfOrAdmin(func(w http.ResponseWriter, r *http.Request, d *data) (int, error) {
u, err := d.store.Users.Get(d.settings.Scope, d.raw.(uint))
u, err := d.store.Users.Get(d.settings.Root, d.raw.(uint))
if err == errors.ErrNotExist {
return http.StatusNotFound, err
}
@ -147,7 +147,7 @@ var userPutHandler = withSelfOrAdmin(func(w http.ResponseWriter, r *http.Request
req.Data.Password, err = users.HashPwd(req.Data.Password)
} else {
var suser *users.User
suser, err = d.store.Users.Get(d.settings.Scope, d.raw.(uint))
suser, err = d.store.Users.Get(d.settings.Root, d.raw.(uint))
req.Data.Password = suser.Password
}

View File

@ -9,7 +9,7 @@ type AuthMethod string
type Settings struct {
Key []byte `json:"key"`
BaseURL string `json:"baseURL"`
Scope string `json:"scope"`
Root string `json:"root"`
Signup bool `json:"signup"`
Defaults UserDefaults `json:"defaults"`
AuthMethod AuthMethod `json:"authMethod"`