Updates on auth and db

Former-commit-id: cdcfc50a4a7274482826520644019d54c37a7753 [formerly 376d2422063755c75d5b5c8e21bf8617ca3a9baf] [formerly ea860508c1603296e0439a583ca0573609be3511 [formerly 6312c60b2e]] Former-commit-id: d64b8b836568b150853288a69f870662e92db1e0 [formerly b85b1a09bbf87c1b5f2af07659121ef51a74f05e] Former-commit-id: ee164251a6143567da3f970e347ede0d6de1d350
2025-11-26 14:25:26 +08:00 · 2017-07-03 08:59:49 +01:00
parent 15f997faf0
commit f247a5560f
10 changed files with 303 additions and 272 deletions
--- a/filemanager.go
+++ b/filemanager.go
@@ -7,6 +7,7 @@ import (
 	"strings"

 	rice "github.com/GeertJohan/go.rice"
+	"github.com/asdine/storm"
 	"golang.org/x/net/webdav"
 )

@@ -18,26 +19,22 @@ var (
 // FileManager is a file manager instance. It should be creating using the
 // 'New' function and not directly.
 type FileManager struct {
-	*User
+	db  *storm.DB
+	key []byte

-	// prefixURL is a part of the URL that is already trimmed from the request URL before it
+	// PrefixURL is a part of the URL that is already trimmed from the request URL before it
 	// arrives to our handlers. It may be useful when using File Manager as a middleware
 	// such as in caddy-filemanager plugin. It is only useful in certain situations.
-	prefixURL string
+	PrefixURL string

-	// baseURL is the path where the GUI will be accessible. It musn't end with
-	// a trailing slash and mustn't contain prefixURL, if set.
-	baseURL string
+	// BaseURL is the path where the GUI will be accessible. It musn't end with
+	// a trailing slash and mustn't contain PrefixURL, if set. It shouldn't be
+	// edited directly. Use SetBaseURL.
+	BaseURL string

 	// Users is a map with the different configurations for each user.
 	Users map[string]*User

-	// BeforeSave is a function that is called before saving a file.
-	BeforeSave Command
-
-	// AfterSave is a function that is called before saving a file.
-	AfterSave Command
-
 	assets *rice.Box
 }

@@ -47,17 +44,24 @@ type Command func(r *http.Request, m *FileManager, u *User) error
 // User contains the configuration for each user. It should be created
 // using NewUser on a File Manager instance.
 type User struct {
-	// Scope is the physical path the user has access to.
-	Scope string
+	// ID is the required primary key with auto increment0
+	ID int `storm:"id,increment"`

-	// fileSystem is the virtual file system the user has access.
-	fileSystem webdav.FileSystem
+	// Username is the user username used to login.
+	Username string `json:"username" storm:"index,unique"`
+
+	// The hashed password. This never reaches the front-end because it's temporarily
+	// emptied during JSON marshall.
+	Password string `json:"password"`
+
+	// FileSystem is the virtual file system the user has access.
+	FileSystem webdav.Dir `json:"filesystem"`

 	// Rules is an array of access and deny rules.
-	Rules []*Rule `json:"-"`
+	Rules []*Rule `json:"rules"`

-	// TODO: this MUST be done in another way
-	StyleSheet string `json:"-"`
+	// Costum styles for this user.
+	CSS string `json:"css"`

 	// These indicate if the user can perform certain actions.
 	AllowNew      bool `json:"allowNew"`      // Create files and folders
@@ -80,42 +84,101 @@ type Rule struct {
 	Path string

 	// Regexp is the regular expression. Only use this when 'Regex' was set to true.
-	Regexp *regexp.Regexp
+	Regexp *Regexp
 }

-// New creates a new File Manager instance with the needed
-// configuration to work.
-func New(scope string) *FileManager {
+// Regexp is a regular expression wrapper around native regexp.
+type Regexp struct {
+	Raw    string
+	regexp *regexp.Regexp
+}
+
+// DefaultUser is used on New, when no 'base' user is provided.
+var DefaultUser = User{
+	Username:      "admin",
+	Password:      "admin",
+	AllowCommands: true,
+	AllowEdit:     true,
+	AllowNew:      true,
+	Commands:      []string{},
+	Rules:         []*Rule{},
+	CSS:           "",
+	FileSystem:    webdav.Dir("."),
+}
+
+// New creates a new File Manager instance. If 'database' file already
+// exists, it will load the users from there. Otherwise, a new user
+// will be created using the 'base' variable. The 'base' User should
+// not have the Password field hashed.
+// TODO: should it ask for a baseURL on New????
+func New(database string, base User) (*FileManager, error) {
+	// Creates a new File Manager instance with the Users
+	// map and Assets box.
 	m := &FileManager{
-		User: &User{
-			AllowCommands: true,
-			AllowEdit:     true,
-			AllowNew:      true,
-			Commands:      []string{},
-			Rules:         []*Rule{},
-		},
-		Users:      map[string]*User{},
-		BeforeSave: func(r *http.Request, m *FileManager, u *User) error { return nil },
-		AfterSave:  func(r *http.Request, m *FileManager, u *User) error { return nil },
-		assets:     rice.MustFindBox("./_assets/dist"),
+		Users:  map[string]*User{},
+		assets: rice.MustFindBox("./_assets/dist"),
 	}

-	m.SetScope(scope, "")
-	m.SetBaseURL("/")
+	// Tries to open a database on the location provided. This
+	// function will automatically create a new one if it doesn't
+	// exist.
+	db, err := storm.Open(database)
+	if err != nil {
+		return nil, err
+	}

-	return m
+	// Tries to get the encryption key from the database.
+	// If it doesn't exist, create a new one of 256 bits.
+	err = db.Get("config", "key", &m.key)
+	if err != nil && err == storm.ErrNotFound {
+		m.key = []byte(randomString(64))
+		err = db.Set("config", "key", m.key)
+	}
+
+	if err != nil {
+		return nil, err
+	}
+
+	// Tries to fetch the users from the database and if there are
+	// any, add them to the current File Manager instance.
+	var users []User
+	err = db.All(&users)
+	if err != nil {
+		return nil, err
+	}
+
+	for i := range users {
+		m.Users[users[i].Username] = &users[i]
+	}
+
+	// If there are no users in the database, it creates a new one
+	// based on 'base' User that must be provided by the function caller.
+	if len(users) == 0 {
+		// Hashes the password.
+		pw, err := hashPassword(base.Password)
+		if err != nil {
+			return nil, err
+		}
+
+		base.Password = pw
+
+		// Saves the user to the database.
+		if err := db.Save(&base); err != nil {
+			return nil, err
+		}
+
+		m.Users[base.Username] = &base
+	}
+
+	// Attaches db to this File Manager instance.
+	m.db = db
+	return m, nil
 }

 // RootURL returns the actual URL where
 // File Manager interface can be accessed.
 func (m FileManager) RootURL() string {
-	return m.prefixURL + m.baseURL
-}
-
-// WebDavURL returns the actual URL
-// where WebDAV can be accessed.
-func (m FileManager) WebDavURL() string {
-	return m.prefixURL + m.baseURL + "/api/webdav"
+	return m.PrefixURL + m.BaseURL
 }

 // SetPrefixURL updates the prefixURL of a File
@@ -124,7 +187,7 @@ func (m *FileManager) SetPrefixURL(url string) {
 	url = strings.TrimPrefix(url, "/")
 	url = strings.TrimSuffix(url, "/")
 	url = "/" + url
-	m.prefixURL = strings.TrimSuffix(url, "/")
+	m.PrefixURL = strings.TrimSuffix(url, "/")
 }

 // SetBaseURL updates the baseURL of a File Manager
@@ -133,48 +196,7 @@ func (m *FileManager) SetBaseURL(url string) {
 	url = strings.TrimPrefix(url, "/")
 	url = strings.TrimSuffix(url, "/")
 	url = "/" + url
-	m.baseURL = strings.TrimSuffix(url, "/")
-}
-
-// SetScope updates a user scope and its virtual file system.
-// If the user string is blank, it will change the base scope.
-func (m *FileManager) SetScope(scope string, username string) error {
-	var u *User
-
-	if username == "" {
-		u = m.User
-	} else {
-		var ok bool
-		u, ok = m.Users[username]
-		if !ok {
-			return errors.New("Inexistent user")
-		}
-	}
-
-	u.Scope = strings.TrimSuffix(scope, "/")
-	u.fileSystem = webdav.Dir(u.Scope)
-
-	return nil
-}
-
-// NewUser creates a new user on a File Manager struct
-// which inherits its configuration from the main user.
-func (m *FileManager) NewUser(username string) error {
-	if _, ok := m.Users[username]; ok {
-		return ErrDuplicated
-	}
-
-	m.Users[username] = &User{
-		fileSystem:    m.User.fileSystem,
-		Scope:         m.User.Scope,
-		Rules:         m.User.Rules,
-		AllowNew:      m.User.AllowNew,
-		AllowEdit:     m.User.AllowEdit,
-		AllowCommands: m.User.AllowCommands,
-		Commands:      m.User.Commands,
-	}
-
-	return nil
+	m.BaseURL = strings.TrimSuffix(url, "/")
 }

 // ServeHTTP determines if the request is for this plugin, and if all prerequisites are met.
@@ -208,3 +230,19 @@ func (u User) Allowed(url string) bool {

 	return true
 }
+
+// SetScope updates a user scope and its virtual file system.
+// If the user string is blank, it will change the base scope.
+func (u *User) SetScope(scope string) {
+	scope = strings.TrimSuffix(scope, "/")
+	u.FileSystem = webdav.Dir(scope)
+}
+
+// MatchString checks if this string matches the regular expression.
+func (r *Regexp) MatchString(s string) bool {
+	if r.regexp == nil {
+		r.regexp = regexp.MustCompile(r.Raw)
+	}
+
+	return r.regexp.MatchString(s)
+}