nicoeri/filebrowser
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: commands websocket working again

Browse Source 
License: MIT
Signed-off-by: Henrique Dias <hacdias@gmail.com>
This commit is contained in:
Henrique Dias 2019-01-01 12:36:52 +00:00
parent a3bd1a62c4
commit 02fb011d25
4 changed files with 64 additions and 81 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
frontend

@ -1 +1 @@
Subproject commit 44658d2a43fefebde554b4adeddfc6ae7e996373 Subproject commit 9e6f265152bc184f1404d8a62d90deb41fd87ce1

12
http/http.go
View File

@ -6,7 +6,9 @@ import (
"net/http" "net/http"
"strconv" "strconv"
"sync" "sync"
"time"
"github.com/gorilla/websocket"
"github.com/filebrowser/filebrowser/types" "github.com/filebrowser/filebrowser/types"
"github.com/gorilla/mux" "github.com/gorilla/mux"
) )
@ -65,7 +67,7 @@ func Handler(e *Env) http.Handler {
api.HandleFunc("/settings", e.auth(e.settingsPutHandler)).Methods("PUT") api.HandleFunc("/settings", e.auth(e.settingsPutHandler)).Methods("PUT")
api.PathPrefix("/raw").HandlerFunc(e.auth(e.rawHandler)).Methods("GET") api.PathPrefix("/raw").HandlerFunc(e.auth(e.rawHandler)).Methods("GET")
api.PathPrefix("/commands").HandlerFunc(e.auth(e.commandsHandler)) api.PathPrefix("/command").HandlerFunc(e.auth(e.commandsHandler))
api.PathPrefix("/search").HandlerFunc(e.auth(e.searchHandler)) api.PathPrefix("/search").HandlerFunc(e.auth(e.searchHandler))
return r return r
@ -79,6 +81,14 @@ func httpErr(w http.ResponseWriter, r *http.Request, status int, err error) {
http.Error(w, strconv.Itoa(status)+" "+txt, status) http.Error(w, strconv.Itoa(status)+" "+txt, status)
} }
func wsErr(ws *websocket.Conn, r *http.Request, status int, err error) {
txt := http.StatusText(status)
if err != nil || status >= 400 {
log.Printf("%s: %v %s %v", r.URL.Path, status, r.RemoteAddr, err)
}
ws.WriteControl(websocket.CloseInternalServerErr, []byte(txt), time.Now().Add(10*time.Second))
}
func renderJSON(w http.ResponseWriter, r *http.Request, data interface{}) { func renderJSON(w http.ResponseWriter, r *http.Request, data interface{}) {
marsh, err := json.Marshal(data) marsh, err := json.Marshal(data)
if err != nil { if err != nil {

115
http/websockets.go
View File

@ -1,12 +1,16 @@
package http package http
import ( import (
"bufio"
"encoding/json" "encoding/json"
"io"
"net/http" "net/http"
"os" "os"
"os/exec"
"strings" "strings"
"github.com/filebrowser/filebrowser/search" "github.com/filebrowser/filebrowser/search"
"github.com/spf13/afero"
"github.com/gorilla/websocket" "github.com/gorilla/websocket"
) )
@ -16,14 +20,13 @@ var upgrader = websocket.Upgrader{
WriteBufferSize: 1024, WriteBufferSize: 1024,
} }
/*
var ( var (
cmdNotImplemented = []byte("Command not implemented.") cmdNotImplemented = []byte("Command not implemented.")
cmdNotAllowed = []byte("Command not allowed.") cmdNotAllowed = []byte("Command not allowed.")
) */ )
func (e *Env) commandsHandler(w http.ResponseWriter, r *http.Request) { func (e *Env) commandsHandler(w http.ResponseWriter, r *http.Request) {
/* user, ok := e.getUser(w, r) user, ok := e.getUser(w, r)
if !ok { if !ok {
return return
} }
@ -35,114 +38,68 @@ func (e *Env) commandsHandler(w http.ResponseWriter, r *http.Request) {
} }
defer conn.Close() defer conn.Close()
var ( var command []string
message []byte
command []string
)
// Starts an infinite loop until a valid command is captured.
for { for {
_, message, err = conn.ReadMessage() _, msg, err := conn.ReadMessage()
if err != nil { if err != nil {
httpErr(w, r, http.StatusInternalServerError, err) wsErr(conn, r, http.StatusInternalServerError, err)
return return
} }
command = strings.Split(string(message), " ") command = strings.Split(string(msg), " ")
if len(command) != 0 { if len(command) != 0 {
break break
} }
} }
allowed := false if !user.CanExecute(command[0]) {
err := conn.WriteMessage(websocket.TextMessage, cmdNotAllowed)
for _, cmd := range user.Commands {
if regexp.MustCompile(cmd).MatchString(command[0]) {
allowed = true
break
}
}
if !allowed {
err = conn.WriteMessage(websocket.TextMessage, cmdNotAllowed)
if err != nil { if err != nil {
httpErr(w, r, http.StatusInternalServerError, err) wsErr(conn, r, http.StatusInternalServerError, err)
return
} }
return return
} }
// Check if the program is installed on the computer. if _, err := exec.LookPath(command[0]); err != nil {
if _, err = exec.LookPath(command[0]); err != nil { err := conn.WriteMessage(websocket.TextMessage, cmdNotImplemented)
err = conn.WriteMessage(websocket.TextMessage, cmdNotImplemented)
if err != nil { if err != nil {
httpErr(w, r, http.StatusInternalServerError, err) wsErr(conn, r, http.StatusInternalServerError, err)
return
} else {
httpErr
} }
return http.StatusNotImplemented, nil return
} }
// Gets the path and initializes a buffer. path := strings.TrimPrefix(r.URL.Path, "/api/command")
path := c.User.Scope + "/" + r.URL.Path dir := afero.FullBaseFsPath(user.Fs.(*afero.BasePathFs), path)
path = filepath.Clean(path)
buff := new(bytes.Buffer)
// Sets up the command executation.
cmd := exec.Command(command[0], command[1:]...) cmd := exec.Command(command[0], command[1:]...)
cmd.Dir = path cmd.Dir = dir
cmd.Stderr = buff
cmd.Stdout = buff
// Starts the command and checks for fb.Errors. stdout, err := cmd.StdoutPipe()
err = cmd.Start()
if err != nil { if err != nil {
return http.StatusInternalServerError, err wsErr(conn, r, http.StatusInternalServerError, err)
return
}
stderr, err := cmd.StderrPipe()
if err != nil {
wsErr(conn, r, http.StatusInternalServerError, err)
return
} }
// Set a 'done' variable to check whetever the command has already finished if err := cmd.Start(); err != nil {
// running or not. This verification is done using a goroutine that uses the wsErr(conn, r, http.StatusInternalServerError, err)
// method .Wait() from the command. return
done := false
go func() {
err = cmd.Wait()
done = true
}()
// Function to print the current information on the buffer to the connection.
print := func() error {
by := buff.Bytes()
if len(by) > 0 {
err = conn.WriteMessage(websocket.TextMessage, by)
if err != nil {
return err
}
}
return nil
} }
// While the command hasn't finished running, continue sending the output s := bufio.NewScanner(io.MultiReader(stdout, stderr))
// to the client in intervals of 100 milliseconds. for s.Scan() {
for !done { conn.WriteMessage(websocket.TextMessage, s.Bytes())
if err = print(); err != nil {
return http.StatusInternalServerError, err
}
time.Sleep(100 * time.Millisecond)
} }
// After the command is done executing, send the output one more time to the if err := cmd.Wait(); err != nil {
// browser to make sure it gets the latest information. wsErr(conn, r, http.StatusInternalServerError, err)
if err = print(); err != nil {
return http.StatusInternalServerError, err
} }
return 0, nil */
} }
func (e *Env) searchHandler(w http.ResponseWriter, r *http.Request) { func (e *Env) searchHandler(w http.ResponseWriter, r *http.Request) {

16
types/user.go
View File

@ -2,6 +2,7 @@ package types
import ( import (
"path/filepath" "path/filepath"
"regexp"
"github.com/spf13/afero" "github.com/spf13/afero"
"golang.org/x/crypto/bcrypt" "golang.org/x/crypto/bcrypt"
@ -103,6 +104,21 @@ func (u *User) IsAllowed(url string) bool {
return isAllowed(url, u.Rules) return isAllowed(url, u.Rules)
} }
// CanExecute checks if an user can execute a specific command.
func (u *User) CanExecute(command string) bool {
if !u.Perm.Execute {
return false
}
for _, cmd := range u.Commands {
if regexp.MustCompile(cmd).MatchString(command) {
return true
}
}
return false
}
// ApplyDefaults applies defaults to a user. // ApplyDefaults applies defaults to a user.
func (u *User) ApplyDefaults(defaults UserDefaults) { func (u *User) ApplyDefaults(defaults UserDefaults) {
u.Scope = defaults.Scope u.Scope = defaults.Scope