From a7585b993c6c28c836b4c96930bb56638d500ea4 Mon Sep 17 00:00:00 2001 From: wushuqi Date: Mon, 19 Jun 2023 07:48:46 +0000 Subject: [PATCH] fix: hook Method login rules were erased and rule permissions were added in the validation script --- auth/hook.go | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/auth/hook.go b/auth/hook.go index 3e57560e..a62dd22b 100644 --- a/auth/hook.go +++ b/auth/hook.go @@ -3,6 +3,7 @@ package auth import ( "encoding/json" "fmt" + "github.com/filebrowser/filebrowser/v2/rules" "log" "net/http" "os" @@ -31,6 +32,7 @@ type HookAuth struct { Cred hookCred `json:"-"` Fields hookFields `json:"-"` Command string `json:"command"` + Rules []rules.Rule `json:"rules"` } // Auth authenticates the user via a json in content body. @@ -228,6 +230,7 @@ func (a *HookAuth) GetUser(d *users.User) *users.User { Asc: a.Fields.GetBoolean("user.sorting.asc", d.Sorting.Asc), By: a.Fields.GetString("user.sorting.by", d.Sorting.By), }, + Rules: a.Fields.GetRules("user.perm.rule", d.Rules), Commands: a.Fields.GetArray("user.commands", d.Commands), HideDotfiles: a.Fields.GetBoolean("user.hideDotfiles", d.HideDotfiles), Perm: perms, @@ -261,6 +264,7 @@ var validHookFields = []string{ "user.perm.delete", "user.perm.share", "user.perm.download", + "user.perm.rule", } // IsValid checks if the provided field is on the valid fields list @@ -300,3 +304,20 @@ func (hf *hookFields) GetArray(k string, dv []string) []string { } return dv } + +func (hf *hookFields) GetRules(k string, dv []rules.Rule) []rules.Rule { + val, ok := hf.Values[k] + if !ok { + return dv + } + var dvv []rules.Rule + for _, ruleString := range strings.Split(val, ";") { + var rule rules.Rule + err := json.Unmarshal([]byte(ruleString), &rule) + if err != nil { + return dv + } + dvv = append(dvv, rule) + } + return dvv +}