feat: add ip on logging
License: MIT Signed-off-by: Henrique Dias <hacdias@gmail.com>
This commit is contained in:
Henrique Dias
parent
6403bbdc57
commit
a9addc0e8a
28
http/auth.go
28
http/auth.go
@ -15,11 +15,11 @@ import (
|
|||||||
func (e *Env) loginHandler(w http.ResponseWriter, r *http.Request) {
|
func (e *Env) loginHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
user, err := e.Auther.Auth(r)
|
user, err := e.Auther.Auth(r)
|
||||||
if err == types.ErrNoPermission {
|
if err == types.ErrNoPermission {
|
||||||
httpErr(w, http.StatusForbidden, nil)
|
httpErr(w, r, http.StatusForbidden, nil)
|
||||||
} else if err != nil {
|
} else if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
} else {
|
} else {
|
||||||
e.printToken(w, user)
|
e.printToken(w, r, user)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -30,24 +30,24 @@ type signupBody struct {
|
|||||||
|
|
||||||
func (e *Env) signupHandler(w http.ResponseWriter, r *http.Request) {
|
func (e *Env) signupHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
if !e.Settings.Signup {
|
if !e.Settings.Signup {
|
||||||
httpErr(w, http.StatusForbidden, nil)
|
httpErr(w, r, http.StatusForbidden, nil)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if r.Body == nil {
|
if r.Body == nil {
|
||||||
httpErr(w, http.StatusBadRequest, nil)
|
httpErr(w, r, http.StatusBadRequest, nil)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
info := &signupBody{}
|
info := &signupBody{}
|
||||||
err := json.NewDecoder(r.Body).Decode(info)
|
err := json.NewDecoder(r.Body).Decode(info)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusBadRequest, nil)
|
httpErr(w, r, http.StatusBadRequest, nil)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if info.Password == "" || info.Username == "" {
|
if info.Password == "" || info.Username == "" {
|
||||||
httpErr(w, http.StatusBadRequest, nil)
|
httpErr(w, r, http.StatusBadRequest, nil)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -61,21 +61,21 @@ func (e *Env) signupHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
|
|
||||||
pwd, err := types.HashPwd(info.Password)
|
pwd, err := types.HashPwd(info.Password)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
user.Password = pwd
|
user.Password = pwd
|
||||||
err = e.Store.Users.Save(user)
|
err = e.Store.Users.Save(user)
|
||||||
if err == types.ErrExist {
|
if err == types.ErrExist {
|
||||||
httpErr(w, http.StatusConflict, nil)
|
httpErr(w, r, http.StatusConflict, nil)
|
||||||
return
|
return
|
||||||
} else if err != nil {
|
} else if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
httpErr(w, http.StatusOK, nil)
|
httpErr(w, r, http.StatusOK, nil)
|
||||||
}
|
}
|
||||||
|
|
||||||
type userInfo struct {
|
type userInfo struct {
|
||||||
@ -125,7 +125,7 @@ func (e *Env) auth(next http.HandlerFunc) http.HandlerFunc {
|
|||||||
token, err := request.ParseFromRequestWithClaims(r, &extractor{}, &tk, keyFunc)
|
token, err := request.ParseFromRequestWithClaims(r, &extractor{}, &tk, keyFunc)
|
||||||
|
|
||||||
if err != nil || !token.Valid {
|
if err != nil || !token.Valid {
|
||||||
httpErr(w, http.StatusForbidden, nil)
|
httpErr(w, r, http.StatusForbidden, nil)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -133,7 +133,7 @@ func (e *Env) auth(next http.HandlerFunc) http.HandlerFunc {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func (e *Env) printToken(w http.ResponseWriter, user *types.User) {
|
func (e *Env) printToken(w http.ResponseWriter, r *http.Request, user *types.User) {
|
||||||
claims := &authToken{
|
claims := &authToken{
|
||||||
User: userInfo{
|
User: userInfo{
|
||||||
ID: user.ID,
|
ID: user.ID,
|
||||||
@ -151,7 +151,7 @@ func (e *Env) printToken(w http.ResponseWriter, user *types.User) {
|
|||||||
signed, err := token.SignedString(e.Settings.Key)
|
signed, err := token.SignedString(e.Settings.Key)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
} else {
|
} else {
|
||||||
w.Header().Set("Content-Type", "cty")
|
w.Header().Set("Content-Type", "cty")
|
||||||
w.Write([]byte(signed))
|
w.Write([]byte(signed))
|
||||||
|
|||||||
22
http/http.go
22
http/http.go
@ -43,7 +43,7 @@ func (e *Env) getHandlers() (http.Handler, http.Handler) {
|
|||||||
|
|
||||||
index := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
index := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
if r.Method != http.MethodGet {
|
if r.Method != http.MethodGet {
|
||||||
httpErr(w, http.StatusNotFound, nil)
|
httpErr(w, r, http.StatusNotFound, nil)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -54,7 +54,7 @@ func (e *Env) getHandlers() (http.Handler, http.Handler) {
|
|||||||
err := index.Execute(w, data)
|
err := index.Execute(w, data)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
|
||||||
@ -69,7 +69,7 @@ func (e *Env) getHandlers() (http.Handler, http.Handler) {
|
|||||||
err := index.Execute(w, data)
|
err := index.Execute(w, data)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
}
|
}
|
||||||
}))
|
}))
|
||||||
|
|
||||||
@ -111,24 +111,24 @@ func Handler(e *Env) http.Handler {
|
|||||||
return r
|
return r
|
||||||
}
|
}
|
||||||
|
|
||||||
func httpErr(w http.ResponseWriter, status int, err error) {
|
func httpErr(w http.ResponseWriter, r *http.Request, status int, err error) {
|
||||||
txt := http.StatusText(status)
|
txt := http.StatusText(status)
|
||||||
if err != nil {
|
if err != nil || status >= 400 {
|
||||||
log.Printf("%v", err)
|
log.Printf("%s: %v %s %v", r.URL.Path, status, r.RemoteAddr, err)
|
||||||
}
|
}
|
||||||
http.Error(w, strconv.Itoa(status)+" "+txt, status)
|
http.Error(w, strconv.Itoa(status)+" "+txt, status)
|
||||||
}
|
}
|
||||||
|
|
||||||
func renderJSON(w http.ResponseWriter, data interface{}) {
|
func renderJSON(w http.ResponseWriter, r *http.Request, data interface{}) {
|
||||||
marsh, err := json.Marshal(data)
|
marsh, err := json.Marshal(data)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
w.Header().Set("Content-Type", "application/json; charset=utf-8")
|
w.Header().Set("Content-Type", "application/json; charset=utf-8")
|
||||||
if _, err := w.Write(marsh); err != nil {
|
if _, err := w.Write(marsh); err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -136,12 +136,12 @@ func (e *Env) getUser(w http.ResponseWriter, r *http.Request) (*types.User, bool
|
|||||||
id := r.Context().Value(keyUserID).(uint)
|
id := r.Context().Value(keyUserID).(uint)
|
||||||
user, err := e.Store.Users.Get(id)
|
user, err := e.Store.Users.Get(id)
|
||||||
if err == types.ErrNotExist {
|
if err == types.ErrNotExist {
|
||||||
httpErr(w, http.StatusForbidden, nil)
|
httpErr(w, r, http.StatusForbidden, nil)
|
||||||
return nil, false
|
return nil, false
|
||||||
}
|
}
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
return nil, false
|
return nil, false
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
20
http/raw.go
20
http/raw.go
@ -66,13 +66,13 @@ func (e *Env) rawHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if !user.Perm.Download {
|
if !user.Perm.Download {
|
||||||
httpErr(w, http.StatusForbidden, nil)
|
httpErr(w, r, http.StatusForbidden, nil)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
file, err := types.NewFileInfo(user, path)
|
file, err := types.NewFileInfo(user, path)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, httpFsErr(err), err)
|
httpErr(w, r, httpFsErr(err), err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -83,13 +83,13 @@ func (e *Env) rawHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
|
|
||||||
filenames, err := parseQueryFiles(r, file, user)
|
filenames, err := parseQueryFiles(r, file, user)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
extension, ar, err := parseQueryAlgorithm(r)
|
extension, ar, err := parseQueryAlgorithm(r)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -102,7 +102,7 @@ func (e *Env) rawHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
|
|
||||||
err = ar.Create(w)
|
err = ar.Create(w)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
defer ar.Close()
|
defer ar.Close()
|
||||||
@ -110,21 +110,21 @@ func (e *Env) rawHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
for _, fname := range filenames {
|
for _, fname := range filenames {
|
||||||
info, err := user.Fs.Stat(fname)
|
info, err := user.Fs.Stat(fname)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// get file's name for the inside of the archive
|
// get file's name for the inside of the archive
|
||||||
internalName, err := archiver.NameInArchive(info, fname, fname)
|
internalName, err := archiver.NameInArchive(info, fname, fname)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
// open the file
|
// open the file
|
||||||
file, err := user.Fs.Open(fname)
|
file, err := user.Fs.Open(fname)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -138,7 +138,7 @@ func (e *Env) rawHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
})
|
})
|
||||||
file.Close()
|
file.Close()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -147,7 +147,7 @@ func (e *Env) rawHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
func fileHandler(w http.ResponseWriter, r *http.Request, file *types.File, user *types.User) {
|
func fileHandler(w http.ResponseWriter, r *http.Request, file *types.File, user *types.User) {
|
||||||
fd, err := user.Fs.Open(file.Path)
|
fd, err := user.Fs.Open(file.Path)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
defer fd.Close()
|
defer fd.Close()
|
||||||
|
|||||||
@ -42,7 +42,7 @@ func (e *Env) getResourceData(w http.ResponseWriter, r *http.Request, prefix str
|
|||||||
}
|
}
|
||||||
|
|
||||||
if !user.IsAllowed(path) {
|
if !user.IsAllowed(path) {
|
||||||
httpErr(w, http.StatusForbidden, nil)
|
httpErr(w, r, http.StatusForbidden, nil)
|
||||||
return "", nil, false
|
return "", nil, false
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -57,7 +57,7 @@ func (e *Env) resourceGetHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
|
|
||||||
file, err := types.NewFileInfo(user, path)
|
file, err := types.NewFileInfo(user, path)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, httpFsErr(err), err)
|
httpErr(w, r, httpFsErr(err), err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -68,11 +68,11 @@ func (e *Env) resourceGetHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
file.Listing.Sort = sort
|
file.Listing.Sort = sort
|
||||||
file.Listing.Order = order
|
file.Listing.Order = order
|
||||||
} else {
|
} else {
|
||||||
httpErr(w, http.StatusBadRequest, err)
|
httpErr(w, r, http.StatusBadRequest, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
file.Listing.ApplySort()
|
file.Listing.ApplySort()
|
||||||
renderJSON(w, file)
|
renderJSON(w, r, file)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -87,10 +87,10 @@ func (e *Env) resourceGetHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
if checksum := r.URL.Query().Get("checksum"); checksum != "" {
|
if checksum := r.URL.Query().Get("checksum"); checksum != "" {
|
||||||
err = file.Checksum(checksum)
|
err = file.Checksum(checksum)
|
||||||
if err == types.ErrInvalidOption {
|
if err == types.ErrInvalidOption {
|
||||||
httpErr(w, http.StatusBadRequest, nil)
|
httpErr(w, r, http.StatusBadRequest, nil)
|
||||||
return
|
return
|
||||||
} else if err != nil {
|
} else if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -98,7 +98,7 @@ func (e *Env) resourceGetHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
file.Content = ""
|
file.Content = ""
|
||||||
}
|
}
|
||||||
|
|
||||||
renderJSON(w, file)
|
renderJSON(w, r, file)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (e *Env) resourceDeleteHandler(w http.ResponseWriter, r *http.Request) {
|
func (e *Env) resourceDeleteHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
@ -108,7 +108,7 @@ func (e *Env) resourceDeleteHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if path == "/" || !user.Perm.Delete {
|
if path == "/" || !user.Perm.Delete {
|
||||||
httpErr(w, http.StatusForbidden, nil)
|
httpErr(w, r, http.StatusForbidden, nil)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -117,7 +117,7 @@ func (e *Env) resourceDeleteHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
}, "delete", path, "", user)
|
}, "delete", path, "", user)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, httpFsErr(err), err)
|
httpErr(w, r, httpFsErr(err), err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -131,12 +131,12 @@ func (e *Env) resourcePostPutHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if !user.Perm.Create && r.Method == http.MethodPost {
|
if !user.Perm.Create && r.Method == http.MethodPost {
|
||||||
httpErr(w, http.StatusForbidden, nil)
|
httpErr(w, r, http.StatusForbidden, nil)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if !user.Perm.Modify && r.Method == http.MethodPut {
|
if !user.Perm.Modify && r.Method == http.MethodPut {
|
||||||
httpErr(w, http.StatusForbidden, nil)
|
httpErr(w, r, http.StatusForbidden, nil)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -147,10 +147,10 @@ func (e *Env) resourcePostPutHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
// For directories, only allow POST for creation.
|
// For directories, only allow POST for creation.
|
||||||
if strings.HasSuffix(r.URL.Path, "/") {
|
if strings.HasSuffix(r.URL.Path, "/") {
|
||||||
if r.Method == http.MethodPut {
|
if r.Method == http.MethodPut {
|
||||||
httpErr(w, http.StatusMethodNotAllowed, nil)
|
httpErr(w, r, http.StatusMethodNotAllowed, nil)
|
||||||
} else {
|
} else {
|
||||||
err := user.Fs.MkdirAll(path, 0775)
|
err := user.Fs.MkdirAll(path, 0775)
|
||||||
httpErr(w, httpFsErr(err), err)
|
httpErr(w, r, httpFsErr(err), err)
|
||||||
}
|
}
|
||||||
|
|
||||||
return
|
return
|
||||||
@ -158,7 +158,7 @@ func (e *Env) resourcePostPutHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
|
|
||||||
if r.Method == http.MethodPost && r.URL.Query().Get("override") != "true" {
|
if r.Method == http.MethodPost && r.URL.Query().Get("override") != "true" {
|
||||||
if _, err := user.Fs.Stat(path); err == nil {
|
if _, err := user.Fs.Stat(path); err == nil {
|
||||||
httpErr(w, http.StatusConflict, nil)
|
httpErr(w, r, http.StatusConflict, nil)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -187,11 +187,11 @@ func (e *Env) resourcePostPutHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
}, "upload", path, "", user)
|
}, "upload", path, "", user)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, httpFsErr(err), err)
|
httpErr(w, r, httpFsErr(err), err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
httpErr(w, http.StatusOK, nil)
|
httpErr(w, r, http.StatusOK, nil)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (e *Env) resourcePatchHandler(w http.ResponseWriter, r *http.Request) {
|
func (e *Env) resourcePatchHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
@ -205,26 +205,26 @@ func (e *Env) resourcePatchHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
dst, err := url.QueryUnescape(dst)
|
dst, err := url.QueryUnescape(dst)
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, httpFsErr(err), err)
|
httpErr(w, r, httpFsErr(err), err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if dst == "/" || src == "/" {
|
if dst == "/" || src == "/" {
|
||||||
httpErr(w, http.StatusForbidden, nil)
|
httpErr(w, r, http.StatusForbidden, nil)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
switch action {
|
switch action {
|
||||||
case "copy":
|
case "copy":
|
||||||
if !user.Perm.Create {
|
if !user.Perm.Create {
|
||||||
httpErr(w, http.StatusForbidden, nil)
|
httpErr(w, r, http.StatusForbidden, nil)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
case "rename":
|
case "rename":
|
||||||
default:
|
default:
|
||||||
action = "rename"
|
action = "rename"
|
||||||
if !user.Perm.Rename {
|
if !user.Perm.Rename {
|
||||||
httpErr(w, http.StatusForbidden, nil)
|
httpErr(w, r, http.StatusForbidden, nil)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -238,7 +238,7 @@ func (e *Env) resourcePatchHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
return user.Fs.Rename(src, dst)
|
return user.Fs.Rename(src, dst)
|
||||||
}, "action", src, dst, user)
|
}, "action", src, dst, user)
|
||||||
|
|
||||||
httpErr(w, httpFsErr(err), err)
|
httpErr(w, r, httpFsErr(err), err)
|
||||||
}
|
}
|
||||||
|
|
||||||
func handleSortOrder(w http.ResponseWriter, r *http.Request, scope string) (sort string, order string, err error) {
|
func handleSortOrder(w http.ResponseWriter, r *http.Request, scope string) (sort string, order string, err error) {
|
||||||
|
|||||||
@ -21,7 +21,7 @@ func (e *Env) getShareData(w http.ResponseWriter, r *http.Request, prefix string
|
|||||||
}
|
}
|
||||||
|
|
||||||
if !user.Perm.Share {
|
if !user.Perm.Share {
|
||||||
httpErr(w, http.StatusForbidden, nil)
|
httpErr(w, r, http.StatusForbidden, nil)
|
||||||
return "", false
|
return "", false
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -36,12 +36,12 @@ func (e *Env) shareGetHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
|
|
||||||
s, err := e.Store.Share.GetByPath(path)
|
s, err := e.Store.Share.GetByPath(path)
|
||||||
if err == types.ErrNotExist {
|
if err == types.ErrNotExist {
|
||||||
renderJSON(w, []*types.ShareLink{})
|
renderJSON(w, r, []*types.ShareLink{})
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -52,7 +52,7 @@ func (e *Env) shareGetHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
renderJSON(w, s)
|
renderJSON(w, r, s)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (e *Env) shareDeleteHandler(w http.ResponseWriter, r *http.Request) {
|
func (e *Env) shareDeleteHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
@ -62,7 +62,7 @@ func (e *Env) shareDeleteHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if !user.Perm.Share {
|
if !user.Perm.Share {
|
||||||
httpErr(w, http.StatusForbidden, nil)
|
httpErr(w, r, http.StatusForbidden, nil)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -75,7 +75,7 @@ func (e *Env) shareDeleteHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
|
|
||||||
err := e.Store.Share.Delete(hash)
|
err := e.Store.Share.Delete(hash)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -102,7 +102,7 @@ func (e *Env) sharePostHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
bytes := make([]byte, 6)
|
bytes := make([]byte, 6)
|
||||||
_, err := rand.Read(bytes)
|
_, err := rand.Read(bytes)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -117,7 +117,7 @@ func (e *Env) sharePostHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
if expire != "" {
|
if expire != "" {
|
||||||
num, err := strconv.Atoi(expire)
|
num, err := strconv.Atoi(expire)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -137,9 +137,9 @@ func (e *Env) sharePostHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if err := e.Store.Share.Save(s); err != nil {
|
if err := e.Store.Share.Save(s); err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
renderJSON(w, s)
|
renderJSON(w, r, s)
|
||||||
}
|
}
|
||||||
|
|||||||
@ -25,13 +25,13 @@ func (e *Env) usersGetHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if !user.Perm.Admin {
|
if !user.Perm.Admin {
|
||||||
httpErr(w, http.StatusForbidden, nil)
|
httpErr(w, r, http.StatusForbidden, nil)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
users, err := e.Store.Users.Gets()
|
users, err := e.Store.Users.Gets()
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -43,7 +43,7 @@ func (e *Env) usersGetHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
return users[i].ID < users[j].ID
|
return users[i].ID < users[j].ID
|
||||||
})
|
})
|
||||||
|
|
||||||
renderJSON(w, users)
|
renderJSON(w, r, users)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (e *Env) userSelfOrAdmin(w http.ResponseWriter, r *http.Request) (*types.User, uint, bool) {
|
func (e *Env) userSelfOrAdmin(w http.ResponseWriter, r *http.Request) (*types.User, uint, bool) {
|
||||||
@ -54,12 +54,12 @@ func (e *Env) userSelfOrAdmin(w http.ResponseWriter, r *http.Request) (*types.Us
|
|||||||
|
|
||||||
id, err := getUserID(r)
|
id, err := getUserID(r)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
return nil, 0, false
|
return nil, 0, false
|
||||||
}
|
}
|
||||||
|
|
||||||
if user.ID != id && !user.Perm.Admin {
|
if user.ID != id && !user.Perm.Admin {
|
||||||
httpErr(w, http.StatusForbidden, nil)
|
httpErr(w, r, http.StatusForbidden, nil)
|
||||||
return nil, 0, false
|
return nil, 0, false
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -74,17 +74,17 @@ func (e *Env) userGetHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
|
|
||||||
u, err := e.Store.Users.Get(id)
|
u, err := e.Store.Users.Get(id)
|
||||||
if err == types.ErrNotExist {
|
if err == types.ErrNotExist {
|
||||||
httpErr(w, http.StatusNotFound, nil)
|
httpErr(w, r, http.StatusNotFound, nil)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
u.Password = ""
|
u.Password = ""
|
||||||
renderJSON(w, u)
|
renderJSON(w, r, u)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (e *Env) userDeleteHandler(w http.ResponseWriter, r *http.Request) {
|
func (e *Env) userDeleteHandler(w http.ResponseWriter, r *http.Request) {
|
||||||
@ -95,12 +95,12 @@ func (e *Env) userDeleteHandler(w http.ResponseWriter, r *http.Request) {
|
|||||||
|
|
||||||
err := e.Store.Users.Delete(id)
|
err := e.Store.Users.Delete(id)
|
||||||
if err == types.ErrNotExist {
|
if err == types.ErrNotExist {
|
||||||
httpErr(w, http.StatusNotFound, nil)
|
httpErr(w, r, http.StatusNotFound, nil)
|
||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
httpErr(w, http.StatusInternalServerError, err)
|
httpErr(w, r, http.StatusInternalServerError, err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user