1808 lines
60 KiB
Rust
1808 lines
60 KiB
Rust
#![allow(clippy::too_many_arguments)]
|
|
|
|
use crate::auth::{www_authenticate, AccessPaths, AccessPerm};
|
|
use crate::http_utils::{body_full, IncomingStream, LengthLimitedStream};
|
|
use crate::utils::{
|
|
decode_uri, encode_uri, get_file_mtime_and_mode, get_file_name, glob, parse_range,
|
|
try_get_file_name,
|
|
};
|
|
use crate::Args;
|
|
|
|
use anyhow::{anyhow, Result};
|
|
use async_zip::{tokio::write::ZipFileWriter, Compression, ZipDateTime, ZipEntryBuilder};
|
|
use base64::{engine::general_purpose::STANDARD, Engine as _};
|
|
use bytes::Bytes;
|
|
use chrono::{LocalResult, TimeZone, Utc};
|
|
use futures_util::{pin_mut, TryStreamExt};
|
|
use headers::{
|
|
AcceptRanges, AccessControlAllowCredentials, AccessControlAllowOrigin, CacheControl,
|
|
ContentLength, ContentType, ETag, HeaderMap, HeaderMapExt, IfMatch, IfModifiedSince,
|
|
IfNoneMatch, IfRange, IfUnmodifiedSince, LastModified, Range,
|
|
};
|
|
use http_body_util::{combinators::BoxBody, BodyExt, StreamBody};
|
|
use hyper::body::Frame;
|
|
use hyper::{
|
|
body::Incoming,
|
|
header::{
|
|
HeaderValue, AUTHORIZATION, CONNECTION, CONTENT_DISPOSITION, CONTENT_LENGTH, CONTENT_RANGE,
|
|
CONTENT_TYPE, RANGE,
|
|
},
|
|
Method, StatusCode, Uri,
|
|
};
|
|
use serde::Serialize;
|
|
use sha2::{Digest, Sha256};
|
|
use std::borrow::Cow;
|
|
use std::cmp::Ordering;
|
|
use std::collections::HashMap;
|
|
use std::fs::Metadata;
|
|
use std::io::SeekFrom;
|
|
use std::net::SocketAddr;
|
|
use std::path::{Component, Path, PathBuf};
|
|
use std::sync::atomic::{self, AtomicBool};
|
|
use std::sync::Arc;
|
|
use std::time::SystemTime;
|
|
use tokio::fs::File;
|
|
use tokio::io::{AsyncReadExt, AsyncSeekExt, AsyncWrite};
|
|
use tokio::{fs, io};
|
|
|
|
use tokio_util::compat::FuturesAsyncWriteCompatExt;
|
|
use tokio_util::io::{ReaderStream, StreamReader};
|
|
use uuid::Uuid;
|
|
use walkdir::WalkDir;
|
|
use xml::escape::escape_str_pcdata;
|
|
|
|
pub type Request = hyper::Request<Incoming>;
|
|
pub type Response = hyper::Response<BoxBody<Bytes, anyhow::Error>>;
|
|
|
|
const INDEX_HTML: &str = include_str!("../assets/index.html");
|
|
const INDEX_CSS: &str = include_str!("../assets/index.css");
|
|
const INDEX_JS: &str = include_str!("../assets/index.js");
|
|
const FAVICON_ICO: &[u8] = include_bytes!("../assets/favicon.ico");
|
|
const INDEX_NAME: &str = "index.html";
|
|
const BUF_SIZE: usize = 65536;
|
|
const EDITABLE_TEXT_MAX_SIZE: u64 = 4194304; // 4M
|
|
const RESUMABLE_UPLOAD_MIN_SIZE: u64 = 20971520; // 20M
|
|
const HEALTH_CHECK_PATH: &str = "__dufs__/health";
|
|
|
|
pub struct Server {
|
|
args: Args,
|
|
assets_prefix: String,
|
|
html: Cow<'static, str>,
|
|
single_file_req_paths: Vec<String>,
|
|
running: Arc<AtomicBool>,
|
|
}
|
|
|
|
impl Server {
|
|
pub fn init(args: Args, running: Arc<AtomicBool>) -> Result<Self> {
|
|
let assets_prefix = format!("__dufs_v{}__/", env!("CARGO_PKG_VERSION"));
|
|
let single_file_req_paths = if args.path_is_file {
|
|
vec![
|
|
args.uri_prefix.to_string(),
|
|
args.uri_prefix[0..args.uri_prefix.len() - 1].to_string(),
|
|
encode_uri(&format!(
|
|
"{}{}",
|
|
&args.uri_prefix,
|
|
get_file_name(&args.serve_path)
|
|
)),
|
|
]
|
|
} else {
|
|
vec![]
|
|
};
|
|
let html = match args.assets.as_ref() {
|
|
Some(path) => Cow::Owned(std::fs::read_to_string(path.join("index.html"))?),
|
|
None => Cow::Borrowed(INDEX_HTML),
|
|
};
|
|
Ok(Self {
|
|
args,
|
|
running,
|
|
single_file_req_paths,
|
|
assets_prefix,
|
|
html,
|
|
})
|
|
}
|
|
|
|
pub async fn call(
|
|
self: Arc<Self>,
|
|
req: Request,
|
|
addr: Option<SocketAddr>,
|
|
) -> Result<Response, hyper::Error> {
|
|
let uri = req.uri().clone();
|
|
let assets_prefix = &self.assets_prefix;
|
|
let enable_cors = self.args.enable_cors;
|
|
let is_microsoft_webdav = req
|
|
.headers()
|
|
.get("user-agent")
|
|
.and_then(|v| v.to_str().ok())
|
|
.map(|v| v.starts_with("Microsoft-WebDAV-MiniRedir/"))
|
|
.unwrap_or_default();
|
|
let mut http_log_data = self.args.http_logger.data(&req);
|
|
if let Some(addr) = addr {
|
|
http_log_data.insert("remote_addr".to_string(), addr.ip().to_string());
|
|
}
|
|
|
|
let mut res = match self.clone().handle(req, is_microsoft_webdav).await {
|
|
Ok(res) => {
|
|
http_log_data.insert("status".to_string(), res.status().as_u16().to_string());
|
|
if !uri.path().starts_with(assets_prefix) {
|
|
self.args.http_logger.log(&http_log_data, None);
|
|
}
|
|
res
|
|
}
|
|
Err(err) => {
|
|
let mut res = Response::default();
|
|
let status = StatusCode::INTERNAL_SERVER_ERROR;
|
|
*res.status_mut() = status;
|
|
http_log_data.insert("status".to_string(), status.as_u16().to_string());
|
|
self.args
|
|
.http_logger
|
|
.log(&http_log_data, Some(err.to_string()));
|
|
res
|
|
}
|
|
};
|
|
|
|
if is_microsoft_webdav {
|
|
// microsoft webdav requires this.
|
|
res.headers_mut()
|
|
.insert(CONNECTION, HeaderValue::from_static("close"));
|
|
}
|
|
if enable_cors {
|
|
add_cors(&mut res);
|
|
}
|
|
Ok(res)
|
|
}
|
|
|
|
pub async fn handle(
|
|
self: Arc<Self>,
|
|
req: Request,
|
|
is_microsoft_webdav: bool,
|
|
) -> Result<Response> {
|
|
let mut res = Response::default();
|
|
|
|
let req_path = req.uri().path();
|
|
let headers = req.headers();
|
|
let method = req.method().clone();
|
|
|
|
let relative_path = match self.resolve_path(req_path) {
|
|
Some(v) => v,
|
|
None => {
|
|
status_bad_request(&mut res, "Invalid Path");
|
|
return Ok(res);
|
|
}
|
|
};
|
|
|
|
if method == Method::GET
|
|
&& self
|
|
.handle_internal(&relative_path, headers, &mut res)
|
|
.await?
|
|
{
|
|
return Ok(res);
|
|
}
|
|
|
|
let authorization = headers.get(AUTHORIZATION);
|
|
let guard =
|
|
self.args
|
|
.auth
|
|
.guard(&relative_path, &method, authorization, is_microsoft_webdav);
|
|
|
|
let (user, access_paths) = match guard {
|
|
(None, None) => {
|
|
self.auth_reject(&mut res)?;
|
|
return Ok(res);
|
|
}
|
|
(Some(_), None) => {
|
|
status_forbid(&mut res);
|
|
return Ok(res);
|
|
}
|
|
(x, Some(y)) => (x, y),
|
|
};
|
|
|
|
let query = req.uri().query().unwrap_or_default();
|
|
let query_params: HashMap<String, String> = form_urlencoded::parse(query.as_bytes())
|
|
.map(|(k, v)| (k.to_string(), v.to_string()))
|
|
.collect();
|
|
|
|
if method.as_str() == "CHECKAUTH" {
|
|
match user.clone() {
|
|
Some(user) => {
|
|
*res.body_mut() = body_full(user);
|
|
}
|
|
None => self.auth_reject(&mut res)?,
|
|
}
|
|
return Ok(res);
|
|
} else if method.as_str() == "LOGOUT" {
|
|
self.auth_reject(&mut res)?;
|
|
return Ok(res);
|
|
}
|
|
|
|
let head_only = method == Method::HEAD;
|
|
|
|
if self.args.path_is_file {
|
|
if self
|
|
.single_file_req_paths
|
|
.iter()
|
|
.any(|v| v.as_str() == req_path)
|
|
{
|
|
self.handle_send_file(&self.args.serve_path, headers, head_only, &mut res)
|
|
.await?;
|
|
} else {
|
|
status_not_found(&mut res);
|
|
}
|
|
return Ok(res);
|
|
}
|
|
let path = match self.join_path(&relative_path) {
|
|
Some(v) => v,
|
|
None => {
|
|
status_forbid(&mut res);
|
|
return Ok(res);
|
|
}
|
|
};
|
|
|
|
let path = path.as_path();
|
|
|
|
let (is_miss, is_dir, is_file, size) = match fs::metadata(path).await.ok() {
|
|
Some(meta) => (false, meta.is_dir(), meta.is_file(), meta.len()),
|
|
None => (true, false, false, 0),
|
|
};
|
|
|
|
let allow_upload = self.args.allow_upload;
|
|
let allow_delete = self.args.allow_delete;
|
|
let allow_search = self.args.allow_search;
|
|
let allow_archive = self.args.allow_archive;
|
|
let render_index = self.args.render_index;
|
|
let render_spa = self.args.render_spa;
|
|
let render_try_index = self.args.render_try_index;
|
|
|
|
if !self.args.allow_symlink && !is_miss && !self.is_root_contained(path).await {
|
|
status_not_found(&mut res);
|
|
return Ok(res);
|
|
}
|
|
|
|
match method {
|
|
Method::GET | Method::HEAD => {
|
|
if is_dir {
|
|
if render_try_index {
|
|
if allow_archive && has_query_flag(&query_params, "zip") {
|
|
if !allow_archive {
|
|
status_not_found(&mut res);
|
|
return Ok(res);
|
|
}
|
|
self.handle_zip_dir(path, head_only, access_paths, &mut res)
|
|
.await?;
|
|
} else if allow_search && query_params.contains_key("q") {
|
|
self.handle_search_dir(
|
|
path,
|
|
&query_params,
|
|
head_only,
|
|
user,
|
|
access_paths,
|
|
&mut res,
|
|
)
|
|
.await?;
|
|
} else {
|
|
self.handle_render_index(
|
|
path,
|
|
&query_params,
|
|
headers,
|
|
head_only,
|
|
user,
|
|
access_paths,
|
|
&mut res,
|
|
)
|
|
.await?;
|
|
}
|
|
} else if render_index || render_spa {
|
|
self.handle_render_index(
|
|
path,
|
|
&query_params,
|
|
headers,
|
|
head_only,
|
|
user,
|
|
access_paths,
|
|
&mut res,
|
|
)
|
|
.await?;
|
|
} else if has_query_flag(&query_params, "zip") {
|
|
if !allow_archive {
|
|
status_not_found(&mut res);
|
|
return Ok(res);
|
|
}
|
|
self.handle_zip_dir(path, head_only, access_paths, &mut res)
|
|
.await?;
|
|
} else if allow_search && query_params.contains_key("q") {
|
|
self.handle_search_dir(
|
|
path,
|
|
&query_params,
|
|
head_only,
|
|
user,
|
|
access_paths,
|
|
&mut res,
|
|
)
|
|
.await?;
|
|
} else {
|
|
self.handle_ls_dir(
|
|
path,
|
|
true,
|
|
&query_params,
|
|
head_only,
|
|
user,
|
|
access_paths,
|
|
&mut res,
|
|
)
|
|
.await?;
|
|
}
|
|
} else if is_file {
|
|
if has_query_flag(&query_params, "edit") {
|
|
self.handle_edit_file(path, DataKind::Edit, head_only, user, &mut res)
|
|
.await?;
|
|
} else if has_query_flag(&query_params, "view") {
|
|
self.handle_edit_file(path, DataKind::View, head_only, user, &mut res)
|
|
.await?;
|
|
} else if has_query_flag(&query_params, "hash") {
|
|
self.handle_hash_file(path, head_only, &mut res).await?;
|
|
} else {
|
|
self.handle_send_file(path, headers, head_only, &mut res)
|
|
.await?;
|
|
}
|
|
} else if render_spa {
|
|
self.handle_render_spa(path, headers, head_only, &mut res)
|
|
.await?;
|
|
} else if allow_upload && req_path.ends_with('/') {
|
|
self.handle_ls_dir(
|
|
path,
|
|
false,
|
|
&query_params,
|
|
head_only,
|
|
user,
|
|
access_paths,
|
|
&mut res,
|
|
)
|
|
.await?;
|
|
} else {
|
|
status_not_found(&mut res);
|
|
}
|
|
}
|
|
Method::OPTIONS => {
|
|
set_webdav_headers(&mut res);
|
|
}
|
|
Method::PUT => {
|
|
if is_dir || !allow_upload || (!allow_delete && size > 0) {
|
|
status_forbid(&mut res);
|
|
} else {
|
|
self.handle_upload(path, None, size, req, &mut res).await?;
|
|
}
|
|
}
|
|
Method::PATCH => {
|
|
if is_miss {
|
|
status_not_found(&mut res);
|
|
} else if !allow_upload {
|
|
status_forbid(&mut res);
|
|
} else {
|
|
let offset = match parse_upload_offset(headers, size) {
|
|
Ok(v) => v,
|
|
Err(err) => {
|
|
status_bad_request(&mut res, &err.to_string());
|
|
return Ok(res);
|
|
}
|
|
};
|
|
match offset {
|
|
Some(offset) => {
|
|
if offset < size && !allow_delete {
|
|
status_forbid(&mut res);
|
|
}
|
|
self.handle_upload(path, Some(offset), size, req, &mut res)
|
|
.await?;
|
|
}
|
|
None => {
|
|
*res.status_mut() = StatusCode::METHOD_NOT_ALLOWED;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
Method::DELETE => {
|
|
if !allow_delete {
|
|
status_forbid(&mut res);
|
|
} else if !is_miss {
|
|
self.handle_delete(path, is_dir, &mut res).await?
|
|
} else {
|
|
status_not_found(&mut res);
|
|
}
|
|
}
|
|
method => match method.as_str() {
|
|
"PROPFIND" => {
|
|
if is_dir {
|
|
let access_paths =
|
|
if access_paths.perm().indexonly() && authorization.is_none() {
|
|
// see https://github.com/sigoden/dufs/issues/229
|
|
AccessPaths::new(AccessPerm::ReadOnly)
|
|
} else {
|
|
access_paths
|
|
};
|
|
self.handle_propfind_dir(path, headers, access_paths, &mut res)
|
|
.await?;
|
|
} else if is_file {
|
|
self.handle_propfind_file(path, &mut res).await?;
|
|
} else {
|
|
status_not_found(&mut res);
|
|
}
|
|
}
|
|
"PROPPATCH" => {
|
|
if is_file {
|
|
self.handle_proppatch(req_path, &mut res).await?;
|
|
} else {
|
|
status_not_found(&mut res);
|
|
}
|
|
}
|
|
"MKCOL" => {
|
|
if !allow_upload {
|
|
status_forbid(&mut res);
|
|
} else if !is_miss {
|
|
*res.status_mut() = StatusCode::METHOD_NOT_ALLOWED;
|
|
*res.body_mut() = body_full("Already exists");
|
|
} else {
|
|
self.handle_mkcol(path, &mut res).await?;
|
|
}
|
|
}
|
|
"COPY" => {
|
|
if !allow_upload {
|
|
status_forbid(&mut res);
|
|
} else if is_miss {
|
|
status_not_found(&mut res);
|
|
} else {
|
|
self.handle_copy(path, &req, &mut res).await?
|
|
}
|
|
}
|
|
"MOVE" => {
|
|
if !allow_upload || !allow_delete {
|
|
status_forbid(&mut res);
|
|
} else if is_miss {
|
|
status_not_found(&mut res);
|
|
} else {
|
|
self.handle_move(path, &req, &mut res).await?
|
|
}
|
|
}
|
|
"LOCK" => {
|
|
// Fake lock
|
|
if is_file {
|
|
let has_auth = authorization.is_some();
|
|
self.handle_lock(req_path, has_auth, &mut res).await?;
|
|
} else {
|
|
status_not_found(&mut res);
|
|
}
|
|
}
|
|
"UNLOCK" => {
|
|
// Fake unlock
|
|
if is_miss {
|
|
status_not_found(&mut res);
|
|
}
|
|
}
|
|
_ => {
|
|
*res.status_mut() = StatusCode::METHOD_NOT_ALLOWED;
|
|
}
|
|
},
|
|
}
|
|
Ok(res)
|
|
}
|
|
|
|
async fn handle_upload(
|
|
&self,
|
|
path: &Path,
|
|
upload_offset: Option<u64>,
|
|
size: u64,
|
|
req: Request,
|
|
res: &mut Response,
|
|
) -> Result<()> {
|
|
ensure_path_parent(path).await?;
|
|
let (mut file, status) = match upload_offset {
|
|
None => (fs::File::create(path).await?, StatusCode::CREATED),
|
|
Some(offset) if offset == size => (
|
|
fs::OpenOptions::new().append(true).open(path).await?,
|
|
StatusCode::NO_CONTENT,
|
|
),
|
|
Some(offset) => {
|
|
let mut file = fs::OpenOptions::new().write(true).open(path).await?;
|
|
file.seek(SeekFrom::Start(offset)).await?;
|
|
(file, StatusCode::NO_CONTENT)
|
|
}
|
|
};
|
|
let stream = IncomingStream::new(req.into_body());
|
|
|
|
let body_with_io_error = stream.map_err(|err| io::Error::new(io::ErrorKind::Other, err));
|
|
let body_reader = StreamReader::new(body_with_io_error);
|
|
|
|
pin_mut!(body_reader);
|
|
|
|
let ret = io::copy(&mut body_reader, &mut file).await;
|
|
let size = fs::metadata(path)
|
|
.await
|
|
.map(|v| v.len())
|
|
.unwrap_or_default();
|
|
if ret.is_err() {
|
|
if upload_offset.is_none() && size < RESUMABLE_UPLOAD_MIN_SIZE {
|
|
let _ = tokio::fs::remove_file(&path).await;
|
|
}
|
|
ret?;
|
|
}
|
|
|
|
*res.status_mut() = status;
|
|
|
|
Ok(())
|
|
}
|
|
|
|
async fn handle_delete(&self, path: &Path, is_dir: bool, res: &mut Response) -> Result<()> {
|
|
match is_dir {
|
|
true => fs::remove_dir_all(path).await?,
|
|
false => fs::remove_file(path).await?,
|
|
}
|
|
|
|
status_no_content(res);
|
|
Ok(())
|
|
}
|
|
|
|
async fn handle_ls_dir(
|
|
&self,
|
|
path: &Path,
|
|
exist: bool,
|
|
query_params: &HashMap<String, String>,
|
|
head_only: bool,
|
|
user: Option<String>,
|
|
access_paths: AccessPaths,
|
|
res: &mut Response,
|
|
) -> Result<()> {
|
|
let mut paths = vec![];
|
|
if exist {
|
|
paths = match self.list_dir(path, path, access_paths.clone()).await {
|
|
Ok(paths) => paths,
|
|
Err(_) => {
|
|
status_forbid(res);
|
|
return Ok(());
|
|
}
|
|
}
|
|
};
|
|
self.send_index(
|
|
path,
|
|
paths,
|
|
exist,
|
|
query_params,
|
|
head_only,
|
|
user,
|
|
access_paths,
|
|
res,
|
|
)
|
|
}
|
|
|
|
async fn handle_search_dir(
|
|
&self,
|
|
path: &Path,
|
|
query_params: &HashMap<String, String>,
|
|
head_only: bool,
|
|
user: Option<String>,
|
|
access_paths: AccessPaths,
|
|
res: &mut Response,
|
|
) -> Result<()> {
|
|
let mut paths: Vec<PathItem> = vec![];
|
|
let search = query_params
|
|
.get("q")
|
|
.ok_or_else(|| anyhow!("invalid q"))?
|
|
.to_lowercase();
|
|
if search.is_empty() {
|
|
return self
|
|
.handle_ls_dir(path, true, query_params, head_only, user, access_paths, res)
|
|
.await;
|
|
} else {
|
|
let path_buf = path.to_path_buf();
|
|
let hidden = Arc::new(self.args.hidden.to_vec());
|
|
let hidden = hidden.clone();
|
|
let running = self.running.clone();
|
|
let access_paths = access_paths.clone();
|
|
let search_paths = tokio::task::spawn_blocking(move || {
|
|
let mut paths: Vec<PathBuf> = vec![];
|
|
for dir in access_paths.child_paths(&path_buf) {
|
|
let mut it = WalkDir::new(&dir).into_iter();
|
|
it.next();
|
|
while let Some(Ok(entry)) = it.next() {
|
|
if !running.load(atomic::Ordering::SeqCst) {
|
|
break;
|
|
}
|
|
let entry_path = entry.path();
|
|
let base_name = get_file_name(entry_path);
|
|
let file_type = entry.file_type();
|
|
let mut is_dir_type: bool = file_type.is_dir();
|
|
if file_type.is_symlink() {
|
|
match std::fs::symlink_metadata(entry_path) {
|
|
Ok(meta) => {
|
|
is_dir_type = meta.is_dir();
|
|
}
|
|
Err(_) => {
|
|
continue;
|
|
}
|
|
}
|
|
}
|
|
if is_hidden(&hidden, base_name, is_dir_type) {
|
|
if file_type.is_dir() {
|
|
it.skip_current_dir();
|
|
}
|
|
continue;
|
|
}
|
|
if !base_name.to_lowercase().contains(&search) {
|
|
continue;
|
|
}
|
|
paths.push(entry_path.to_path_buf());
|
|
}
|
|
}
|
|
paths
|
|
})
|
|
.await?;
|
|
for search_path in search_paths.into_iter() {
|
|
if let Ok(Some(item)) = self.to_pathitem(search_path, path.to_path_buf()).await {
|
|
paths.push(item);
|
|
}
|
|
}
|
|
}
|
|
self.send_index(
|
|
path,
|
|
paths,
|
|
true,
|
|
query_params,
|
|
head_only,
|
|
user,
|
|
access_paths,
|
|
res,
|
|
)
|
|
}
|
|
|
|
async fn handle_zip_dir(
|
|
&self,
|
|
path: &Path,
|
|
head_only: bool,
|
|
access_paths: AccessPaths,
|
|
res: &mut Response,
|
|
) -> Result<()> {
|
|
let (mut writer, reader) = tokio::io::duplex(BUF_SIZE);
|
|
let filename = try_get_file_name(path)?;
|
|
set_content_disposition(res, false, &format!("{}.zip", filename))?;
|
|
res.headers_mut()
|
|
.insert("content-type", HeaderValue::from_static("application/zip"));
|
|
if head_only {
|
|
return Ok(());
|
|
}
|
|
let path = path.to_owned();
|
|
let hidden = self.args.hidden.clone();
|
|
let running = self.running.clone();
|
|
let compression = self.args.compress.to_compression();
|
|
tokio::spawn(async move {
|
|
if let Err(e) = zip_dir(
|
|
&mut writer,
|
|
&path,
|
|
access_paths,
|
|
&hidden,
|
|
compression,
|
|
running,
|
|
)
|
|
.await
|
|
{
|
|
error!("Failed to zip {}, {}", path.display(), e);
|
|
}
|
|
});
|
|
let reader_stream = ReaderStream::with_capacity(reader, BUF_SIZE);
|
|
let stream_body = StreamBody::new(
|
|
reader_stream
|
|
.map_ok(Frame::data)
|
|
.map_err(|err| anyhow!("{err}")),
|
|
);
|
|
let boxed_body = stream_body.boxed();
|
|
*res.body_mut() = boxed_body;
|
|
Ok(())
|
|
}
|
|
|
|
async fn handle_render_index(
|
|
&self,
|
|
path: &Path,
|
|
query_params: &HashMap<String, String>,
|
|
headers: &HeaderMap<HeaderValue>,
|
|
head_only: bool,
|
|
user: Option<String>,
|
|
access_paths: AccessPaths,
|
|
res: &mut Response,
|
|
) -> Result<()> {
|
|
let index_path = path.join(INDEX_NAME);
|
|
if fs::metadata(&index_path)
|
|
.await
|
|
.ok()
|
|
.map(|v| v.is_file())
|
|
.unwrap_or_default()
|
|
{
|
|
self.handle_send_file(&index_path, headers, head_only, res)
|
|
.await?;
|
|
} else if self.args.render_try_index {
|
|
self.handle_ls_dir(path, true, query_params, head_only, user, access_paths, res)
|
|
.await?;
|
|
} else {
|
|
status_not_found(res)
|
|
}
|
|
Ok(())
|
|
}
|
|
|
|
async fn handle_render_spa(
|
|
&self,
|
|
path: &Path,
|
|
headers: &HeaderMap<HeaderValue>,
|
|
head_only: bool,
|
|
res: &mut Response,
|
|
) -> Result<()> {
|
|
if path.extension().is_none() {
|
|
let path = self.args.serve_path.join(INDEX_NAME);
|
|
self.handle_send_file(&path, headers, head_only, res)
|
|
.await?;
|
|
} else {
|
|
status_not_found(res)
|
|
}
|
|
Ok(())
|
|
}
|
|
|
|
async fn handle_internal(
|
|
&self,
|
|
req_path: &str,
|
|
headers: &HeaderMap<HeaderValue>,
|
|
res: &mut Response,
|
|
) -> Result<bool> {
|
|
if let Some(name) = req_path.strip_prefix(&self.assets_prefix) {
|
|
match self.args.assets.as_ref() {
|
|
Some(assets_path) => {
|
|
let path = assets_path.join(name);
|
|
if path.exists() {
|
|
self.handle_send_file(&path, headers, false, res).await?;
|
|
} else {
|
|
status_not_found(res);
|
|
return Ok(true);
|
|
}
|
|
}
|
|
None => match name {
|
|
"index.js" => {
|
|
*res.body_mut() = body_full(INDEX_JS);
|
|
res.headers_mut().insert(
|
|
"content-type",
|
|
HeaderValue::from_static("application/javascript; charset=UTF-8"),
|
|
);
|
|
}
|
|
"index.css" => {
|
|
*res.body_mut() = body_full(INDEX_CSS);
|
|
res.headers_mut().insert(
|
|
"content-type",
|
|
HeaderValue::from_static("text/css; charset=UTF-8"),
|
|
);
|
|
}
|
|
"favicon.ico" => {
|
|
*res.body_mut() = body_full(FAVICON_ICO);
|
|
res.headers_mut()
|
|
.insert("content-type", HeaderValue::from_static("image/x-icon"));
|
|
}
|
|
_ => {
|
|
status_not_found(res);
|
|
}
|
|
},
|
|
}
|
|
res.headers_mut().insert(
|
|
"cache-control",
|
|
HeaderValue::from_static("public, max-age=31536000, immutable"),
|
|
);
|
|
res.headers_mut().insert(
|
|
"x-content-type-options",
|
|
HeaderValue::from_static("nosniff"),
|
|
);
|
|
Ok(true)
|
|
} else if req_path == HEALTH_CHECK_PATH {
|
|
res.headers_mut()
|
|
.typed_insert(ContentType::from(mime_guess::mime::APPLICATION_JSON));
|
|
|
|
*res.body_mut() = body_full(r#"{"status":"OK"}"#);
|
|
Ok(true)
|
|
} else {
|
|
Ok(false)
|
|
}
|
|
}
|
|
|
|
async fn handle_send_file(
|
|
&self,
|
|
path: &Path,
|
|
headers: &HeaderMap<HeaderValue>,
|
|
head_only: bool,
|
|
res: &mut Response,
|
|
) -> Result<()> {
|
|
let (file, meta) = tokio::join!(fs::File::open(path), fs::metadata(path),);
|
|
let (mut file, meta) = (file?, meta?);
|
|
let size = meta.len();
|
|
let mut use_range = true;
|
|
if let Some((etag, last_modified)) = extract_cache_headers(&meta) {
|
|
if let Some(if_unmodified_since) = headers.typed_get::<IfUnmodifiedSince>() {
|
|
if !if_unmodified_since.precondition_passes(last_modified.into()) {
|
|
*res.status_mut() = StatusCode::PRECONDITION_FAILED;
|
|
return Ok(());
|
|
}
|
|
}
|
|
if let Some(if_match) = headers.typed_get::<IfMatch>() {
|
|
if !if_match.precondition_passes(&etag) {
|
|
*res.status_mut() = StatusCode::PRECONDITION_FAILED;
|
|
return Ok(());
|
|
}
|
|
}
|
|
if let Some(if_modified_since) = headers.typed_get::<IfModifiedSince>() {
|
|
if !if_modified_since.is_modified(last_modified.into()) {
|
|
*res.status_mut() = StatusCode::NOT_MODIFIED;
|
|
return Ok(());
|
|
}
|
|
}
|
|
if let Some(if_none_match) = headers.typed_get::<IfNoneMatch>() {
|
|
if !if_none_match.precondition_passes(&etag) {
|
|
*res.status_mut() = StatusCode::NOT_MODIFIED;
|
|
return Ok(());
|
|
}
|
|
}
|
|
|
|
res.headers_mut().typed_insert(last_modified);
|
|
res.headers_mut().typed_insert(etag.clone());
|
|
|
|
if headers.typed_get::<Range>().is_some() {
|
|
use_range = headers
|
|
.typed_get::<IfRange>()
|
|
.map(|if_range| !if_range.is_modified(Some(&etag), Some(&last_modified)))
|
|
// Always be fresh if there is no validators
|
|
.unwrap_or(true);
|
|
} else {
|
|
use_range = false;
|
|
}
|
|
}
|
|
|
|
let range = if use_range {
|
|
headers.get(RANGE).map(|range| {
|
|
range
|
|
.to_str()
|
|
.ok()
|
|
.and_then(|range| parse_range(range, size))
|
|
})
|
|
} else {
|
|
None
|
|
};
|
|
|
|
res.headers_mut().insert(
|
|
CONTENT_TYPE,
|
|
HeaderValue::from_str(&get_content_type(path).await?)?,
|
|
);
|
|
|
|
let filename = try_get_file_name(path)?;
|
|
set_content_disposition(res, true, filename)?;
|
|
|
|
res.headers_mut().typed_insert(AcceptRanges::bytes());
|
|
|
|
if let Some(range) = range {
|
|
if let Some((start, end)) = range {
|
|
file.seek(SeekFrom::Start(start)).await?;
|
|
let range_size = end - start + 1;
|
|
*res.status_mut() = StatusCode::PARTIAL_CONTENT;
|
|
let content_range = format!("bytes {}-{}/{}", start, end, size);
|
|
res.headers_mut()
|
|
.insert(CONTENT_RANGE, content_range.parse()?);
|
|
res.headers_mut()
|
|
.insert(CONTENT_LENGTH, format!("{range_size}").parse()?);
|
|
if head_only {
|
|
return Ok(());
|
|
}
|
|
|
|
let stream_body = StreamBody::new(
|
|
LengthLimitedStream::new(file, range_size as usize)
|
|
.map_ok(Frame::data)
|
|
.map_err(|err| anyhow!("{err}")),
|
|
);
|
|
let boxed_body = stream_body.boxed();
|
|
*res.body_mut() = boxed_body;
|
|
} else {
|
|
*res.status_mut() = StatusCode::RANGE_NOT_SATISFIABLE;
|
|
res.headers_mut()
|
|
.insert(CONTENT_RANGE, format!("bytes */{size}").parse()?);
|
|
}
|
|
} else {
|
|
res.headers_mut()
|
|
.insert(CONTENT_LENGTH, format!("{size}").parse()?);
|
|
if head_only {
|
|
return Ok(());
|
|
}
|
|
|
|
let reader_stream = ReaderStream::with_capacity(file, BUF_SIZE);
|
|
let stream_body = StreamBody::new(
|
|
reader_stream
|
|
.map_ok(Frame::data)
|
|
.map_err(|err| anyhow!("{err}")),
|
|
);
|
|
let boxed_body = stream_body.boxed();
|
|
*res.body_mut() = boxed_body;
|
|
}
|
|
Ok(())
|
|
}
|
|
|
|
async fn handle_edit_file(
|
|
&self,
|
|
path: &Path,
|
|
kind: DataKind,
|
|
head_only: bool,
|
|
user: Option<String>,
|
|
res: &mut Response,
|
|
) -> Result<()> {
|
|
let (file, meta) = tokio::join!(fs::File::open(path), fs::metadata(path),);
|
|
let (file, meta) = (file?, meta?);
|
|
let href = format!(
|
|
"/{}",
|
|
normalize_path(path.strip_prefix(&self.args.serve_path)?)
|
|
);
|
|
let mut buffer: Vec<u8> = vec![];
|
|
file.take(1024).read_to_end(&mut buffer).await?;
|
|
let editable =
|
|
meta.len() <= EDITABLE_TEXT_MAX_SIZE && content_inspector::inspect(&buffer).is_text();
|
|
let data = EditData {
|
|
href,
|
|
kind,
|
|
uri_prefix: self.args.uri_prefix.clone(),
|
|
allow_upload: self.args.allow_upload,
|
|
allow_delete: self.args.allow_delete,
|
|
auth: self.args.auth.exist(),
|
|
user,
|
|
editable,
|
|
};
|
|
res.headers_mut()
|
|
.typed_insert(ContentType::from(mime_guess::mime::TEXT_HTML_UTF_8));
|
|
let index_data = STANDARD.encode(serde_json::to_string(&data)?);
|
|
let output = self
|
|
.html
|
|
.replace(
|
|
"__ASSETS_PREFIX__",
|
|
&format!("{}{}", self.args.uri_prefix, self.assets_prefix),
|
|
)
|
|
.replace("__INDEX_DATA__", &index_data);
|
|
res.headers_mut()
|
|
.typed_insert(ContentLength(output.as_bytes().len() as u64));
|
|
if head_only {
|
|
return Ok(());
|
|
}
|
|
*res.body_mut() = body_full(output);
|
|
Ok(())
|
|
}
|
|
|
|
async fn handle_hash_file(
|
|
&self,
|
|
path: &Path,
|
|
head_only: bool,
|
|
res: &mut Response,
|
|
) -> Result<()> {
|
|
let output = sha256_file(path).await?;
|
|
res.headers_mut()
|
|
.typed_insert(ContentType::from(mime_guess::mime::TEXT_HTML_UTF_8));
|
|
res.headers_mut()
|
|
.typed_insert(ContentLength(output.as_bytes().len() as u64));
|
|
if head_only {
|
|
return Ok(());
|
|
}
|
|
*res.body_mut() = body_full(output);
|
|
Ok(())
|
|
}
|
|
|
|
async fn handle_propfind_dir(
|
|
&self,
|
|
path: &Path,
|
|
headers: &HeaderMap<HeaderValue>,
|
|
access_paths: AccessPaths,
|
|
res: &mut Response,
|
|
) -> Result<()> {
|
|
let depth: u32 = match headers.get("depth") {
|
|
Some(v) => match v.to_str().ok().and_then(|v| v.parse().ok()) {
|
|
Some(0) => 0,
|
|
Some(1) => 1,
|
|
_ => {
|
|
status_bad_request(res, "Invalid depth: only 0 and 1 are allowed.");
|
|
return Ok(());
|
|
}
|
|
},
|
|
None => 1,
|
|
};
|
|
let mut paths = match self.to_pathitem(path, &self.args.serve_path).await? {
|
|
Some(v) => vec![v],
|
|
None => vec![],
|
|
};
|
|
if depth == 1 {
|
|
match self
|
|
.list_dir(path, &self.args.serve_path, access_paths)
|
|
.await
|
|
{
|
|
Ok(child) => paths.extend(child),
|
|
Err(_) => {
|
|
status_forbid(res);
|
|
return Ok(());
|
|
}
|
|
}
|
|
}
|
|
let output = paths
|
|
.iter()
|
|
.map(|v| v.to_dav_xml(self.args.uri_prefix.as_str()))
|
|
.fold(String::new(), |mut acc, v| {
|
|
acc.push_str(&v);
|
|
acc
|
|
});
|
|
res_multistatus(res, &output);
|
|
Ok(())
|
|
}
|
|
|
|
async fn handle_propfind_file(&self, path: &Path, res: &mut Response) -> Result<()> {
|
|
if let Some(pathitem) = self.to_pathitem(path, &self.args.serve_path).await? {
|
|
res_multistatus(res, &pathitem.to_dav_xml(self.args.uri_prefix.as_str()));
|
|
} else {
|
|
status_not_found(res);
|
|
}
|
|
Ok(())
|
|
}
|
|
|
|
async fn handle_mkcol(&self, path: &Path, res: &mut Response) -> Result<()> {
|
|
fs::create_dir_all(path).await?;
|
|
*res.status_mut() = StatusCode::CREATED;
|
|
Ok(())
|
|
}
|
|
|
|
async fn handle_copy(&self, path: &Path, req: &Request, res: &mut Response) -> Result<()> {
|
|
let dest = match self.extract_dest(req, res) {
|
|
Some(dest) => dest,
|
|
None => {
|
|
return Ok(());
|
|
}
|
|
};
|
|
|
|
let meta = fs::symlink_metadata(path).await?;
|
|
if meta.is_dir() {
|
|
status_forbid(res);
|
|
return Ok(());
|
|
}
|
|
|
|
ensure_path_parent(&dest).await?;
|
|
|
|
fs::copy(path, &dest).await?;
|
|
|
|
status_no_content(res);
|
|
Ok(())
|
|
}
|
|
|
|
async fn handle_move(&self, path: &Path, req: &Request, res: &mut Response) -> Result<()> {
|
|
let dest = match self.extract_dest(req, res) {
|
|
Some(dest) => dest,
|
|
None => {
|
|
return Ok(());
|
|
}
|
|
};
|
|
|
|
ensure_path_parent(&dest).await?;
|
|
|
|
fs::rename(path, &dest).await?;
|
|
|
|
status_no_content(res);
|
|
Ok(())
|
|
}
|
|
|
|
async fn handle_lock(&self, req_path: &str, auth: bool, res: &mut Response) -> Result<()> {
|
|
let token = if auth {
|
|
format!("opaquelocktoken:{}", Uuid::new_v4())
|
|
} else {
|
|
Utc::now().timestamp().to_string()
|
|
};
|
|
|
|
res.headers_mut().insert(
|
|
"content-type",
|
|
HeaderValue::from_static("application/xml; charset=utf-8"),
|
|
);
|
|
res.headers_mut()
|
|
.insert("lock-token", format!("<{token}>").parse()?);
|
|
|
|
*res.body_mut() = body_full(format!(
|
|
r#"<?xml version="1.0" encoding="utf-8"?>
|
|
<D:prop xmlns:D="DAV:"><D:lockdiscovery><D:activelock>
|
|
<D:locktoken><D:href>{token}</D:href></D:locktoken>
|
|
<D:lockroot><D:href>{req_path}</D:href></D:lockroot>
|
|
</D:activelock></D:lockdiscovery></D:prop>"#
|
|
));
|
|
Ok(())
|
|
}
|
|
|
|
async fn handle_proppatch(&self, req_path: &str, res: &mut Response) -> Result<()> {
|
|
let output = format!(
|
|
r#"<D:response>
|
|
<D:href>{req_path}</D:href>
|
|
<D:propstat>
|
|
<D:prop>
|
|
</D:prop>
|
|
<D:status>HTTP/1.1 403 Forbidden</D:status>
|
|
</D:propstat>
|
|
</D:response>"#
|
|
);
|
|
res_multistatus(res, &output);
|
|
Ok(())
|
|
}
|
|
|
|
#[allow(clippy::too_many_arguments)]
|
|
fn send_index(
|
|
&self,
|
|
path: &Path,
|
|
mut paths: Vec<PathItem>,
|
|
exist: bool,
|
|
query_params: &HashMap<String, String>,
|
|
head_only: bool,
|
|
user: Option<String>,
|
|
access_paths: AccessPaths,
|
|
res: &mut Response,
|
|
) -> Result<()> {
|
|
if let Some(sort) = query_params.get("sort") {
|
|
if sort == "name" {
|
|
paths.sort_by(|v1, v2| v1.sort_by_name(v2))
|
|
} else if sort == "mtime" {
|
|
paths.sort_by(|v1, v2| v1.sort_by_mtime(v2))
|
|
} else if sort == "size" {
|
|
paths.sort_by(|v1, v2| v1.sort_by_size(v2))
|
|
}
|
|
if query_params
|
|
.get("order")
|
|
.map(|v| v == "desc")
|
|
.unwrap_or_default()
|
|
{
|
|
paths.reverse()
|
|
}
|
|
} else {
|
|
paths.sort_by(|v1, v2| v1.sort_by_name(v2))
|
|
}
|
|
if has_query_flag(query_params, "simple") {
|
|
let output = paths
|
|
.into_iter()
|
|
.map(|v| {
|
|
if v.is_dir() {
|
|
format!("{}/\n", v.name)
|
|
} else {
|
|
format!("{}\n", v.name)
|
|
}
|
|
})
|
|
.collect::<Vec<String>>()
|
|
.join("");
|
|
res.headers_mut()
|
|
.typed_insert(ContentType::from(mime_guess::mime::TEXT_HTML_UTF_8));
|
|
res.headers_mut()
|
|
.typed_insert(ContentLength(output.as_bytes().len() as u64));
|
|
*res.body_mut() = body_full(output);
|
|
if head_only {
|
|
return Ok(());
|
|
}
|
|
return Ok(());
|
|
}
|
|
let href = format!(
|
|
"/{}",
|
|
normalize_path(path.strip_prefix(&self.args.serve_path)?)
|
|
);
|
|
let readwrite = access_paths.perm().readwrite();
|
|
let data = IndexData {
|
|
kind: DataKind::Index,
|
|
href,
|
|
uri_prefix: self.args.uri_prefix.clone(),
|
|
allow_upload: self.args.allow_upload && readwrite,
|
|
allow_delete: self.args.allow_delete && readwrite,
|
|
allow_search: self.args.allow_search,
|
|
allow_archive: self.args.allow_archive,
|
|
dir_exists: exist,
|
|
auth: self.args.auth.exist(),
|
|
user,
|
|
paths,
|
|
};
|
|
let output = if has_query_flag(query_params, "json") {
|
|
res.headers_mut()
|
|
.typed_insert(ContentType::from(mime_guess::mime::APPLICATION_JSON));
|
|
serde_json::to_string_pretty(&data)?
|
|
} else {
|
|
res.headers_mut()
|
|
.typed_insert(ContentType::from(mime_guess::mime::TEXT_HTML_UTF_8));
|
|
|
|
let index_data = STANDARD.encode(serde_json::to_string(&data)?);
|
|
self.html
|
|
.replace(
|
|
"__ASSETS_PREFIX__",
|
|
&format!("{}{}", self.args.uri_prefix, self.assets_prefix),
|
|
)
|
|
.replace("__INDEX_DATA__", &index_data)
|
|
};
|
|
res.headers_mut()
|
|
.typed_insert(ContentLength(output.as_bytes().len() as u64));
|
|
res.headers_mut()
|
|
.typed_insert(CacheControl::new().with_no_cache());
|
|
res.headers_mut().insert(
|
|
"x-content-type-options",
|
|
HeaderValue::from_static("nosniff"),
|
|
);
|
|
if head_only {
|
|
return Ok(());
|
|
}
|
|
*res.body_mut() = body_full(output);
|
|
Ok(())
|
|
}
|
|
|
|
fn auth_reject(&self, res: &mut Response) -> Result<()> {
|
|
set_webdav_headers(res);
|
|
|
|
www_authenticate(res, &self.args)?;
|
|
*res.status_mut() = StatusCode::UNAUTHORIZED;
|
|
Ok(())
|
|
}
|
|
|
|
async fn is_root_contained(&self, path: &Path) -> bool {
|
|
fs::canonicalize(path)
|
|
.await
|
|
.ok()
|
|
.map(|v| v.starts_with(&self.args.serve_path))
|
|
.unwrap_or_default()
|
|
}
|
|
|
|
fn extract_dest(&self, req: &Request, res: &mut Response) -> Option<PathBuf> {
|
|
let headers = req.headers();
|
|
let dest_path = match self
|
|
.extract_destination_header(headers)
|
|
.and_then(|dest| self.resolve_path(&dest))
|
|
{
|
|
Some(dest) => dest,
|
|
None => {
|
|
status_bad_request(res, "Invalid Destination");
|
|
return None;
|
|
}
|
|
};
|
|
|
|
let authorization = headers.get(AUTHORIZATION);
|
|
let guard = self
|
|
.args
|
|
.auth
|
|
.guard(&dest_path, req.method(), authorization, false);
|
|
|
|
match guard {
|
|
(_, Some(_)) => {}
|
|
_ => {
|
|
status_forbid(res);
|
|
return None;
|
|
}
|
|
};
|
|
|
|
let dest = match self.join_path(&dest_path) {
|
|
Some(dest) => dest,
|
|
None => {
|
|
*res.status_mut() = StatusCode::BAD_REQUEST;
|
|
return None;
|
|
}
|
|
};
|
|
|
|
Some(dest)
|
|
}
|
|
|
|
fn extract_destination_header(&self, headers: &HeaderMap<HeaderValue>) -> Option<String> {
|
|
let dest = headers.get("Destination")?.to_str().ok()?;
|
|
let uri: Uri = dest.parse().ok()?;
|
|
Some(uri.path().to_string())
|
|
}
|
|
|
|
fn resolve_path(&self, path: &str) -> Option<String> {
|
|
let path = decode_uri(path)?;
|
|
let path = path.trim_matches('/');
|
|
let mut parts = vec![];
|
|
for comp in Path::new(path).components() {
|
|
if let Component::Normal(v) = comp {
|
|
let v = v.to_string_lossy();
|
|
if cfg!(windows) {
|
|
let chars: Vec<char> = v.chars().collect();
|
|
if chars.len() == 2 && chars[1] == ':' && chars[0].is_ascii_alphabetic() {
|
|
return None;
|
|
}
|
|
}
|
|
parts.push(v);
|
|
} else {
|
|
return None;
|
|
}
|
|
}
|
|
let new_path = parts.join("/");
|
|
let path_prefix = self.args.path_prefix.as_str();
|
|
if path_prefix.is_empty() {
|
|
return Some(new_path);
|
|
}
|
|
new_path
|
|
.strip_prefix(path_prefix.trim_start_matches('/'))
|
|
.map(|v| v.trim_matches('/').to_string())
|
|
}
|
|
|
|
fn join_path(&self, path: &str) -> Option<PathBuf> {
|
|
if path.is_empty() {
|
|
return Some(self.args.serve_path.clone());
|
|
}
|
|
let path = if cfg!(windows) {
|
|
path.replace('/', "\\")
|
|
} else {
|
|
path.to_string()
|
|
};
|
|
Some(self.args.serve_path.join(path))
|
|
}
|
|
|
|
async fn list_dir(
|
|
&self,
|
|
entry_path: &Path,
|
|
base_path: &Path,
|
|
access_paths: AccessPaths,
|
|
) -> Result<Vec<PathItem>> {
|
|
let mut paths: Vec<PathItem> = vec![];
|
|
if access_paths.perm().indexonly() {
|
|
for name in access_paths.child_names() {
|
|
let entry_path = entry_path.join(name);
|
|
self.add_pathitem(&mut paths, base_path, &entry_path).await;
|
|
}
|
|
} else {
|
|
let mut rd = fs::read_dir(entry_path).await?;
|
|
while let Ok(Some(entry)) = rd.next_entry().await {
|
|
let entry_path = entry.path();
|
|
self.add_pathitem(&mut paths, base_path, &entry_path).await;
|
|
}
|
|
}
|
|
Ok(paths)
|
|
}
|
|
|
|
async fn add_pathitem(&self, paths: &mut Vec<PathItem>, base_path: &Path, entry_path: &Path) {
|
|
let base_name = get_file_name(entry_path);
|
|
if let Ok(Some(item)) = self.to_pathitem(entry_path, base_path).await {
|
|
if is_hidden(&self.args.hidden, base_name, item.is_dir()) {
|
|
return;
|
|
}
|
|
paths.push(item);
|
|
}
|
|
}
|
|
|
|
async fn to_pathitem<P: AsRef<Path>>(&self, path: P, base_path: P) -> Result<Option<PathItem>> {
|
|
let path = path.as_ref();
|
|
let (meta, meta2) = tokio::join!(fs::metadata(&path), fs::symlink_metadata(&path));
|
|
let (meta, meta2) = (meta?, meta2?);
|
|
let is_symlink = meta2.is_symlink();
|
|
if !self.args.allow_symlink && is_symlink && !self.is_root_contained(path).await {
|
|
return Ok(None);
|
|
}
|
|
let is_dir = meta.is_dir();
|
|
let path_type = match (is_symlink, is_dir) {
|
|
(true, true) => PathType::SymlinkDir,
|
|
(false, true) => PathType::Dir,
|
|
(true, false) => PathType::SymlinkFile,
|
|
(false, false) => PathType::File,
|
|
};
|
|
let mtime = to_timestamp(&meta.modified()?);
|
|
let size = match path_type {
|
|
PathType::Dir | PathType::SymlinkDir => {
|
|
let mut count = 0;
|
|
let mut entries = tokio::fs::read_dir(&path).await?;
|
|
while entries.next_entry().await?.is_some() {
|
|
count += 1;
|
|
}
|
|
count
|
|
}
|
|
PathType::File | PathType::SymlinkFile => meta.len(),
|
|
};
|
|
let rel_path = path.strip_prefix(base_path)?;
|
|
let name = normalize_path(rel_path);
|
|
Ok(Some(PathItem {
|
|
path_type,
|
|
name,
|
|
mtime,
|
|
size,
|
|
}))
|
|
}
|
|
}
|
|
|
|
#[derive(Debug, Serialize, PartialEq)]
|
|
enum DataKind {
|
|
Index,
|
|
Edit,
|
|
View,
|
|
}
|
|
|
|
#[derive(Debug, Serialize)]
|
|
struct IndexData {
|
|
href: String,
|
|
kind: DataKind,
|
|
uri_prefix: String,
|
|
allow_upload: bool,
|
|
allow_delete: bool,
|
|
allow_search: bool,
|
|
allow_archive: bool,
|
|
dir_exists: bool,
|
|
auth: bool,
|
|
user: Option<String>,
|
|
paths: Vec<PathItem>,
|
|
}
|
|
|
|
#[derive(Debug, Serialize)]
|
|
struct EditData {
|
|
href: String,
|
|
kind: DataKind,
|
|
uri_prefix: String,
|
|
allow_upload: bool,
|
|
allow_delete: bool,
|
|
auth: bool,
|
|
user: Option<String>,
|
|
editable: bool,
|
|
}
|
|
|
|
#[derive(Debug, Serialize, Eq, PartialEq, Ord, PartialOrd)]
|
|
struct PathItem {
|
|
path_type: PathType,
|
|
name: String,
|
|
mtime: u64,
|
|
size: u64,
|
|
}
|
|
|
|
impl PathItem {
|
|
pub fn is_dir(&self) -> bool {
|
|
self.path_type == PathType::Dir || self.path_type == PathType::SymlinkDir
|
|
}
|
|
|
|
pub fn to_dav_xml(&self, prefix: &str) -> String {
|
|
let mtime = match Utc.timestamp_millis_opt(self.mtime as i64) {
|
|
LocalResult::Single(v) => format!("{}", v.format("%a, %d %b %Y %H:%M:%S GMT")),
|
|
_ => String::new(),
|
|
};
|
|
let mut href = encode_uri(&format!("{}{}", prefix, &self.name));
|
|
if self.is_dir() && !href.ends_with('/') {
|
|
href.push('/');
|
|
}
|
|
let displayname = escape_str_pcdata(self.base_name());
|
|
match self.path_type {
|
|
PathType::Dir | PathType::SymlinkDir => format!(
|
|
r#"<D:response>
|
|
<D:href>{href}</D:href>
|
|
<D:propstat>
|
|
<D:prop>
|
|
<D:displayname>{displayname}</D:displayname>
|
|
<D:getlastmodified>{mtime}</D:getlastmodified>
|
|
<D:resourcetype><D:collection/></D:resourcetype>
|
|
</D:prop>
|
|
<D:status>HTTP/1.1 200 OK</D:status>
|
|
</D:propstat>
|
|
</D:response>"#
|
|
),
|
|
PathType::File | PathType::SymlinkFile => format!(
|
|
r#"<D:response>
|
|
<D:href>{href}</D:href>
|
|
<D:propstat>
|
|
<D:prop>
|
|
<D:displayname>{displayname}</D:displayname>
|
|
<D:getcontentlength>{}</D:getcontentlength>
|
|
<D:getlastmodified>{mtime}</D:getlastmodified>
|
|
<D:resourcetype></D:resourcetype>
|
|
</D:prop>
|
|
<D:status>HTTP/1.1 200 OK</D:status>
|
|
</D:propstat>
|
|
</D:response>"#,
|
|
self.size
|
|
),
|
|
}
|
|
}
|
|
|
|
pub fn base_name(&self) -> &str {
|
|
self.name.split('/').last().unwrap_or_default()
|
|
}
|
|
|
|
pub fn sort_by_name(&self, other: &Self) -> Ordering {
|
|
match self.path_type.cmp(&other.path_type) {
|
|
Ordering::Equal => {
|
|
alphanumeric_sort::compare_str(self.name.to_lowercase(), other.name.to_lowercase())
|
|
}
|
|
v => v,
|
|
}
|
|
}
|
|
|
|
pub fn sort_by_mtime(&self, other: &Self) -> Ordering {
|
|
match self.path_type.cmp(&other.path_type) {
|
|
Ordering::Equal => self.mtime.cmp(&other.mtime),
|
|
v => v,
|
|
}
|
|
}
|
|
|
|
pub fn sort_by_size(&self, other: &Self) -> Ordering {
|
|
match self.path_type.cmp(&other.path_type) {
|
|
Ordering::Equal => self.size.cmp(&other.size),
|
|
v => v,
|
|
}
|
|
}
|
|
}
|
|
|
|
#[derive(Debug, Serialize, Eq, PartialEq)]
|
|
enum PathType {
|
|
Dir,
|
|
SymlinkDir,
|
|
File,
|
|
SymlinkFile,
|
|
}
|
|
|
|
impl Ord for PathType {
|
|
fn cmp(&self, other: &Self) -> Ordering {
|
|
let to_value = |t: &Self| -> u8 {
|
|
if matches!(t, Self::Dir | Self::SymlinkDir) {
|
|
0
|
|
} else {
|
|
1
|
|
}
|
|
};
|
|
to_value(self).cmp(&to_value(other))
|
|
}
|
|
}
|
|
impl PartialOrd for PathType {
|
|
fn partial_cmp(&self, other: &Self) -> Option<Ordering> {
|
|
Some(self.cmp(other))
|
|
}
|
|
}
|
|
|
|
fn to_timestamp(time: &SystemTime) -> u64 {
|
|
time.duration_since(SystemTime::UNIX_EPOCH)
|
|
.unwrap_or_default()
|
|
.as_millis() as u64
|
|
}
|
|
|
|
fn normalize_path<P: AsRef<Path>>(path: P) -> String {
|
|
let path = path.as_ref().to_str().unwrap_or_default();
|
|
if cfg!(windows) {
|
|
path.replace('\\', "/")
|
|
} else {
|
|
path.to_string()
|
|
}
|
|
}
|
|
|
|
async fn ensure_path_parent(path: &Path) -> Result<()> {
|
|
if let Some(parent) = path.parent() {
|
|
if fs::symlink_metadata(parent).await.is_err() {
|
|
fs::create_dir_all(&parent).await?;
|
|
}
|
|
}
|
|
Ok(())
|
|
}
|
|
|
|
fn add_cors(res: &mut Response) {
|
|
res.headers_mut()
|
|
.typed_insert(AccessControlAllowOrigin::ANY);
|
|
res.headers_mut()
|
|
.typed_insert(AccessControlAllowCredentials);
|
|
res.headers_mut().insert(
|
|
"Access-Control-Allow-Methods",
|
|
HeaderValue::from_static("*"),
|
|
);
|
|
res.headers_mut().insert(
|
|
"Access-Control-Allow-Headers",
|
|
HeaderValue::from_static("Authorization,*"),
|
|
);
|
|
res.headers_mut().insert(
|
|
"Access-Control-Expose-Headers",
|
|
HeaderValue::from_static("Authorization,*"),
|
|
);
|
|
}
|
|
|
|
fn res_multistatus(res: &mut Response, content: &str) {
|
|
*res.status_mut() = StatusCode::MULTI_STATUS;
|
|
res.headers_mut().insert(
|
|
"content-type",
|
|
HeaderValue::from_static("application/xml; charset=utf-8"),
|
|
);
|
|
*res.body_mut() = body_full(format!(
|
|
r#"<?xml version="1.0" encoding="utf-8" ?>
|
|
<D:multistatus xmlns:D="DAV:">
|
|
{content}
|
|
</D:multistatus>"#,
|
|
));
|
|
}
|
|
|
|
async fn zip_dir<W: AsyncWrite + Unpin>(
|
|
writer: &mut W,
|
|
dir: &Path,
|
|
access_paths: AccessPaths,
|
|
hidden: &[String],
|
|
compression: Compression,
|
|
running: Arc<AtomicBool>,
|
|
) -> Result<()> {
|
|
let mut writer = ZipFileWriter::with_tokio(writer);
|
|
let hidden = Arc::new(hidden.to_vec());
|
|
let dir_clone = dir.to_path_buf();
|
|
let zip_paths = tokio::task::spawn_blocking(move || {
|
|
let mut paths: Vec<PathBuf> = vec![];
|
|
for dir in access_paths.child_paths(&dir_clone) {
|
|
let mut it = WalkDir::new(&dir).into_iter();
|
|
it.next();
|
|
while let Some(Ok(entry)) = it.next() {
|
|
if !running.load(atomic::Ordering::SeqCst) {
|
|
break;
|
|
}
|
|
let entry_path = entry.path();
|
|
let base_name = get_file_name(entry_path);
|
|
let file_type = entry.file_type();
|
|
let mut is_dir_type: bool = file_type.is_dir();
|
|
if file_type.is_symlink() {
|
|
match std::fs::symlink_metadata(entry_path) {
|
|
Ok(meta) => {
|
|
is_dir_type = meta.is_dir();
|
|
}
|
|
Err(_) => {
|
|
continue;
|
|
}
|
|
}
|
|
}
|
|
if is_hidden(&hidden, base_name, is_dir_type) {
|
|
if file_type.is_dir() {
|
|
it.skip_current_dir();
|
|
}
|
|
continue;
|
|
}
|
|
if entry.path().symlink_metadata().is_err() {
|
|
continue;
|
|
}
|
|
if !file_type.is_file() {
|
|
continue;
|
|
}
|
|
paths.push(entry_path.to_path_buf());
|
|
}
|
|
}
|
|
paths
|
|
})
|
|
.await?;
|
|
for zip_path in zip_paths.into_iter() {
|
|
let filename = match zip_path.strip_prefix(dir).ok().and_then(|v| v.to_str()) {
|
|
Some(v) => v,
|
|
None => continue,
|
|
};
|
|
let (datetime, mode) = get_file_mtime_and_mode(&zip_path).await?;
|
|
let builder = ZipEntryBuilder::new(filename.into(), compression)
|
|
.unix_permissions(mode)
|
|
.last_modification_date(ZipDateTime::from_chrono(&datetime));
|
|
let mut file = File::open(&zip_path).await?;
|
|
let mut file_writer = writer.write_entry_stream(builder).await?.compat_write();
|
|
io::copy(&mut file, &mut file_writer).await?;
|
|
file_writer.into_inner().close().await?;
|
|
}
|
|
writer.close().await?;
|
|
Ok(())
|
|
}
|
|
|
|
fn extract_cache_headers(meta: &Metadata) -> Option<(ETag, LastModified)> {
|
|
let mtime = meta.modified().ok()?;
|
|
let timestamp = to_timestamp(&mtime);
|
|
let size = meta.len();
|
|
let etag = format!(r#""{timestamp}-{size}""#).parse::<ETag>().ok()?;
|
|
let last_modified = LastModified::from(mtime);
|
|
Some((etag, last_modified))
|
|
}
|
|
|
|
fn status_forbid(res: &mut Response) {
|
|
*res.status_mut() = StatusCode::FORBIDDEN;
|
|
*res.body_mut() = body_full("Forbidden");
|
|
}
|
|
|
|
fn status_not_found(res: &mut Response) {
|
|
*res.status_mut() = StatusCode::NOT_FOUND;
|
|
*res.body_mut() = body_full("Not Found");
|
|
}
|
|
|
|
fn status_no_content(res: &mut Response) {
|
|
*res.status_mut() = StatusCode::NO_CONTENT;
|
|
}
|
|
|
|
fn status_bad_request(res: &mut Response, body: &str) {
|
|
*res.status_mut() = StatusCode::BAD_REQUEST;
|
|
if !body.is_empty() {
|
|
*res.body_mut() = body_full(body.to_string());
|
|
}
|
|
}
|
|
|
|
fn set_content_disposition(res: &mut Response, inline: bool, filename: &str) -> Result<()> {
|
|
let kind = if inline { "inline" } else { "attachment" };
|
|
let filename: String = filename
|
|
.chars()
|
|
.map(|ch| {
|
|
if ch.is_ascii_control() && ch != '\t' {
|
|
' '
|
|
} else {
|
|
ch
|
|
}
|
|
})
|
|
.collect();
|
|
let value = if filename.is_ascii() {
|
|
HeaderValue::from_str(&format!("{kind}; filename=\"{}\"", filename,))?
|
|
} else {
|
|
HeaderValue::from_str(&format!(
|
|
"{kind}; filename=\"{}\"; filename*=UTF-8''{}",
|
|
filename,
|
|
encode_uri(&filename),
|
|
))?
|
|
};
|
|
res.headers_mut().insert(CONTENT_DISPOSITION, value);
|
|
Ok(())
|
|
}
|
|
|
|
fn is_hidden(hidden: &[String], file_name: &str, is_dir_type: bool) -> bool {
|
|
hidden.iter().any(|v| {
|
|
if is_dir_type {
|
|
if let Some(x) = v.strip_suffix('/') {
|
|
return glob(x, file_name);
|
|
}
|
|
}
|
|
glob(v, file_name)
|
|
})
|
|
}
|
|
|
|
fn set_webdav_headers(res: &mut Response) {
|
|
res.headers_mut().insert(
|
|
"Allow",
|
|
HeaderValue::from_static(
|
|
"GET,HEAD,PUT,OPTIONS,DELETE,PATCH,PROPFIND,COPY,MOVE,CHECKAUTH,LOGOUT",
|
|
),
|
|
);
|
|
res.headers_mut()
|
|
.insert("DAV", HeaderValue::from_static("1, 2, 3"));
|
|
}
|
|
|
|
async fn get_content_type(path: &Path) -> Result<String> {
|
|
let mut buffer: Vec<u8> = vec![];
|
|
fs::File::open(path)
|
|
.await?
|
|
.take(1024)
|
|
.read_to_end(&mut buffer)
|
|
.await?;
|
|
let mime = mime_guess::from_path(path).first();
|
|
let is_text = content_inspector::inspect(&buffer).is_text();
|
|
let content_type = if is_text {
|
|
let mut detector = chardetng::EncodingDetector::new();
|
|
detector.feed(&buffer, buffer.len() < 1024);
|
|
let (enc, confident) = detector.guess_assess(None, true);
|
|
let charset = if confident {
|
|
format!("; charset={}", enc.name())
|
|
} else {
|
|
"".into()
|
|
};
|
|
match mime {
|
|
Some(m) => format!("{m}{charset}"),
|
|
None => format!("text/plain{charset}"),
|
|
}
|
|
} else {
|
|
match mime {
|
|
Some(m) => m.to_string(),
|
|
None => "application/octet-stream".into(),
|
|
}
|
|
};
|
|
Ok(content_type)
|
|
}
|
|
|
|
fn parse_upload_offset(headers: &HeaderMap<HeaderValue>, size: u64) -> Result<Option<u64>> {
|
|
let value = match headers.get("x-update-range") {
|
|
Some(v) => v,
|
|
None => return Ok(None),
|
|
};
|
|
let err = || anyhow!("Invalid X-Update-Range Header");
|
|
let value = value.to_str().map_err(|_| err())?;
|
|
if value == "append" {
|
|
return Ok(Some(size));
|
|
}
|
|
let (start, _) = parse_range(value, size).ok_or_else(err)?;
|
|
Ok(Some(start))
|
|
}
|
|
|
|
async fn sha256_file(path: &Path) -> Result<String> {
|
|
let mut file = fs::File::open(path).await?;
|
|
let mut hasher = Sha256::new();
|
|
let mut buffer = [0u8; 8192];
|
|
|
|
loop {
|
|
let bytes_read = file.read(&mut buffer).await?;
|
|
if bytes_read == 0 {
|
|
break;
|
|
}
|
|
hasher.update(&buffer[..bytes_read]);
|
|
}
|
|
|
|
let result = hasher.finalize();
|
|
Ok(format!("{:x}", result))
|
|
}
|
|
|
|
fn has_query_flag(query_params: &HashMap<String, String>, name: &str) -> bool {
|
|
query_params
|
|
.get(name)
|
|
.map(|v| v.is_empty())
|
|
.unwrap_or_default()
|
|
}
|