filebrowser/filemanager.go

466 lines
12 KiB
Go
Raw Normal View History

2017-07-29 13:20:58 +00:00
// Package filemanager provides a web interface to access your files
// wherever you are. To use this package as a middleware for your app,
// you'll need to create a filemanager instance:
//
// m, err := filemanager.New(database, user)
//
// Where 'user' contains the default options for new users. You can just
// use 'filemanager.DefaultUser' or create yourself a default user:
//
// m, err := filemanager.New(database, filemanager.User{
// Admin: false,
// AllowCommands: false,
// AllowEdit: true,
// AllowNew: true,
// Commands: []string{
// "git",
// },
// Rules: []*filemanager.Rule{},
// CSS: "",
// FileSystem: webdav.Dir("/path/to/files"),
// })
//
// The credentials for the first user are always 'admin' for both the user and
// the password, and they can be changed later through the settings. The first
// user is always an Admin and has all of the permissions set to 'true'.
//
// Then, you should set the Prefix URL and the Base URL, using the following
// functions:
//
// m.SetBaseURL("/")
// m.SetPrefixURL("/")
//
// The Prefix URL is a part of the path that is already stripped from the
// r.URL.Path variable before the request arrives to File Manager's handler.
// This is a function that will rarely be used. You can see one example on Caddy
// filemanager plugin.
//
// The Base URL is the URL path where you want File Manager to be available in. If
// you want to be available at the root path, you should call:
//
// m.SetBaseURL("/")
//
// But if you want to access it at '/admin', you would call:
//
// m.SetBaseURL("/admin")
//
// Now, that you already have a File Manager instance created, you just need to
// add it to your handlers using m.ServeHTTP which is compatible to http.Handler.
// We also have a m.ServeWithErrorsHTTP that returns the status code and an error.
//
// One simple implementation for this, at port 80, in the root of the domain, would be:
//
// http.ListenAndServe(":80", m)
2017-06-20 10:40:52 +00:00
package filemanager
2017-06-24 11:12:15 +00:00
import (
2017-06-25 10:40:23 +00:00
"errors"
2017-07-08 16:51:47 +00:00
"log"
2017-06-24 11:12:15 +00:00
"net/http"
2017-07-08 16:51:47 +00:00
"os"
"os/exec"
2017-07-29 10:02:18 +00:00
"reflect"
2017-06-24 11:12:15 +00:00
"regexp"
"strings"
rice "github.com/GeertJohan/go.rice"
2017-07-03 07:59:49 +00:00
"github.com/asdine/storm"
2017-07-27 20:39:23 +00:00
"github.com/hacdias/fileutils"
2017-07-08 16:51:47 +00:00
"github.com/mholt/caddy"
2017-06-24 11:12:15 +00:00
)
2017-06-25 11:53:49 +00:00
var (
errUserExist = errors.New("user already exists")
errUserNotExist = errors.New("user does not exist")
errEmptyRequest = errors.New("request body is empty")
errEmptyPassword = errors.New("password is empty")
errEmptyUsername = errors.New("username is empty")
errEmptyScope = errors.New("scope is empty")
errWrongDataType = errors.New("wrong data type")
errInvalidUpdateField = errors.New("invalid field to update")
2017-06-25 11:53:49 +00:00
)
2017-06-25 14:24:16 +00:00
// FileManager is a file manager instance. It should be creating using the
// 'New' function and not directly.
2017-06-24 11:12:15 +00:00
type FileManager struct {
// The BoltDB database for this instance.
db *storm.DB
// The key used to sign the JWT tokens.
2017-07-03 07:59:49 +00:00
key []byte
2017-06-24 11:12:15 +00:00
// The static assets.
assets *rice.Box
2017-07-03 07:59:49 +00:00
// PrefixURL is a part of the URL that is already trimmed from the request URL before it
// arrives to our handlers. It may be useful when using File Manager as a middleware
// such as in caddy-filemanager plugin. It is only useful in certain situations.
2017-07-03 07:59:49 +00:00
PrefixURL string
2017-06-27 09:31:50 +00:00
2017-07-03 07:59:49 +00:00
// BaseURL is the path where the GUI will be accessible. It musn't end with
// a trailing slash and mustn't contain PrefixURL, if set. It shouldn't be
// edited directly. Use SetBaseURL.
BaseURL string
2017-06-24 11:12:15 +00:00
2017-08-02 13:10:05 +00:00
// NoAuth disables the authentication. When the authentication is disabled,
// there will only exist one user, called "admin".
NoAuth bool
// staticgen is the name of the current static website generator.
staticgen string
// StaticGen is the static websit generator handler.
StaticGen StaticGen
2017-07-14 07:25:37 +00:00
// The Default User needed to build the New User page.
DefaultUser *User
2017-06-24 11:12:15 +00:00
// Users is a map with the different configurations for each user.
2017-06-25 14:24:16 +00:00
Users map[string]*User
2017-06-24 11:12:15 +00:00
2017-07-08 16:51:47 +00:00
// A map of events to a slice of commands.
Commands map[string][]string
}
type StaticGen interface {
SettingsPath() string
2017-07-08 16:51:47 +00:00
Hook(c *RequestContext, w http.ResponseWriter, r *http.Request) (int, error)
Preview(c *RequestContext, w http.ResponseWriter, r *http.Request) (int, error)
Publish(c *RequestContext, w http.ResponseWriter, r *http.Request) (int, error)
Schedule(c *RequestContext, w http.ResponseWriter, r *http.Request) (int, error)
2017-06-24 11:12:15 +00:00
}
2017-06-25 14:19:23 +00:00
// Command is a command function.
2017-06-25 14:24:16 +00:00
type Command func(r *http.Request, m *FileManager, u *User) error
2017-06-25 14:19:23 +00:00
2017-07-25 10:57:27 +00:00
// User contains the configuration for each user.
2017-06-25 14:24:16 +00:00
type User struct {
2017-07-03 07:59:49 +00:00
// ID is the required primary key with auto increment0
ID int `storm:"id,increment"`
// Username is the user username used to login.
Username string `json:"username" storm:"index,unique"`
2017-07-03 07:59:49 +00:00
// The hashed password. This never reaches the front-end because it's temporarily
// emptied during JSON marshall.
Password string `json:"password"`
2017-07-06 08:33:36 +00:00
// Tells if this user is an admin.
Admin bool `json:"admin"`
2017-07-03 07:59:49 +00:00
// FileSystem is the virtual file system the user has access.
2017-07-27 20:39:23 +00:00
FileSystem fileutils.Dir `json:"filesystem"`
// Rules is an array of access and deny rules.
2017-07-03 07:59:49 +00:00
Rules []*Rule `json:"rules"`
// Custom styles for this user.
2017-07-03 07:59:49 +00:00
CSS string `json:"css"`
// Locale is the language of the user.
Locale string `json:"locale"`
// These indicate if the user can perform certain actions.
AllowNew bool `json:"allowNew"` // Create files and folders
AllowEdit bool `json:"allowEdit"` // Edit/rename files
AllowCommands bool `json:"allowCommands"` // Execute commands
AllowPublish bool `json:"allowPublish"` // Publish content (to use with static gen)
// Commands is the list of commands the user can execute.
2017-06-28 15:05:30 +00:00
Commands []string `json:"commands"`
2017-06-24 11:12:15 +00:00
}
// Rule is a dissalow/allow rule.
type Rule struct {
// Regex indicates if this rule uses Regular Expressions or not.
2017-07-06 20:18:34 +00:00
Regex bool `json:"regex"`
// Allow indicates if this is an allow rule. Set 'false' to be a disallow rule.
2017-07-06 20:18:34 +00:00
Allow bool `json:"allow"`
// Path is the corresponding URL path for this rule.
2017-07-06 20:18:34 +00:00
Path string `json:"path"`
// Regexp is the regular expression. Only use this when 'Regex' was set to true.
2017-07-06 20:18:34 +00:00
Regexp *Regexp `json:"regexp"`
2017-07-03 07:59:49 +00:00
}
// Regexp is a regular expression wrapper around native regexp.
type Regexp struct {
2017-07-06 20:18:34 +00:00
Raw string `json:"raw"`
2017-07-03 07:59:49 +00:00
regexp *regexp.Regexp
2017-06-24 11:12:15 +00:00
}
2017-07-03 07:59:49 +00:00
// DefaultUser is used on New, when no 'base' user is provided.
var DefaultUser = User{
AllowCommands: true,
AllowEdit: true,
AllowNew: true,
AllowPublish: true,
2017-07-03 07:59:49 +00:00
Commands: []string{},
Rules: []*Rule{},
CSS: "",
2017-07-06 08:33:36 +00:00
Admin: true,
Locale: "en",
2017-07-27 20:39:23 +00:00
FileSystem: fileutils.Dir("."),
2017-07-03 07:59:49 +00:00
}
// New creates a new File Manager instance. If 'database' file already
// exists, it will load the users from there. Otherwise, a new user
// will be created using the 'base' variable. The 'base' User should
// not have the Password field hashed.
func New(database string, base User) (*FileManager, error) {
// Creates a new File Manager instance with the Users
// map and Assets box.
2017-06-25 08:11:25 +00:00
m := &FileManager{
Users: map[string]*User{},
assets: rice.MustFindBox("./assets/dist"),
2017-07-03 07:59:49 +00:00
}
// Tries to open a database on the location provided. This
// function will automatically create a new one if it doesn't
// exist.
db, err := storm.Open(database)
if err != nil {
return nil, err
}
// Tries to get the encryption key from the database.
// If it doesn't exist, create a new one of 256 bits.
err = db.Get("config", "key", &m.key)
if err != nil && err == storm.ErrNotFound {
2017-07-25 08:01:29 +00:00
var bytes []byte
bytes, err = generateRandomBytes(64)
if err != nil {
return nil, err
}
m.key = bytes
2017-07-03 07:59:49 +00:00
err = db.Set("config", "key", m.key)
2017-06-25 08:11:25 +00:00
}
2017-07-03 07:59:49 +00:00
if err != nil {
return nil, err
}
2017-07-08 17:08:11 +00:00
// Tries to get the event commands from the database.
// If they don't exist, initialize them.
err = db.Get("config", "commands", &m.Commands)
if err != nil && err == storm.ErrNotFound {
m.Commands = map[string][]string{
"before_save": {},
"after_save": {},
"before_publish": {},
"after_publish": {},
2017-07-08 17:08:11 +00:00
}
err = db.Set("config", "commands", m.Commands)
}
if err != nil {
return nil, err
}
2017-07-03 07:59:49 +00:00
// Tries to fetch the users from the database and if there are
// any, add them to the current File Manager instance.
var users []User
err = db.All(&users)
if err != nil {
return nil, err
}
for i := range users {
m.Users[users[i].Username] = &users[i]
}
// If there are no users in the database, it creates a new one
// based on 'base' User that must be provided by the function caller.
if len(users) == 0 {
2017-07-20 08:52:03 +00:00
u := base
u.Username = "admin"
2017-07-03 07:59:49 +00:00
// Hashes the password.
2017-07-20 08:52:03 +00:00
u.Password, err = hashPassword("admin")
2017-07-03 07:59:49 +00:00
if err != nil {
return nil, err
}
2017-07-06 08:33:36 +00:00
// The first user must be an administrator.
2017-07-20 08:52:03 +00:00
u.Admin = true
u.AllowCommands = true
u.AllowNew = true
u.AllowEdit = true
2017-07-03 07:59:49 +00:00
// Saves the user to the database.
2017-07-20 08:52:03 +00:00
if err := db.Save(&u); err != nil {
2017-07-03 07:59:49 +00:00
return nil, err
}
2017-07-20 08:52:03 +00:00
m.Users[u.Username] = &u
2017-07-03 07:59:49 +00:00
}
2017-06-25 08:11:25 +00:00
2017-07-03 07:59:49 +00:00
// Attaches db to this File Manager instance.
m.db = db
2017-07-18 15:36:08 +00:00
// Create the default user, making a copy of the base.
base.Username = ""
base.Password = ""
2017-07-20 08:52:03 +00:00
m.DefaultUser = &base
2017-07-03 07:59:49 +00:00
return m, nil
2017-06-25 08:11:25 +00:00
}
// RootURL returns the actual URL where
// File Manager interface can be accessed.
func (m FileManager) RootURL() string {
2017-07-03 07:59:49 +00:00
return m.PrefixURL + m.BaseURL
2017-06-24 11:12:15 +00:00
}
// SetPrefixURL updates the prefixURL of a File
// Manager object.
2017-06-27 13:49:46 +00:00
func (m *FileManager) SetPrefixURL(url string) {
url = strings.TrimPrefix(url, "/")
url = strings.TrimSuffix(url, "/")
url = "/" + url
2017-07-03 07:59:49 +00:00
m.PrefixURL = strings.TrimSuffix(url, "/")
}
// SetBaseURL updates the baseURL of a File Manager
// object.
2017-06-25 08:11:25 +00:00
func (m *FileManager) SetBaseURL(url string) {
url = strings.TrimPrefix(url, "/")
url = strings.TrimSuffix(url, "/")
url = "/" + url
2017-07-03 07:59:49 +00:00
m.BaseURL = strings.TrimSuffix(url, "/")
2017-06-25 08:11:25 +00:00
}
// ServeHTTP handles the request.
2017-07-20 08:03:14 +00:00
func (m *FileManager) ServeHTTP(w http.ResponseWriter, r *http.Request) {
code, err := serveHTTP(&RequestContext{
FileManager: m,
User: nil,
File: nil,
2017-06-27 14:35:39 +00:00
}, w, r)
if code >= 400 {
w.WriteHeader(code)
2017-07-20 08:03:14 +00:00
if err == nil {
txt := http.StatusText(code)
log.Printf("%v: %v %v\n", r.URL.Path, code, txt)
w.Write([]byte(txt))
2017-07-20 08:03:14 +00:00
}
}
if err != nil {
log.Print(err)
w.Write([]byte(err.Error()))
}
2017-07-20 08:03:14 +00:00
}
func (m *FileManager) EnableStaticGen(data StaticGen) error {
if reflect.TypeOf(data).Kind() != reflect.Ptr {
return errors.New("data should be a pointer to interface, not interface")
}
if h, ok := data.(*Hugo); ok {
return m.enableHugo(h)
}
return errors.New("unknown static website generator")
}
func (m *FileManager) enableHugo(hugo *Hugo) error {
if err := hugo.find(); err != nil {
return err
}
m.staticgen = "hugo"
m.StaticGen = hugo
err := m.db.Get("staticgen", "hugo", hugo)
if err != nil && err == storm.ErrNotFound {
err = m.db.Set("staticgen", "hugo", *hugo)
}
return nil
}
2017-06-24 11:12:15 +00:00
// Allowed checks if the user has permission to access a directory/file.
2017-06-25 14:24:16 +00:00
func (u User) Allowed(url string) bool {
2017-06-24 11:12:15 +00:00
var rule *Rule
i := len(u.Rules) - 1
for i >= 0 {
rule = u.Rules[i]
if rule.Regex {
if rule.Regexp.MatchString(url) {
return rule.Allow
}
} else if strings.HasPrefix(url, rule.Path) {
return rule.Allow
}
i--
}
return true
}
2017-07-03 07:59:49 +00:00
// MatchString checks if this string matches the regular expression.
func (r *Regexp) MatchString(s string) bool {
if r.regexp == nil {
r.regexp = regexp.MustCompile(r.Raw)
}
return r.regexp.MatchString(s)
}
2017-07-08 16:51:47 +00:00
2017-07-08 17:08:11 +00:00
// Runner runs the commands for a certain event type.
2017-07-08 16:51:47 +00:00
func (m FileManager) Runner(event string, path string) error {
2017-07-12 14:28:35 +00:00
commands := []string{}
// Get the commands from the File Manager instance itself.
if val, ok := m.Commands[event]; ok {
commands = append(commands, val...)
}
// Execute the commands.
for _, command := range commands {
2017-07-08 16:51:47 +00:00
args := strings.Split(command, " ")
nonblock := false
if len(args) > 1 && args[len(args)-1] == "&" {
// Run command in background; non-blocking
nonblock = true
args = args[:len(args)-1]
}
command, args, err := caddy.SplitCommandAndArgs(strings.Join(args, " "))
if err != nil {
return err
}
cmd := exec.Command(command, args...)
cmd.Env = append(os.Environ(), "file="+path)
cmd.Stdin = os.Stdin
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
if nonblock {
log.Printf("[INFO] Nonblocking Command:\"%s %s\"", command, strings.Join(args, " "))
if err := cmd.Start(); err != nil {
return err
}
continue
}
log.Printf("[INFO] Blocking Command:\"%s %s\"", command, strings.Join(args, " "))
if err := cmd.Run(); err != nil {
return err
}
}
return nil
}