9 changed files with 28 additions and 205 deletions
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@ -18,4 +18,4 @@ jobs:
          go-version: "1.23.x"
      - uses: golangci/golangci-lint-action@v6
        with:
-          version: "v1.62"
+          version: "v1.60"
--- a/README.md
+++ b/README.md
@ -86,21 +86,9 @@ directory: .
 # permissions. For example, to allow to read and create, set "RC". Default is "R".
 permissions: R

-# The default permissions rules for users. Default is none. Rules are applied
-# from last to first, that is, the first rule that matches the request, starting
-# from the end, will be applied to the request.
+# The default permissions rules for users. Default is none.
 rules: []

-# The behavior of redefining the rules for users. It can be:
-# - overwrite: when a user has rules defined, these will overwrite any global
-#   rules already defined. That is, the global rules are not applicable to the
-#   user.
-# - append: when a user has rules defined, these will be appended to the global
-#   rules already defined. That is, for this user, their own specific rules will
-#   be checked first, and then the global rules.
-# Default is 'overwrite'.
-rulesBehavior: overwrite
-
 # Logging configuration
 log:
  # Logging format ('console', 'json'). Default is 'console'.
@ -139,8 +127,6 @@ users:
  - username: admin
    password: admin
  # Example 'john' user with bcrypt encrypted password, with custom directory.
-  # You can generate a bcrypt-encrypted password by using the 'webdav bcrypt'
-  # command lint utility.
  - username: john
    password: "{bcrypt}$2y$10$zEP6oofmXFeHaeMfBNLnP.DO8m.H.Mwhd24/TOX2MWLxAExXi4qgi"
    directory: /another/path
--- a/cmd/bcrypt.go
+++ b/cmd/bcrypt.go
@ -1,49 +0,0 @@
-package cmd
-
-import (
-	"errors"
-	"fmt"
-
-	"github.com/spf13/cobra"
-	"golang.org/x/crypto/bcrypt"
-)
-
-func init() {
-	flags := bcryptCmd.Flags()
-	flags.IntP("cost", "c", bcrypt.DefaultCost, "cost used to generate password, higher cost leads to slower verification times")
-
-	rootCmd.AddCommand(bcryptCmd)
-}
-
-var bcryptCmd = &cobra.Command{
-	Use:   "bcrypt",
-	Short: "Generate a bcrypt encrypted password",
-	Args:  cobra.ExactArgs(1),
-	RunE: func(cmd *cobra.Command, args []string) error {
-		cost, err := cmd.Flags().GetInt("cost")
-		if err != nil {
-			return err
-		}
-
-		if cost < bcrypt.MinCost {
-			return fmt.Errorf("given cost cannot be under minimum cost of %d", bcrypt.MinCost)
-		}
-
-		if cost > bcrypt.MaxCost {
-			return fmt.Errorf("given cost cannot be over maximum cost of %d", bcrypt.MaxCost)
-		}
-
-		pwd := args[0]
-		if pwd == "" {
-			return errors.New("password argument must not be empty")
-		}
-
-		hash, err := bcrypt.GenerateFromPassword([]byte(pwd), cost)
-		if err != nil {
-			return err
-		}
-
-		fmt.Println(string(hash))
-		return nil
-	},
-}
--- a/cmd/root.go
+++ b/cmd/root.go
@ -10,7 +10,6 @@ import (
 	"strings"
 	"syscall"

-	"github.com/coreos/go-systemd/v22/activation"
 	"github.com/hacdias/webdav/v5/lib"
 	"github.com/spf13/cobra"
 	"go.uber.org/zap"
@ -116,21 +115,7 @@ func getListener(cfg *lib.Config) (net.Listener, error) {
 		network string
 	)

-	if strings.HasPrefix(cfg.Address, "sd-listen-fd:") {
-		listeners, err := activation.ListenersWithNames()
-		if err != nil {
-			return nil, err
-		}
-
-		address := cfg.Address[13:]
-		listener, ok := listeners[address]
-
-		if !ok || len(listener) < 1 {
-			return nil, errors.New("unknown sd-listen-fd address '" + address + "'")
-		}
-
-		return listener[0], nil
-	} else if strings.HasPrefix(cfg.Address, "unix:") {
+	if strings.HasPrefix(cfg.Address, "unix:") {
 		address = cfg.Address[5:]
 		network = "unix"
 	} else {
--- a/go.mod
+++ b/go.mod
@ -3,7 +3,6 @@ module github.com/hacdias/webdav/v5
 go 1.23

 require (
-	github.com/coreos/go-systemd/v22 v22.5.0
 	github.com/go-viper/mapstructure/v2 v2.2.1
 	github.com/rs/cors v1.11.1
 	github.com/spf13/cobra v1.8.1
@ -12,8 +11,8 @@ require (
 	github.com/stretchr/testify v1.9.0
 	github.com/studio-b12/gowebdav v0.9.0
 	go.uber.org/zap v1.27.0
-	golang.org/x/crypto v0.31.0
-	golang.org/x/net v0.33.0
+	golang.org/x/crypto v0.29.0
+	golang.org/x/net v0.31.0
 )

 require (
@ -21,7 +20,7 @@ require (
 	github.com/fsnotify/fsnotify v1.8.0 // indirect
 	github.com/hashicorp/hcl v1.0.0 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
-	github.com/magiconair/properties v1.8.9 // indirect
+	github.com/magiconair/properties v1.8.7 // indirect
 	github.com/mitchellh/mapstructure v1.5.0 // indirect
 	github.com/pelletier/go-toml/v2 v2.2.3 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
@ -29,12 +28,12 @@ require (
 	github.com/sagikazarmark/slog-shim v0.1.0 // indirect
 	github.com/sourcegraph/conc v0.3.0 // indirect
 	github.com/spf13/afero v1.11.0 // indirect
-	github.com/spf13/cast v1.7.1 // indirect
+	github.com/spf13/cast v1.7.0 // indirect
 	github.com/subosito/gotenv v1.6.0 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
-	golang.org/x/exp v0.0.0-20241217172543-b2144cdd0a67 // indirect
-	golang.org/x/sys v0.28.0 // indirect
-	golang.org/x/text v0.21.0 // indirect
+	golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f // indirect
+	golang.org/x/sys v0.27.0 // indirect
+	golang.org/x/text v0.20.0 // indirect
 	gopkg.in/ini.v1 v1.67.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
--- a/go.sum
+++ b/go.sum
@ -1,5 +1,3 @@
-github.com/coreos/go-systemd/v22 v22.5.0 h1:RrqgGjYQKalulkV8NGVIfkXQf6YYmOyiJKk8iXXhfZs=
-github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
 github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
@ -10,7 +8,6 @@ github.com/fsnotify/fsnotify v1.8.0 h1:dAwr6QBTBZIkG8roQaJjGof0pp0EeF+tNV7YBP3F/
 github.com/fsnotify/fsnotify v1.8.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0=
 github.com/go-viper/mapstructure/v2 v2.2.1 h1:ZAaOCxANMuZx5RCeg0mBdEZk7DZasvvZIxtHqx8aGss=
 github.com/go-viper/mapstructure/v2 v2.2.1/go.mod h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM=
-github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
 github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
@ -21,8 +18,8 @@ github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
 github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
-github.com/magiconair/properties v1.8.9 h1:nWcCbLq1N2v/cpNsy5WvQ37Fb+YElfq20WJ/a8RkpQM=
-github.com/magiconair/properties v1.8.9/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
+github.com/magiconair/properties v1.8.7 h1:IeQXZAiQcpL9mgcAe1Nu6cX9LLw6ExEHKjN0VQdvPDY=
+github.com/magiconair/properties v1.8.7/go.mod h1:Dhd985XPs7jluiymwWYZ0G4Z61jb3vdS329zhj2hYo0=
 github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
 github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
 github.com/pelletier/go-toml/v2 v2.2.3 h1:YmeHyLY8mFWbdkNWwpr+qIL2bEqT0o95WSdkNHvL12M=
@ -42,8 +39,8 @@ github.com/sourcegraph/conc v0.3.0 h1:OQTbbt6P72L20UqAkXXuLOj79LfEanQ+YQFNpLA9yS
 github.com/sourcegraph/conc v0.3.0/go.mod h1:Sdozi7LEKbFPqYX2/J+iBAM6HpqSLTASQIKqDmF7Mt0=
 github.com/spf13/afero v1.11.0 h1:WJQKhtpdm3v2IzqG8VMqrr6Rf3UYpEF239Jy9wNepM8=
 github.com/spf13/afero v1.11.0/go.mod h1:GH9Y3pIexgf1MTIWtNGyogA5MwRIDXGUr+hbWNoBjkY=
-github.com/spf13/cast v1.7.1 h1:cuNEagBQEHWN1FnbGEjCXL2szYEXqfJPbP2HNUaca9Y=
-github.com/spf13/cast v1.7.1/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo=
+github.com/spf13/cast v1.7.0 h1:ntdiHjuueXFgm5nzDRdOS4yfT43P5Fnud6DH50rz/7w=
+github.com/spf13/cast v1.7.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo=
 github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM=
 github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y=
 github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA=
@ -62,16 +59,16 @@ go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0=
 go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
 go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
 go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
-golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
-golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
-golang.org/x/exp v0.0.0-20241217172543-b2144cdd0a67 h1:1UoZQm6f0P/ZO0w1Ri+f+ifG/gXhegadRdwBIXEFWDo=
-golang.org/x/exp v0.0.0-20241217172543-b2144cdd0a67/go.mod h1:qj5a5QZpwLU2NLQudwIN5koi3beDhSAlJwa67PuM98c=
-golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
-golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
-golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
-golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
-golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
+golang.org/x/crypto v0.29.0 h1:L5SG1JTTXupVV3n6sUqMTeWbjAyfPwoda2DLX8J8FrQ=
+golang.org/x/crypto v0.29.0/go.mod h1:+F4F4N5hv6v38hfeYwTdx20oUvLLc+QfrE9Ax9HtgRg=
+golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f h1:XdNn9LlyWAhLVp6P/i8QYBW+hlyhrhei9uErw2B5GJo=
+golang.org/x/exp v0.0.0-20241108190413-2d47ceb2692f/go.mod h1:D5SMRVC3C2/4+F/DB1wZsLRnSNimn2Sp/NPsCrsv8ak=
+golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo=
+golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM=
+golang.org/x/sys v0.27.0 h1:wBqf8DvsY9Y/2P8gAfPDEYNuS30J4lPHJxXSb/nJZ+s=
+golang.org/x/sys v0.27.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/text v0.20.0 h1:gK/Kv2otX8gz+wn7Rmb3vT96ZwuoxnQlY+HlJVj7Qug=
+golang.org/x/text v0.20.0/go.mod h1:D4IsuqiFMhST5bX19pQ9ikHC2GsaKyk/oF+pn3ducp4=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
--- a/lib/config.go
+++ b/lib/config.go
@ -75,7 +75,6 @@ func ParseConfig(filename string, flags *pflag.FlagSet) (*Config, error) {
 	v.SetDefault("Prefix", DefaultPrefix)

 	// Other defaults
-	v.SetDefault("RulesBehavior", RulesOverwrite)
 	v.SetDefault("Directory", ".")
 	v.SetDefault("Permissions", "R")
 	v.SetDefault("Debug", false)
@ -116,21 +115,7 @@ func ParseConfig(filename string, flags *pflag.FlagSet) (*Config, error) {
 			cfg.Users[i].Permissions = cfg.Permissions
 		}

-		if !v.IsSet(fmt.Sprintf("Users.%d.RulesBehavior", i)) {
-			cfg.Users[i].RulesBehavior = cfg.RulesBehavior
-		}
-
-		if v.IsSet(fmt.Sprintf("Users.%d.Rules", i)) {
-			switch cfg.Users[i].RulesBehavior {
-			case RulesOverwrite:
-				// Do nothing
-			case RulesAppend:
-				rules := append([]*Rule{}, cfg.Rules...)
-				rules = append(rules, cfg.Users[i].Rules...)
-
-				cfg.Users[i].Rules = rules
-			}
-		} else {
+		if !v.IsSet(fmt.Sprintf("Users.%d.Rules", i)) {
 			cfg.Users[i].Rules = cfg.Rules
 		}
 	}
--- a/lib/config_test.go
+++ b/lib/config_test.go
@ -232,71 +232,6 @@ rules:
 		require.Nil(t, cfg.Rules[1].Regex)
 	})

-	t.Run("Rules Behavior (Default: Overwrite)", func(t *testing.T) {
-		content := `
-directory: /
-rules:
-  - regex: '^.+\.js$'
-  - path: /public/access/
-
-users:
-  - username: foo
-    password: bar
-    rules:
-    - path: /private/access/`
-
-		cfg := writeAndParseConfig(t, content, ".yaml")
-		require.NoError(t, cfg.Validate())
-
-		require.Len(t, cfg.Rules, 2)
-
-		require.Empty(t, cfg.Rules[0].Path)
-		require.NotNil(t, cfg.Rules[0].Regex)
-		require.True(t, cfg.Rules[0].Regex.MatchString("/my/path/to/file.js"))
-		require.False(t, cfg.Rules[0].Regex.MatchString("/my/path/to/file.ts"))
-
-		require.EqualValues(t, "/public/access/", cfg.Rules[1].Path)
-		require.Nil(t, cfg.Rules[1].Regex)
-
-		require.Len(t, cfg.Users, 1)
-		require.Len(t, cfg.Users[0].Rules, 1)
-		require.EqualValues(t, "/private/access/", cfg.Users[0].Rules[0].Path)
-	})
-
-	t.Run("Rules Behavior (Append)", func(t *testing.T) {
-		content := `
-directory: /
-rules:
-  - regex: '^.+\.js$'
-  - path: /public/access/
-rulesBehavior: append
-
-users:
-  - username: foo
-    password: bar
-    rules:
-    - path: /private/access/`
-
-		cfg := writeAndParseConfig(t, content, ".yaml")
-		require.NoError(t, cfg.Validate())
-
-		require.Len(t, cfg.Rules, 2)
-
-		require.Empty(t, cfg.Rules[0].Path)
-		require.NotNil(t, cfg.Rules[0].Regex)
-		require.True(t, cfg.Rules[0].Regex.MatchString("/my/path/to/file.js"))
-		require.False(t, cfg.Rules[0].Regex.MatchString("/my/path/to/file.ts"))
-
-		require.EqualValues(t, "/public/access/", cfg.Rules[1].Path)
-		require.Nil(t, cfg.Rules[1].Regex)
-
-		require.Len(t, cfg.Users, 1)
-		require.Len(t, cfg.Users[0].Rules, 3)
-
-		require.EqualValues(t, cfg.Rules[0], cfg.Users[0].Rules[0])
-		require.EqualValues(t, cfg.Rules[1], cfg.Users[0].Rules[1])
-		require.EqualValues(t, "/private/access/", cfg.Users[0].Rules[2].Path)
-	})
 }

 func TestConfigEnv(t *testing.T) {
--- a/lib/permissions.go
+++ b/lib/permissions.go
@ -36,18 +36,10 @@ func (r *Rule) Matches(path string) bool {
 	return strings.HasPrefix(path, r.Path)
 }

-type RulesBehavior string
-
-const (
-	RulesOverwrite RulesBehavior = "overwrite"
-	RulesAppend    RulesBehavior = "append"
-)
-
 type UserPermissions struct {
-	Directory     string
-	Permissions   Permissions
-	Rules         []*Rule
-	RulesBehavior RulesBehavior
+	Directory   string
+	Permissions Permissions
+	Rules       []*Rule
 }

 // Allowed checks if the user has permission to access a directory/file
@ -99,13 +91,6 @@ func (p *UserPermissions) Validate() error {
 		}
 	}

-	switch p.RulesBehavior {
-	case RulesAppend, RulesOverwrite:
-		// Good to go
-	default:
-		return fmt.Errorf("invalid rule behavior: %s", p.RulesBehavior)
-	}
-
 	return nil
 }