package sftpd import ( "io" "net" "os" "path" "sync" "time" "github.com/pkg/sftp" "golang.org/x/crypto/ssh" "github.com/drakkan/sftpgo/dataprovider" "github.com/drakkan/sftpgo/logger" "github.com/drakkan/sftpgo/vfs" ) // Connection details for an authenticated user type Connection struct { // Unique identifier for the connection ID string // logged in user's details User dataprovider.User // client's version string ClientVersion string // Remote address for this connection RemoteAddr net.Addr // start time for this connection StartTime time.Time // last activity for this connection lastActivity time.Time protocol string netConn net.Conn channel ssh.Channel command string fs vfs.Fs } // Log outputs a log entry to the configured logger func (c Connection) Log(level logger.LogLevel, sender string, format string, v ...interface{}) { logger.Log(level, sender, c.ID, format, v...) } // Fileread creates a reader for a file on the system and returns the reader back. func (c Connection) Fileread(request *sftp.Request) (io.ReaderAt, error) { updateConnectionActivity(c.ID) if !c.User.HasPerm(dataprovider.PermDownload, path.Dir(request.Filepath)) { return nil, sftp.ErrSSHFxPermissionDenied } if !c.User.IsFileAllowed(request.Filepath) { c.Log(logger.LevelWarn, logSender, "reading file %#v is not allowed", request.Filepath) return nil, sftp.ErrSSHFxPermissionDenied } p, err := c.fs.ResolvePath(request.Filepath) if err != nil { return nil, vfs.GetSFTPError(c.fs, err) } file, r, cancelFn, err := c.fs.Open(p) if err != nil { c.Log(logger.LevelWarn, logSender, "could not open file %#v for reading: %+v", p, err) return nil, vfs.GetSFTPError(c.fs, err) } c.Log(logger.LevelDebug, logSender, "fileread requested for path: %#v", p) transfer := Transfer{ file: file, readerAt: r, writerAt: nil, cancelFn: cancelFn, path: p, start: time.Now(), bytesSent: 0, bytesReceived: 0, user: c.User, connectionID: c.ID, transferType: transferDownload, lastActivity: time.Now(), isNewFile: false, protocol: c.protocol, transferError: nil, isFinished: false, minWriteOffset: 0, requestPath: request.Filepath, lock: new(sync.Mutex), } addTransfer(&transfer) return &transfer, nil } // Filewrite handles the write actions for a file on the system. func (c Connection) Filewrite(request *sftp.Request) (io.WriterAt, error) { updateConnectionActivity(c.ID) if !c.User.IsFileAllowed(request.Filepath) { c.Log(logger.LevelWarn, logSender, "writing file %#v is not allowed", request.Filepath) return nil, sftp.ErrSSHFxPermissionDenied } p, err := c.fs.ResolvePath(request.Filepath) if err != nil { return nil, vfs.GetSFTPError(c.fs, err) } filePath := p if isAtomicUploadEnabled() && c.fs.IsAtomicUploadSupported() { filePath = c.fs.GetAtomicUploadPath(p) } stat, statErr := c.fs.Lstat(p) if (statErr == nil && stat.Mode()&os.ModeSymlink == os.ModeSymlink) || c.fs.IsNotExist(statErr) { if !c.User.HasPerm(dataprovider.PermUpload, path.Dir(request.Filepath)) { return nil, sftp.ErrSSHFxPermissionDenied } return c.handleSFTPUploadToNewFile(p, filePath, request.Filepath) } if statErr != nil { c.Log(logger.LevelError, logSender, "error performing file stat %#v: %+v", p, statErr) return nil, vfs.GetSFTPError(c.fs, statErr) } // This happen if we upload a file that has the same name of an existing directory if stat.IsDir() { c.Log(logger.LevelWarn, logSender, "attempted to open a directory for writing to: %#v", p) return nil, sftp.ErrSSHFxOpUnsupported } if !c.User.HasPerm(dataprovider.PermOverwrite, path.Dir(request.Filepath)) { return nil, sftp.ErrSSHFxPermissionDenied } return c.handleSFTPUploadToExistingFile(request.Pflags(), p, filePath, stat.Size(), request.Filepath) } // Filecmd hander for basic SFTP system calls related to files, but not anything to do with reading // or writing to those files. func (c Connection) Filecmd(request *sftp.Request) error { updateConnectionActivity(c.ID) p, err := c.fs.ResolvePath(request.Filepath) if err != nil { return vfs.GetSFTPError(c.fs, err) } target, err := c.getSFTPCmdTargetPath(request.Target) if err != nil { return err } c.Log(logger.LevelDebug, logSender, "new cmd, method: %v, sourcePath: %#v, targetPath: %#v", request.Method, p, target) switch request.Method { case "Setstat": return c.handleSFTPSetstat(p, request) case "Rename": if err = c.handleSFTPRename(p, target, request); err != nil { return err } case "Rmdir": return c.handleSFTPRmdir(p, request) case "Mkdir": err = c.handleSFTPMkdir(p, request) if err != nil { return err } case "Symlink": if err = c.handleSFTPSymlink(p, target, request); err != nil { return err } case "Remove": return c.handleSFTPRemove(p, request) default: return sftp.ErrSSHFxOpUnsupported } var fileLocation = p if target != "" { fileLocation = target } // we return if we remove a file or a dir so source path or target path always exists here vfs.SetPathPermissions(c.fs, fileLocation, c.User.GetUID(), c.User.GetGID()) return sftp.ErrSSHFxOk } // Filelist is the handler for SFTP filesystem list calls. This will handle calls to list the contents of // a directory as well as perform file/folder stat calls. func (c Connection) Filelist(request *sftp.Request) (sftp.ListerAt, error) { updateConnectionActivity(c.ID) p, err := c.fs.ResolvePath(request.Filepath) if err != nil { return nil, vfs.GetSFTPError(c.fs, err) } switch request.Method { case "List": if !c.User.HasPerm(dataprovider.PermListItems, request.Filepath) { return nil, sftp.ErrSSHFxPermissionDenied } c.Log(logger.LevelDebug, logSender, "requested list file for dir: %#v", p) files, err := c.fs.ReadDir(p) if err != nil { c.Log(logger.LevelWarn, logSender, "error listing directory: %+v", err) return nil, vfs.GetSFTPError(c.fs, err) } return listerAt(c.User.AddVirtualDirs(files, request.Filepath)), nil case "Stat": if !c.User.HasPerm(dataprovider.PermListItems, path.Dir(request.Filepath)) { return nil, sftp.ErrSSHFxPermissionDenied } c.Log(logger.LevelDebug, logSender, "requested stat for path: %#v", p) s, err := c.fs.Stat(p) if err != nil { c.Log(logger.LevelWarn, logSender, "error running stat on path: %+v", err) return nil, vfs.GetSFTPError(c.fs, err) } return listerAt([]os.FileInfo{s}), nil default: return nil, sftp.ErrSSHFxOpUnsupported } } func (c Connection) getSFTPCmdTargetPath(requestTarget string) (string, error) { var target string // If a target is provided in this request validate that it is going to the correct // location for the server. If it is not, return an error if len(requestTarget) > 0 { var err error target, err = c.fs.ResolvePath(requestTarget) if err != nil { return target, vfs.GetSFTPError(c.fs, err) } } return target, nil } func (c Connection) handleSFTPSetstat(filePath string, request *sftp.Request) error { if setstatMode == 1 { return nil } pathForPerms := request.Filepath if fi, err := c.fs.Lstat(filePath); err == nil { if fi.IsDir() { pathForPerms = path.Dir(request.Filepath) } } attrFlags := request.AttrFlags() if attrFlags.Permissions { if !c.User.HasPerm(dataprovider.PermChmod, pathForPerms) { return sftp.ErrSSHFxPermissionDenied } fileMode := request.Attributes().FileMode() if err := c.fs.Chmod(filePath, fileMode); err != nil { c.Log(logger.LevelWarn, logSender, "failed to chmod path %#v, mode: %v, err: %+v", filePath, fileMode.String(), err) return vfs.GetSFTPError(c.fs, err) } logger.CommandLog(chmodLogSender, filePath, "", c.User.Username, fileMode.String(), c.ID, c.protocol, -1, -1, "", "", "") return nil } else if attrFlags.UidGid { if !c.User.HasPerm(dataprovider.PermChown, pathForPerms) { return sftp.ErrSSHFxPermissionDenied } uid := int(request.Attributes().UID) gid := int(request.Attributes().GID) if err := c.fs.Chown(filePath, uid, gid); err != nil { c.Log(logger.LevelWarn, logSender, "failed to chown path %#v, uid: %v, gid: %v, err: %+v", filePath, uid, gid, err) return vfs.GetSFTPError(c.fs, err) } logger.CommandLog(chownLogSender, filePath, "", c.User.Username, "", c.ID, c.protocol, uid, gid, "", "", "") return nil } else if attrFlags.Acmodtime { if !c.User.HasPerm(dataprovider.PermChtimes, pathForPerms) { return sftp.ErrSSHFxPermissionDenied } dateFormat := "2006-01-02T15:04:05" // YYYY-MM-DDTHH:MM:SS accessTime := time.Unix(int64(request.Attributes().Atime), 0) modificationTime := time.Unix(int64(request.Attributes().Mtime), 0) accessTimeString := accessTime.Format(dateFormat) modificationTimeString := modificationTime.Format(dateFormat) if err := c.fs.Chtimes(filePath, accessTime, modificationTime); err != nil { c.Log(logger.LevelWarn, logSender, "failed to chtimes for path %#v, access time: %v, modification time: %v, err: %+v", filePath, accessTime, modificationTime, err) return vfs.GetSFTPError(c.fs, err) } logger.CommandLog(chtimesLogSender, filePath, "", c.User.Username, "", c.ID, c.protocol, -1, -1, accessTimeString, modificationTimeString, "") return nil } return nil } func (c Connection) handleSFTPRename(sourcePath, targetPath string, request *sftp.Request) error { if !c.isRenamePermitted(sourcePath, request) { return sftp.ErrSSHFxPermissionDenied } if c.User.IsMappedPath(sourcePath) { c.Log(logger.LevelWarn, logSender, "renaming a directory mapped as virtual folder is not allowed: %#v", sourcePath) return sftp.ErrSSHFxPermissionDenied } if c.User.IsMappedPath(targetPath) { c.Log(logger.LevelWarn, logSender, "renaming to a directory mapped as virtual folder is not allowed: %#v", targetPath) return sftp.ErrSSHFxPermissionDenied } if c.User.HasVirtualFoldersInside(request.Filepath) { if fi, err := c.fs.Stat(sourcePath); err == nil { if fi.IsDir() { c.Log(logger.LevelDebug, logSender, "renaming the folder %#v is not supported: it has virtual folders inside it", request.Filepath) return sftp.ErrSSHFxOpUnsupported } } } initialSize := int64(-1) if fi, err := c.fs.Lstat(targetPath); err == nil { if fi.IsDir() { c.Log(logger.LevelWarn, logSender, "attempted to rename %#v overwriting an existing directory %#v", sourcePath, targetPath) return sftp.ErrSSHFxOpUnsupported } // we are overwriting an existing file/symlink if fi.Mode().IsRegular() { initialSize = fi.Size() } if !c.User.HasPerm(dataprovider.PermOverwrite, path.Dir(request.Target)) { c.Log(logger.LevelDebug, logSender, "renaming is not allowed, source: %#v target: %#v. "+ "Target exists but the user has no overwrite permission", request.Filepath, request.Target) return sftp.ErrSSHFxPermissionDenied } } if !c.hasSpaceForRename(request, initialSize, sourcePath) { c.Log(logger.LevelInfo, logSender, "denying cross rename due to space limit") return sftp.ErrSSHFxFailure } if err := c.fs.Rename(sourcePath, targetPath); err != nil { c.Log(logger.LevelWarn, logSender, "failed to rename %#v -> %#v: %+v", sourcePath, targetPath, err) return vfs.GetSFTPError(c.fs, err) } if dataprovider.GetQuotaTracking() > 0 { c.updateQuotaAfterRename(request, targetPath, initialSize) //nolint:errcheck } logger.CommandLog(renameLogSender, sourcePath, targetPath, c.User.Username, "", c.ID, c.protocol, -1, -1, "", "", "") // the returned error is used in test cases only, we already log the error inside executeAction go executeAction(newActionNotification(c.User, operationRename, sourcePath, targetPath, "", 0, nil)) //nolint:errcheck return nil } func (c Connection) handleSFTPRmdir(dirPath string, request *sftp.Request) error { if c.fs.GetRelativePath(dirPath) == "/" { c.Log(logger.LevelWarn, logSender, "removing root dir is not allowed") return sftp.ErrSSHFxPermissionDenied } if c.User.IsVirtualFolder(request.Filepath) { c.Log(logger.LevelWarn, logSender, "removing a virtual folder is not allowed: %#v", request.Filepath) return sftp.ErrSSHFxPermissionDenied } if c.User.HasVirtualFoldersInside(request.Filepath) { c.Log(logger.LevelWarn, logSender, "removing a directory with a virtual folder inside is not allowed: %#v", request.Filepath) return sftp.ErrSSHFxOpUnsupported } if c.User.IsMappedPath(dirPath) { c.Log(logger.LevelWarn, logSender, "removing a directory mapped as virtual folder is not allowed: %#v", dirPath) return sftp.ErrSSHFxPermissionDenied } if !c.User.HasPerm(dataprovider.PermDelete, path.Dir(request.Filepath)) { return sftp.ErrSSHFxPermissionDenied } var fi os.FileInfo var err error if fi, err = c.fs.Lstat(dirPath); err != nil { c.Log(logger.LevelWarn, logSender, "failed to remove a dir %#v: stat error: %+v", dirPath, err) return vfs.GetSFTPError(c.fs, err) } if !fi.IsDir() || fi.Mode()&os.ModeSymlink == os.ModeSymlink { c.Log(logger.LevelDebug, logSender, "cannot remove %#v is not a directory", dirPath) return sftp.ErrSSHFxFailure } if err = c.fs.Remove(dirPath, true); err != nil { c.Log(logger.LevelWarn, logSender, "failed to remove directory %#v: %+v", dirPath, err) return vfs.GetSFTPError(c.fs, err) } logger.CommandLog(rmdirLogSender, dirPath, "", c.User.Username, "", c.ID, c.protocol, -1, -1, "", "", "") return sftp.ErrSSHFxOk } func (c Connection) handleSFTPSymlink(sourcePath string, targetPath string, request *sftp.Request) error { if c.fs.GetRelativePath(sourcePath) == "/" { c.Log(logger.LevelWarn, logSender, "symlinking root dir is not allowed") return sftp.ErrSSHFxPermissionDenied } if c.User.IsVirtualFolder(request.Target) { c.Log(logger.LevelWarn, logSender, "symlinking a virtual folder is not allowed") return sftp.ErrSSHFxPermissionDenied } if !c.User.HasPerm(dataprovider.PermCreateSymlinks, path.Dir(request.Target)) { return sftp.ErrSSHFxPermissionDenied } if c.isCrossFoldersRequest(request) { c.Log(logger.LevelWarn, logSender, "cross folder symlink is not supported, src: %v dst: %v", request.Filepath, request.Target) return sftp.ErrSSHFxFailure } if c.User.IsMappedPath(sourcePath) { c.Log(logger.LevelWarn, logSender, "symlinking a directory mapped as virtual folder is not allowed: %#v", sourcePath) return sftp.ErrSSHFxPermissionDenied } if c.User.IsMappedPath(targetPath) { c.Log(logger.LevelWarn, logSender, "symlinking to a directory mapped as virtual folder is not allowed: %#v", targetPath) return sftp.ErrSSHFxPermissionDenied } if err := c.fs.Symlink(sourcePath, targetPath); err != nil { c.Log(logger.LevelWarn, logSender, "failed to create symlink %#v -> %#v: %+v", sourcePath, targetPath, err) return vfs.GetSFTPError(c.fs, err) } logger.CommandLog(symlinkLogSender, sourcePath, targetPath, c.User.Username, "", c.ID, c.protocol, -1, -1, "", "", "") return nil } func (c Connection) handleSFTPMkdir(dirPath string, request *sftp.Request) error { if !c.User.HasPerm(dataprovider.PermCreateDirs, path.Dir(request.Filepath)) { return sftp.ErrSSHFxPermissionDenied } if c.User.IsVirtualFolder(request.Filepath) { c.Log(logger.LevelWarn, logSender, "mkdir not allowed %#v is virtual folder is not allowed", request.Filepath) return sftp.ErrSSHFxPermissionDenied } if err := c.fs.Mkdir(dirPath); err != nil { c.Log(logger.LevelWarn, logSender, "error creating missing dir: %#v error: %+v", dirPath, err) return vfs.GetSFTPError(c.fs, err) } vfs.SetPathPermissions(c.fs, dirPath, c.User.GetUID(), c.User.GetGID()) logger.CommandLog(mkdirLogSender, dirPath, "", c.User.Username, "", c.ID, c.protocol, -1, -1, "", "", "") return nil } func (c Connection) handleSFTPRemove(filePath string, request *sftp.Request) error { if !c.User.HasPerm(dataprovider.PermDelete, path.Dir(request.Filepath)) { return sftp.ErrSSHFxPermissionDenied } var size int64 var fi os.FileInfo var err error if fi, err = c.fs.Lstat(filePath); err != nil { c.Log(logger.LevelWarn, logSender, "failed to remove a file %#v: stat error: %+v", filePath, err) return vfs.GetSFTPError(c.fs, err) } if fi.IsDir() && fi.Mode()&os.ModeSymlink != os.ModeSymlink { c.Log(logger.LevelDebug, logSender, "cannot remove %#v is not a file/symlink", filePath) return sftp.ErrSSHFxFailure } if !c.User.IsFileAllowed(request.Filepath) { c.Log(logger.LevelDebug, logSender, "removing file %#v is not allowed", filePath) return sftp.ErrSSHFxPermissionDenied } size = fi.Size() actionErr := executeAction(newActionNotification(c.User, operationPreDelete, filePath, "", "", fi.Size(), nil)) if actionErr == nil { c.Log(logger.LevelDebug, logSender, "remove for path %#v handled by pre-delete action", filePath) } else { if err := c.fs.Remove(filePath, false); err != nil { c.Log(logger.LevelWarn, logSender, "failed to remove a file/symlink %#v: %+v", filePath, err) return vfs.GetSFTPError(c.fs, err) } } logger.CommandLog(removeLogSender, filePath, "", c.User.Username, "", c.ID, c.protocol, -1, -1, "", "", "") if fi.Mode()&os.ModeSymlink != os.ModeSymlink { vfolder, err := c.User.GetVirtualFolderForPath(path.Dir(request.Filepath)) if err == nil { dataprovider.UpdateVirtualFolderQuota(dataProvider, vfolder.BaseVirtualFolder, -1, -size, false) //nolint:errcheck if vfolder.IsIncludedInUserQuota() { dataprovider.UpdateUserQuota(dataProvider, c.User, -1, -size, false) //nolint:errcheck } } else { dataprovider.UpdateUserQuota(dataProvider, c.User, -1, -size, false) //nolint:errcheck } } if actionErr != nil { go executeAction(newActionNotification(c.User, operationDelete, filePath, "", "", fi.Size(), nil)) //nolint:errcheck } return sftp.ErrSSHFxOk } func (c Connection) handleSFTPUploadToNewFile(resolvedPath, filePath, requestPath string) (io.WriterAt, error) { if !c.hasSpace(true, requestPath) { c.Log(logger.LevelInfo, logSender, "denying file write due to quota limits") return nil, sftp.ErrSSHFxFailure } file, w, cancelFn, err := c.fs.Create(filePath, 0) if err != nil { c.Log(logger.LevelWarn, logSender, "error creating file %#v: %+v", resolvedPath, err) return nil, vfs.GetSFTPError(c.fs, err) } vfs.SetPathPermissions(c.fs, filePath, c.User.GetUID(), c.User.GetGID()) transfer := Transfer{ file: file, writerAt: w, readerAt: nil, cancelFn: cancelFn, path: resolvedPath, start: time.Now(), bytesSent: 0, bytesReceived: 0, user: c.User, connectionID: c.ID, transferType: transferUpload, lastActivity: time.Now(), isNewFile: true, protocol: c.protocol, transferError: nil, isFinished: false, minWriteOffset: 0, requestPath: requestPath, lock: new(sync.Mutex), } addTransfer(&transfer) return &transfer, nil } func (c Connection) handleSFTPUploadToExistingFile(pflags sftp.FileOpenFlags, resolvedPath, filePath string, fileSize int64, requestPath string) (io.WriterAt, error) { var err error if !c.hasSpace(false, requestPath) { c.Log(logger.LevelInfo, logSender, "denying file write due to quota limits") return nil, sftp.ErrSSHFxFailure } minWriteOffset := int64(0) osFlags := getOSOpenFlags(pflags) if pflags.Append && osFlags&os.O_TRUNC == 0 && !c.fs.IsUploadResumeSupported() { c.Log(logger.LevelInfo, logSender, "upload resume requested for path: %#v but not supported in fs implementation", resolvedPath) return nil, sftp.ErrSSHFxOpUnsupported } if isAtomicUploadEnabled() && c.fs.IsAtomicUploadSupported() { err = c.fs.Rename(resolvedPath, filePath) if err != nil { c.Log(logger.LevelWarn, logSender, "error renaming existing file for atomic upload, source: %#v, dest: %#v, err: %+v", resolvedPath, filePath, err) return nil, vfs.GetSFTPError(c.fs, err) } } file, w, cancelFn, err := c.fs.Create(filePath, osFlags) if err != nil { c.Log(logger.LevelWarn, logSender, "error opening existing file, flags: %v, source: %#v, err: %+v", pflags, filePath, err) return nil, vfs.GetSFTPError(c.fs, err) } initialSize := int64(0) if pflags.Append && osFlags&os.O_TRUNC == 0 { c.Log(logger.LevelDebug, logSender, "upload resume requested, file path: %#v initial size: %v", filePath, fileSize) minWriteOffset = fileSize } else { if vfs.IsLocalOsFs(c.fs) { vfolder, err := c.User.GetVirtualFolderForPath(path.Dir(requestPath)) if err == nil { dataprovider.UpdateVirtualFolderQuota(dataProvider, vfolder.BaseVirtualFolder, 0, -fileSize, false) //nolint:errcheck if vfolder.IsIncludedInUserQuota() { dataprovider.UpdateUserQuota(dataProvider, c.User, 0, -fileSize, false) //nolint:errcheck } } else { dataprovider.UpdateUserQuota(dataProvider, c.User, 0, -fileSize, false) //nolint:errcheck } } else { initialSize = fileSize } } vfs.SetPathPermissions(c.fs, filePath, c.User.GetUID(), c.User.GetGID()) transfer := Transfer{ file: file, writerAt: w, readerAt: nil, cancelFn: cancelFn, path: resolvedPath, start: time.Now(), bytesSent: 0, bytesReceived: 0, user: c.User, connectionID: c.ID, transferType: transferUpload, lastActivity: time.Now(), isNewFile: false, protocol: c.protocol, transferError: nil, isFinished: false, minWriteOffset: minWriteOffset, initialSize: initialSize, requestPath: requestPath, lock: new(sync.Mutex), } addTransfer(&transfer) return &transfer, nil } func (c Connection) hasSpaceForRename(request *sftp.Request, initialSize int64, sourcePath string) bool { if dataprovider.GetQuotaTracking() == 0 { return true } sourceFolder, errSrc := c.User.GetVirtualFolderForPath(path.Dir(request.Filepath)) dstFolder, errDst := c.User.GetVirtualFolderForPath(path.Dir(request.Target)) if errSrc != nil && errDst != nil { // rename inside the user home dir return true } if errSrc == nil && errDst == nil { // rename between virtual folders if sourceFolder.MappedPath == dstFolder.MappedPath { // rename inside the same virtual folder return true } } if errSrc != nil && dstFolder.IsIncludedInUserQuota() { // rename between user root dir and a virtual folder included in user quota return true } if !c.hasSpace(true, request.Target) { if initialSize != -1 { // we are overquota but we are overwriting a file so we check the quota size if c.hasSpace(false, request.Target) { // we have enough quota size return true } if fi, err := c.fs.Lstat(sourcePath); err == nil { if fi.Mode().IsRegular() { // we have space if we are overwriting a bigger file with a smaller one return initialSize >= fi.Size() } } } return false } return true } func (c Connection) hasSpace(checkFiles bool, requestPath string) bool { if dataprovider.GetQuotaTracking() == 0 { return true } var quotaSize, usedSize int64 var quotaFiles, numFiles int var err error var vfolder vfs.VirtualFolder vfolder, err = c.User.GetVirtualFolderForPath(path.Dir(requestPath)) if err == nil && !vfolder.IsIncludedInUserQuota() { if vfolder.HasNoQuotaRestrictions(checkFiles) { return true } quotaSize = vfolder.QuotaSize quotaFiles = vfolder.QuotaFiles numFiles, usedSize, err = dataprovider.GetUsedVirtualFolderQuota(dataProvider, vfolder.MappedPath) } else { if c.User.HasNoQuotaRestrictions(checkFiles) { return true } quotaSize = c.User.QuotaSize quotaFiles = c.User.QuotaFiles numFiles, usedSize, err = dataprovider.GetUsedQuota(dataProvider, c.User.Username) } if err != nil { c.Log(logger.LevelWarn, logSender, "error getting used quota for %#v request path %#v: %v", c.User.Username, requestPath, err) return false } if (checkFiles && quotaFiles > 0 && numFiles >= quotaFiles) || (quotaSize > 0 && usedSize >= quotaSize) { c.Log(logger.LevelDebug, logSender, "quota exceed for user %#v, request path %#v, num files: %v/%v, size: %v/%v check files: %v", c.User.Username, requestPath, numFiles, quotaFiles, usedSize, quotaSize, checkFiles) return false } return true } func (c Connection) close() error { if c.channel != nil { err := c.channel.Close() c.Log(logger.LevelInfo, logSender, "channel close, err: %v", err) } return c.netConn.Close() } func getOSOpenFlags(requestFlags sftp.FileOpenFlags) (flags int) { var osFlags int if requestFlags.Read && requestFlags.Write { osFlags |= os.O_RDWR } else if requestFlags.Write { osFlags |= os.O_WRONLY } // we ignore Append flag since pkg/sftp use WriteAt that cannot work with os.O_APPEND /*if requestFlags.Append { osFlags |= os.O_APPEND }*/ if requestFlags.Creat { osFlags |= os.O_CREATE } if requestFlags.Trunc { osFlags |= os.O_TRUNC } if requestFlags.Excl { osFlags |= os.O_EXCL } return osFlags } func (c Connection) isCrossFoldersRequest(request *sftp.Request) bool { sourceFolder, errSrc := c.User.GetVirtualFolderForPath(request.Filepath) dstFolder, errDst := c.User.GetVirtualFolderForPath(request.Target) if errSrc != nil && errDst != nil { return false } if errSrc == nil && errDst == nil { return sourceFolder.MappedPath != dstFolder.MappedPath } return true } func (c Connection) isRenamePermitted(sourcePath string, request *sftp.Request) bool { if c.fs.GetRelativePath(sourcePath) == "/" { c.Log(logger.LevelWarn, logSender, "renaming root dir is not allowed") return false } if c.User.IsVirtualFolder(request.Filepath) || c.User.IsVirtualFolder(request.Target) { c.Log(logger.LevelWarn, logSender, "renaming a virtual folder is not allowed") return false } if !c.User.IsFileAllowed(request.Filepath) || !c.User.IsFileAllowed(request.Target) { if fi, err := c.fs.Lstat(sourcePath); err == nil && fi.Mode().IsRegular() { c.Log(logger.LevelDebug, logSender, "renaming file is not allowed, source: %#v target: %#v", request.Filepath, request.Target) return false } } if !c.User.HasPerm(dataprovider.PermRename, path.Dir(request.Target)) && (!c.User.HasPerm(dataprovider.PermDelete, path.Dir(request.Filepath)) || !c.User.HasPerm(dataprovider.PermUpload, path.Dir(request.Target))) { return false } return true } func (c Connection) updateQuotaMoveBetweenVFolders(sourceFolder, dstFolder vfs.VirtualFolder, initialSize, filesSize int64, numFiles int) { if sourceFolder.MappedPath == dstFolder.MappedPath { // both files are inside the same virtual folder if initialSize != -1 { dataprovider.UpdateVirtualFolderQuota(dataProvider, dstFolder.BaseVirtualFolder, -numFiles, -initialSize, false) //nolint:errcheck if dstFolder.IsIncludedInUserQuota() { dataprovider.UpdateUserQuota(dataProvider, c.User, -numFiles, -initialSize, false) //nolint:errcheck } } return } // files are inside different virtual folders dataprovider.UpdateVirtualFolderQuota(dataProvider, sourceFolder.BaseVirtualFolder, -numFiles, -filesSize, false) //nolint:errcheck if sourceFolder.IsIncludedInUserQuota() { dataprovider.UpdateUserQuota(dataProvider, c.User, -numFiles, -filesSize, false) //nolint:errcheck } if initialSize == -1 { dataprovider.UpdateVirtualFolderQuota(dataProvider, dstFolder.BaseVirtualFolder, numFiles, filesSize, false) //nolint:errcheck if dstFolder.IsIncludedInUserQuota() { dataprovider.UpdateUserQuota(dataProvider, c.User, numFiles, filesSize, false) //nolint:errcheck } } else { // we cannot have a directory here, initialSize != -1 only for files dataprovider.UpdateVirtualFolderQuota(dataProvider, dstFolder.BaseVirtualFolder, 0, filesSize-initialSize, false) //nolint:errcheck if dstFolder.IsIncludedInUserQuota() { dataprovider.UpdateUserQuota(dataProvider, c.User, 0, filesSize-initialSize, false) //nolint:errcheck } } } func (c Connection) updateQuotaMoveFromVFolder(sourceFolder vfs.VirtualFolder, initialSize, filesSize int64, numFiles int) { // move between a virtual folder and the user home dir dataprovider.UpdateVirtualFolderQuota(dataProvider, sourceFolder.BaseVirtualFolder, -numFiles, -filesSize, false) //nolint:errcheck if sourceFolder.IsIncludedInUserQuota() { dataprovider.UpdateUserQuota(dataProvider, c.User, -numFiles, -filesSize, false) //nolint:errcheck } if initialSize == -1 { dataprovider.UpdateUserQuota(dataProvider, c.User, numFiles, filesSize, false) //nolint:errcheck } else { // we cannot have a directory here, initialSize != -1 only for files dataprovider.UpdateUserQuota(dataProvider, c.User, 0, filesSize-initialSize, false) //nolint:errcheck } } func (c Connection) updateQuotaMoveToVFolder(dstFolder vfs.VirtualFolder, initialSize, filesSize int64, numFiles int) { // move between the user home dir and a virtual folder dataprovider.UpdateUserQuota(dataProvider, c.User, -numFiles, -filesSize, false) //nolint:errcheck if initialSize == -1 { dataprovider.UpdateVirtualFolderQuota(dataProvider, dstFolder.BaseVirtualFolder, numFiles, filesSize, false) //nolint:errcheck if dstFolder.IsIncludedInUserQuota() { dataprovider.UpdateUserQuota(dataProvider, c.User, numFiles, filesSize, false) //nolint:errcheck } } else { // we cannot have a directory here, initialSize != -1 only for files dataprovider.UpdateVirtualFolderQuota(dataProvider, dstFolder.BaseVirtualFolder, 0, filesSize-initialSize, false) //nolint:errcheck if dstFolder.IsIncludedInUserQuota() { dataprovider.UpdateUserQuota(dataProvider, c.User, 0, filesSize-initialSize, false) //nolint:errcheck } } } func (c Connection) updateQuotaAfterRename(request *sftp.Request, targetPath string, initialSize int64) error { // we don't allow to overwrite an existing directory so targetPath can be: // - a new file, a symlink is as a new file here // - a file overwriting an existing one // - a new directory // initialSize != -1 only when overwriting files sourceFolder, errSrc := c.User.GetVirtualFolderForPath(path.Dir(request.Filepath)) dstFolder, errDst := c.User.GetVirtualFolderForPath(path.Dir(request.Target)) if errSrc != nil && errDst != nil { // both files are contained inside the user home dir if initialSize != -1 { // we cannot have a directory here dataprovider.UpdateUserQuota(dataProvider, c.User, -1, -initialSize, false) //nolint:errcheck } return nil } filesSize := int64(0) numFiles := 1 if fi, err := c.fs.Stat(targetPath); err == nil { if fi.Mode().IsDir() { numFiles, filesSize, err = c.fs.GetDirSize(targetPath) if err != nil { logger.Warn(logSender, "", "failed to update quota after rename, error scanning moved folder %#v: %v", targetPath, err) return err } } else { filesSize = fi.Size() } } else { c.Log(logger.LevelWarn, logSender, "failed to update quota after rename, file %#v stat error: %+v", targetPath, err) return err } if errSrc == nil && errDst == nil { c.updateQuotaMoveBetweenVFolders(sourceFolder, dstFolder, initialSize, filesSize, numFiles) } if errSrc == nil && errDst != nil { c.updateQuotaMoveFromVFolder(sourceFolder, initialSize, filesSize, numFiles) } if errSrc != nil && errDst == nil { c.updateQuotaMoveToVFolder(dstFolder, initialSize, filesSize, numFiles) } return nil }