2019-10-07 16:19:01 +00:00
|
|
|
package httpd
|
|
|
|
|
|
|
|
import (
|
2020-01-31 18:04:00 +00:00
|
|
|
"errors"
|
2019-10-07 16:19:01 +00:00
|
|
|
"fmt"
|
2019-10-09 09:48:54 +00:00
|
|
|
"html/template"
|
2020-01-31 18:04:00 +00:00
|
|
|
"io/ioutil"
|
2019-10-07 16:19:01 +00:00
|
|
|
"net/http"
|
2020-11-16 18:21:50 +00:00
|
|
|
"path"
|
2019-10-07 16:19:01 +00:00
|
|
|
"path/filepath"
|
|
|
|
"strconv"
|
|
|
|
"strings"
|
2019-11-13 10:36:21 +00:00
|
|
|
"time"
|
2019-10-07 16:19:01 +00:00
|
|
|
|
2020-05-06 17:36:34 +00:00
|
|
|
"github.com/go-chi/chi"
|
|
|
|
|
2020-07-24 21:39:38 +00:00
|
|
|
"github.com/drakkan/sftpgo/common"
|
2019-10-07 16:19:01 +00:00
|
|
|
"github.com/drakkan/sftpgo/dataprovider"
|
2020-11-30 20:46:34 +00:00
|
|
|
"github.com/drakkan/sftpgo/kms"
|
2019-10-19 05:52:58 +00:00
|
|
|
"github.com/drakkan/sftpgo/utils"
|
2020-06-19 15:08:51 +00:00
|
|
|
"github.com/drakkan/sftpgo/version"
|
2020-02-23 10:30:26 +00:00
|
|
|
"github.com/drakkan/sftpgo/vfs"
|
2019-10-07 16:19:01 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
2020-06-07 21:30:18 +00:00
|
|
|
templateBase = "base.html"
|
|
|
|
templateUsers = "users.html"
|
|
|
|
templateUser = "user.html"
|
|
|
|
templateConnections = "connections.html"
|
|
|
|
templateFolders = "folders.html"
|
|
|
|
templateFolder = "folder.html"
|
|
|
|
templateMessage = "message.html"
|
|
|
|
pageUsersTitle = "Users"
|
|
|
|
pageConnectionsTitle = "Connections"
|
|
|
|
pageFoldersTitle = "Folders"
|
|
|
|
page400Title = "Bad request"
|
|
|
|
page404Title = "Not found"
|
|
|
|
page404Body = "The page you are looking for does not exist."
|
|
|
|
page500Title = "Internal Server Error"
|
|
|
|
page500Body = "The server is unable to fulfill your request."
|
|
|
|
defaultQueryLimit = 500
|
|
|
|
webDateTimeFormat = "2006-01-02 15:04:05" // YYYY-MM-DD HH:MM:SS
|
2020-11-22 20:53:04 +00:00
|
|
|
redactedSecret = "[**redacted**]"
|
2019-10-07 16:19:01 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
var (
|
|
|
|
templates = make(map[string]*template.Template)
|
|
|
|
)
|
|
|
|
|
|
|
|
type basePage struct {
|
2020-06-07 21:30:18 +00:00
|
|
|
Title string
|
|
|
|
CurrentURL string
|
|
|
|
UsersURL string
|
|
|
|
UserURL string
|
|
|
|
APIUserURL string
|
|
|
|
APIConnectionsURL string
|
|
|
|
APIQuotaScanURL string
|
|
|
|
ConnectionsURL string
|
|
|
|
FoldersURL string
|
|
|
|
FolderURL string
|
|
|
|
APIFoldersURL string
|
|
|
|
APIFolderQuotaScanURL string
|
|
|
|
UsersTitle string
|
|
|
|
ConnectionsTitle string
|
|
|
|
FoldersTitle string
|
|
|
|
Version string
|
2019-10-07 16:19:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
type usersPage struct {
|
|
|
|
basePage
|
|
|
|
Users []dataprovider.User
|
|
|
|
}
|
|
|
|
|
2020-06-07 21:30:18 +00:00
|
|
|
type foldersPage struct {
|
|
|
|
basePage
|
|
|
|
Folders []vfs.BaseVirtualFolder
|
|
|
|
}
|
|
|
|
|
2019-10-07 16:19:01 +00:00
|
|
|
type connectionsPage struct {
|
|
|
|
basePage
|
2020-07-24 21:39:38 +00:00
|
|
|
Connections []common.ConnectionStatus
|
2019-10-07 16:19:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
type userPage struct {
|
|
|
|
basePage
|
2020-02-19 21:39:30 +00:00
|
|
|
User dataprovider.User
|
|
|
|
RootPerms []string
|
|
|
|
Error string
|
|
|
|
ValidPerms []string
|
|
|
|
ValidSSHLoginMethods []string
|
2020-08-17 10:49:20 +00:00
|
|
|
ValidProtocols []string
|
2020-02-19 21:39:30 +00:00
|
|
|
RootDirPerms []string
|
2020-11-22 20:53:04 +00:00
|
|
|
RedactedSecret string
|
|
|
|
IsAdd bool
|
|
|
|
IsS3SecretEnc bool
|
|
|
|
IsAzSecretEnc bool
|
2019-10-07 16:19:01 +00:00
|
|
|
}
|
|
|
|
|
2020-06-07 21:30:18 +00:00
|
|
|
type folderPage struct {
|
|
|
|
basePage
|
|
|
|
Folder vfs.BaseVirtualFolder
|
|
|
|
Error string
|
|
|
|
}
|
|
|
|
|
2019-10-07 16:19:01 +00:00
|
|
|
type messagePage struct {
|
|
|
|
basePage
|
|
|
|
Error string
|
|
|
|
Success string
|
|
|
|
}
|
|
|
|
|
|
|
|
func loadTemplates(templatesPath string) {
|
|
|
|
usersPaths := []string{
|
|
|
|
filepath.Join(templatesPath, templateBase),
|
|
|
|
filepath.Join(templatesPath, templateUsers),
|
|
|
|
}
|
|
|
|
userPaths := []string{
|
|
|
|
filepath.Join(templatesPath, templateBase),
|
|
|
|
filepath.Join(templatesPath, templateUser),
|
|
|
|
}
|
|
|
|
connectionsPaths := []string{
|
|
|
|
filepath.Join(templatesPath, templateBase),
|
|
|
|
filepath.Join(templatesPath, templateConnections),
|
|
|
|
}
|
|
|
|
messagePath := []string{
|
|
|
|
filepath.Join(templatesPath, templateBase),
|
|
|
|
filepath.Join(templatesPath, templateMessage),
|
|
|
|
}
|
2020-06-07 21:30:18 +00:00
|
|
|
foldersPath := []string{
|
|
|
|
filepath.Join(templatesPath, templateBase),
|
|
|
|
filepath.Join(templatesPath, templateFolders),
|
|
|
|
}
|
|
|
|
folderPath := []string{
|
|
|
|
filepath.Join(templatesPath, templateBase),
|
|
|
|
filepath.Join(templatesPath, templateFolder),
|
|
|
|
}
|
2020-03-02 08:34:13 +00:00
|
|
|
usersTmpl := utils.LoadTemplate(template.ParseFiles(usersPaths...))
|
|
|
|
userTmpl := utils.LoadTemplate(template.ParseFiles(userPaths...))
|
|
|
|
connectionsTmpl := utils.LoadTemplate(template.ParseFiles(connectionsPaths...))
|
|
|
|
messageTmpl := utils.LoadTemplate(template.ParseFiles(messagePath...))
|
2020-06-07 21:30:18 +00:00
|
|
|
foldersTmpl := utils.LoadTemplate(template.ParseFiles(foldersPath...))
|
|
|
|
folderTmpl := utils.LoadTemplate(template.ParseFiles(folderPath...))
|
2019-10-07 16:19:01 +00:00
|
|
|
|
|
|
|
templates[templateUsers] = usersTmpl
|
|
|
|
templates[templateUser] = userTmpl
|
|
|
|
templates[templateConnections] = connectionsTmpl
|
|
|
|
templates[templateMessage] = messageTmpl
|
2020-06-07 21:30:18 +00:00
|
|
|
templates[templateFolders] = foldersTmpl
|
|
|
|
templates[templateFolder] = folderTmpl
|
2019-10-07 16:19:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func getBasePageData(title, currentURL string) basePage {
|
|
|
|
return basePage{
|
2020-06-07 21:30:18 +00:00
|
|
|
Title: title,
|
|
|
|
CurrentURL: currentURL,
|
|
|
|
UsersURL: webUsersPath,
|
|
|
|
UserURL: webUserPath,
|
|
|
|
FoldersURL: webFoldersPath,
|
|
|
|
FolderURL: webFolderPath,
|
|
|
|
APIUserURL: userPath,
|
|
|
|
APIConnectionsURL: activeConnectionsPath,
|
|
|
|
APIQuotaScanURL: quotaScanPath,
|
|
|
|
APIFoldersURL: folderPath,
|
|
|
|
APIFolderQuotaScanURL: quotaScanVFolderPath,
|
|
|
|
ConnectionsURL: webConnectionsPath,
|
|
|
|
UsersTitle: pageUsersTitle,
|
|
|
|
ConnectionsTitle: pageConnectionsTitle,
|
|
|
|
FoldersTitle: pageFoldersTitle,
|
2020-06-19 15:08:51 +00:00
|
|
|
Version: version.GetAsString(),
|
2019-10-07 16:19:01 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func renderTemplate(w http.ResponseWriter, tmplName string, data interface{}) {
|
|
|
|
err := templates[tmplName].ExecuteTemplate(w, tmplName, data)
|
|
|
|
if err != nil {
|
|
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func renderMessagePage(w http.ResponseWriter, title, body string, statusCode int, err error, message string) {
|
|
|
|
var errorString string
|
|
|
|
if len(body) > 0 {
|
|
|
|
errorString = body + " "
|
|
|
|
}
|
|
|
|
if err != nil {
|
|
|
|
errorString += err.Error()
|
|
|
|
}
|
|
|
|
data := messagePage{
|
|
|
|
basePage: getBasePageData(title, ""),
|
|
|
|
Error: errorString,
|
|
|
|
Success: message,
|
|
|
|
}
|
|
|
|
w.WriteHeader(statusCode)
|
|
|
|
renderTemplate(w, templateMessage, data)
|
|
|
|
}
|
|
|
|
|
|
|
|
func renderInternalServerErrorPage(w http.ResponseWriter, err error) {
|
2020-04-30 12:23:55 +00:00
|
|
|
renderMessagePage(w, page500Title, page500Body, http.StatusInternalServerError, err, "")
|
2019-10-07 16:19:01 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
func renderBadRequestPage(w http.ResponseWriter, err error) {
|
|
|
|
renderMessagePage(w, page400Title, "", http.StatusBadRequest, err, "")
|
|
|
|
}
|
|
|
|
|
|
|
|
func renderNotFoundPage(w http.ResponseWriter, err error) {
|
|
|
|
renderMessagePage(w, page404Title, page404Body, http.StatusNotFound, err, "")
|
|
|
|
}
|
|
|
|
|
|
|
|
func renderAddUserPage(w http.ResponseWriter, user dataprovider.User, error string) {
|
2020-11-30 20:46:34 +00:00
|
|
|
user.SetEmptySecretsIfNil()
|
2019-10-07 16:19:01 +00:00
|
|
|
data := userPage{
|
2020-02-19 21:39:30 +00:00
|
|
|
basePage: getBasePageData("Add a new user", webUserPath),
|
|
|
|
IsAdd: true,
|
|
|
|
Error: error,
|
|
|
|
User: user,
|
|
|
|
ValidPerms: dataprovider.ValidPerms,
|
|
|
|
ValidSSHLoginMethods: dataprovider.ValidSSHLoginMethods,
|
2020-08-17 10:49:20 +00:00
|
|
|
ValidProtocols: dataprovider.ValidProtocols,
|
2020-02-19 21:39:30 +00:00
|
|
|
RootDirPerms: user.GetPermissionsForPath("/"),
|
2020-11-22 20:53:04 +00:00
|
|
|
IsS3SecretEnc: user.FsConfig.S3Config.AccessSecret.IsEncrypted(),
|
|
|
|
IsAzSecretEnc: user.FsConfig.AzBlobConfig.AccountKey.IsEncrypted(),
|
|
|
|
RedactedSecret: redactedSecret,
|
2019-10-07 16:19:01 +00:00
|
|
|
}
|
|
|
|
renderTemplate(w, templateUser, data)
|
|
|
|
}
|
|
|
|
|
|
|
|
func renderUpdateUserPage(w http.ResponseWriter, user dataprovider.User, error string) {
|
2020-11-30 20:46:34 +00:00
|
|
|
user.SetEmptySecretsIfNil()
|
2019-10-07 16:19:01 +00:00
|
|
|
data := userPage{
|
2020-02-19 21:39:30 +00:00
|
|
|
basePage: getBasePageData("Update user", fmt.Sprintf("%v/%v", webUserPath, user.ID)),
|
|
|
|
IsAdd: false,
|
|
|
|
Error: error,
|
|
|
|
User: user,
|
|
|
|
ValidPerms: dataprovider.ValidPerms,
|
|
|
|
ValidSSHLoginMethods: dataprovider.ValidSSHLoginMethods,
|
2020-08-17 10:49:20 +00:00
|
|
|
ValidProtocols: dataprovider.ValidProtocols,
|
2020-02-19 21:39:30 +00:00
|
|
|
RootDirPerms: user.GetPermissionsForPath("/"),
|
2020-11-22 20:53:04 +00:00
|
|
|
IsS3SecretEnc: user.FsConfig.S3Config.AccessSecret.IsEncrypted(),
|
|
|
|
IsAzSecretEnc: user.FsConfig.AzBlobConfig.AccountKey.IsEncrypted(),
|
|
|
|
RedactedSecret: redactedSecret,
|
2019-10-07 16:19:01 +00:00
|
|
|
}
|
|
|
|
renderTemplate(w, templateUser, data)
|
|
|
|
}
|
|
|
|
|
2020-06-07 21:30:18 +00:00
|
|
|
func renderAddFolderPage(w http.ResponseWriter, folder vfs.BaseVirtualFolder, error string) {
|
|
|
|
data := folderPage{
|
|
|
|
basePage: getBasePageData("Add a new folder", webFolderPath),
|
|
|
|
Error: error,
|
|
|
|
Folder: folder,
|
|
|
|
}
|
|
|
|
renderTemplate(w, templateFolder, data)
|
|
|
|
}
|
|
|
|
|
2020-02-23 10:30:26 +00:00
|
|
|
func getVirtualFoldersFromPostFields(r *http.Request) []vfs.VirtualFolder {
|
|
|
|
var virtualFolders []vfs.VirtualFolder
|
|
|
|
formValue := r.Form.Get("virtual_folders")
|
|
|
|
for _, cleaned := range getSliceFromDelimitedValues(formValue, "\n") {
|
|
|
|
if strings.Contains(cleaned, "::") {
|
|
|
|
mapping := strings.Split(cleaned, "::")
|
|
|
|
if len(mapping) > 1 {
|
2020-05-01 13:27:53 +00:00
|
|
|
vfolder := vfs.VirtualFolder{
|
2020-06-07 21:30:18 +00:00
|
|
|
BaseVirtualFolder: vfs.BaseVirtualFolder{
|
|
|
|
MappedPath: strings.TrimSpace(mapping[1]),
|
|
|
|
},
|
2020-02-23 10:30:26 +00:00
|
|
|
VirtualPath: strings.TrimSpace(mapping[0]),
|
2020-06-07 21:30:18 +00:00
|
|
|
QuotaFiles: -1,
|
|
|
|
QuotaSize: -1,
|
2020-05-01 13:27:53 +00:00
|
|
|
}
|
|
|
|
if len(mapping) > 2 {
|
2020-06-07 21:30:18 +00:00
|
|
|
quotaFiles, err := strconv.Atoi(strings.TrimSpace(mapping[2]))
|
2020-05-01 13:27:53 +00:00
|
|
|
if err == nil {
|
2020-06-07 21:30:18 +00:00
|
|
|
vfolder.QuotaFiles = quotaFiles
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if len(mapping) > 3 {
|
|
|
|
quotaSize, err := strconv.ParseInt(strings.TrimSpace(mapping[3]), 10, 64)
|
|
|
|
if err == nil {
|
|
|
|
vfolder.QuotaSize = quotaSize
|
2020-05-01 13:27:53 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
virtualFolders = append(virtualFolders, vfolder)
|
2020-02-23 10:30:26 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return virtualFolders
|
|
|
|
}
|
|
|
|
|
2019-12-25 17:20:19 +00:00
|
|
|
func getUserPermissionsFromPostFields(r *http.Request) map[string][]string {
|
|
|
|
permissions := make(map[string][]string)
|
|
|
|
permissions["/"] = r.Form["permissions"]
|
|
|
|
subDirsPermsValue := r.Form.Get("sub_dirs_permissions")
|
2019-12-30 17:37:50 +00:00
|
|
|
for _, cleaned := range getSliceFromDelimitedValues(subDirsPermsValue, "\n") {
|
2020-02-23 10:30:26 +00:00
|
|
|
if strings.Contains(cleaned, "::") {
|
|
|
|
dirPerms := strings.Split(cleaned, "::")
|
2019-12-25 17:20:19 +00:00
|
|
|
if len(dirPerms) > 1 {
|
|
|
|
dir := dirPerms[0]
|
2019-12-30 17:37:50 +00:00
|
|
|
dir = strings.TrimSpace(dir)
|
2019-12-25 17:20:19 +00:00
|
|
|
perms := []string{}
|
|
|
|
for _, p := range strings.Split(dirPerms[1], ",") {
|
|
|
|
cleanedPerm := strings.TrimSpace(p)
|
|
|
|
if len(cleanedPerm) > 0 {
|
|
|
|
perms = append(perms, cleanedPerm)
|
|
|
|
}
|
|
|
|
}
|
2020-02-10 18:28:35 +00:00
|
|
|
if len(dir) > 0 {
|
2019-12-25 17:20:19 +00:00
|
|
|
permissions[dir] = perms
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return permissions
|
|
|
|
}
|
|
|
|
|
2019-12-30 17:37:50 +00:00
|
|
|
func getSliceFromDelimitedValues(values, delimiter string) []string {
|
|
|
|
result := []string{}
|
|
|
|
for _, v := range strings.Split(values, delimiter) {
|
|
|
|
cleaned := strings.TrimSpace(v)
|
|
|
|
if len(cleaned) > 0 {
|
|
|
|
result = append(result, cleaned)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return result
|
|
|
|
}
|
|
|
|
|
2020-11-15 21:04:48 +00:00
|
|
|
func getListFromPostFields(value string) map[string][]string {
|
|
|
|
result := make(map[string][]string)
|
2020-03-01 21:10:29 +00:00
|
|
|
for _, cleaned := range getSliceFromDelimitedValues(value, "\n") {
|
|
|
|
if strings.Contains(cleaned, "::") {
|
|
|
|
dirExts := strings.Split(cleaned, "::")
|
|
|
|
if len(dirExts) > 1 {
|
|
|
|
dir := dirExts[0]
|
2020-11-16 18:21:50 +00:00
|
|
|
dir = path.Clean(strings.TrimSpace(dir))
|
2020-03-01 21:10:29 +00:00
|
|
|
exts := []string{}
|
|
|
|
for _, e := range strings.Split(dirExts[1], ",") {
|
|
|
|
cleanedExt := strings.TrimSpace(e)
|
2020-11-15 21:04:48 +00:00
|
|
|
if cleanedExt != "" {
|
2020-03-01 21:10:29 +00:00
|
|
|
exts = append(exts, cleanedExt)
|
|
|
|
}
|
|
|
|
}
|
2020-11-15 21:04:48 +00:00
|
|
|
if dir != "" {
|
|
|
|
if _, ok := result[dir]; ok {
|
|
|
|
result[dir] = append(result[dir], exts...)
|
2020-03-01 21:10:29 +00:00
|
|
|
} else {
|
2020-11-15 21:04:48 +00:00
|
|
|
result[dir] = exts
|
2020-03-01 21:10:29 +00:00
|
|
|
}
|
2020-11-16 18:21:50 +00:00
|
|
|
result[dir] = utils.RemoveDuplicates(result[dir])
|
2020-03-01 21:10:29 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return result
|
|
|
|
}
|
|
|
|
|
2020-11-16 18:21:50 +00:00
|
|
|
func getFilePatternsFromPostField(valueAllowed, valuesDenied string) []dataprovider.PatternsFilter {
|
2020-11-15 21:04:48 +00:00
|
|
|
var result []dataprovider.PatternsFilter
|
2020-11-16 18:21:50 +00:00
|
|
|
allowedPatterns := getListFromPostFields(valueAllowed)
|
|
|
|
deniedPatterns := getListFromPostFields(valuesDenied)
|
|
|
|
|
|
|
|
for dirAllowed, allowPatterns := range allowedPatterns {
|
2020-11-15 21:04:48 +00:00
|
|
|
filter := dataprovider.PatternsFilter{
|
2020-11-16 18:21:50 +00:00
|
|
|
Path: dirAllowed,
|
|
|
|
AllowedPatterns: allowPatterns,
|
2020-11-15 21:04:48 +00:00
|
|
|
}
|
2020-11-16 18:21:50 +00:00
|
|
|
for dirDenied, denPatterns := range deniedPatterns {
|
|
|
|
if dirAllowed == dirDenied {
|
|
|
|
filter.DeniedPatterns = denPatterns
|
|
|
|
break
|
|
|
|
}
|
2020-11-15 21:04:48 +00:00
|
|
|
}
|
|
|
|
result = append(result, filter)
|
|
|
|
}
|
2020-11-16 18:21:50 +00:00
|
|
|
for dirDenied, denPatterns := range deniedPatterns {
|
|
|
|
found := false
|
|
|
|
for _, res := range result {
|
|
|
|
if res.Path == dirDenied {
|
|
|
|
found = true
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if !found {
|
|
|
|
result = append(result, dataprovider.PatternsFilter{
|
|
|
|
Path: dirDenied,
|
|
|
|
DeniedPatterns: denPatterns,
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
2020-11-15 21:04:48 +00:00
|
|
|
return result
|
|
|
|
}
|
|
|
|
|
2020-11-16 18:21:50 +00:00
|
|
|
func getFileExtensionsFromPostField(valueAllowed, valuesDenied string) []dataprovider.ExtensionsFilter {
|
2020-11-15 21:04:48 +00:00
|
|
|
var result []dataprovider.ExtensionsFilter
|
2020-11-16 18:21:50 +00:00
|
|
|
allowedExtensions := getListFromPostFields(valueAllowed)
|
|
|
|
deniedExtensions := getListFromPostFields(valuesDenied)
|
|
|
|
|
|
|
|
for dirAllowed, allowedExts := range allowedExtensions {
|
2020-11-15 21:04:48 +00:00
|
|
|
filter := dataprovider.ExtensionsFilter{
|
2020-11-16 18:21:50 +00:00
|
|
|
Path: dirAllowed,
|
|
|
|
AllowedExtensions: allowedExts,
|
2020-11-15 21:04:48 +00:00
|
|
|
}
|
2020-11-16 18:21:50 +00:00
|
|
|
for dirDenied, deniedExts := range deniedExtensions {
|
|
|
|
if dirAllowed == dirDenied {
|
|
|
|
filter.DeniedExtensions = deniedExts
|
|
|
|
break
|
|
|
|
}
|
2020-11-15 21:04:48 +00:00
|
|
|
}
|
|
|
|
result = append(result, filter)
|
|
|
|
}
|
2020-11-16 18:21:50 +00:00
|
|
|
for dirDenied, deniedExts := range deniedExtensions {
|
|
|
|
found := false
|
|
|
|
for _, res := range result {
|
|
|
|
if res.Path == dirDenied {
|
|
|
|
found = true
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
if !found {
|
|
|
|
result = append(result, dataprovider.ExtensionsFilter{
|
|
|
|
Path: dirDenied,
|
|
|
|
DeniedExtensions: deniedExts,
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
2020-11-15 21:04:48 +00:00
|
|
|
return result
|
|
|
|
}
|
|
|
|
|
2019-12-30 17:37:50 +00:00
|
|
|
func getFiltersFromUserPostFields(r *http.Request) dataprovider.UserFilters {
|
|
|
|
var filters dataprovider.UserFilters
|
|
|
|
filters.AllowedIP = getSliceFromDelimitedValues(r.Form.Get("allowed_ip"), ",")
|
|
|
|
filters.DeniedIP = getSliceFromDelimitedValues(r.Form.Get("denied_ip"), ",")
|
2020-02-19 21:39:30 +00:00
|
|
|
filters.DeniedLoginMethods = r.Form["ssh_login_methods"]
|
2020-08-17 10:49:20 +00:00
|
|
|
filters.DeniedProtocols = r.Form["denied_protocols"]
|
2020-11-16 18:21:50 +00:00
|
|
|
filters.FileExtensions = getFileExtensionsFromPostField(r.Form.Get("allowed_extensions"), r.Form.Get("denied_extensions"))
|
|
|
|
filters.FilePatterns = getFilePatternsFromPostField(r.Form.Get("allowed_patterns"), r.Form.Get("denied_patterns"))
|
2019-12-30 17:37:50 +00:00
|
|
|
return filters
|
|
|
|
}
|
|
|
|
|
2020-11-30 20:46:34 +00:00
|
|
|
func getSecretFromFormField(r *http.Request, field string) *kms.Secret {
|
|
|
|
secret := kms.NewPlainSecret(r.Form.Get(field))
|
|
|
|
if strings.TrimSpace(secret.GetPayload()) == redactedSecret {
|
|
|
|
secret.SetStatus(kms.SecretStatusRedacted)
|
2020-11-22 20:53:04 +00:00
|
|
|
}
|
2020-11-30 20:46:34 +00:00
|
|
|
if strings.TrimSpace(secret.GetPayload()) == "" {
|
|
|
|
secret.SetStatus("")
|
2020-11-22 20:53:04 +00:00
|
|
|
}
|
|
|
|
return secret
|
|
|
|
}
|
|
|
|
|
2020-01-31 18:04:00 +00:00
|
|
|
func getFsConfigFromUserPostFields(r *http.Request) (dataprovider.Filesystem, error) {
|
2020-01-19 06:41:05 +00:00
|
|
|
var fs dataprovider.Filesystem
|
|
|
|
provider, err := strconv.Atoi(r.Form.Get("fs_provider"))
|
|
|
|
if err != nil {
|
2020-10-05 18:58:41 +00:00
|
|
|
provider = int(dataprovider.LocalFilesystemProvider)
|
2020-01-19 06:41:05 +00:00
|
|
|
}
|
2020-10-05 18:58:41 +00:00
|
|
|
fs.Provider = dataprovider.FilesystemProvider(provider)
|
|
|
|
if fs.Provider == dataprovider.S3FilesystemProvider {
|
2020-01-19 06:41:05 +00:00
|
|
|
fs.S3Config.Bucket = r.Form.Get("s3_bucket")
|
|
|
|
fs.S3Config.Region = r.Form.Get("s3_region")
|
|
|
|
fs.S3Config.AccessKey = r.Form.Get("s3_access_key")
|
2020-11-22 20:53:04 +00:00
|
|
|
fs.S3Config.AccessSecret = getSecretFromFormField(r, "s3_access_secret")
|
2020-01-19 06:41:05 +00:00
|
|
|
fs.S3Config.Endpoint = r.Form.Get("s3_endpoint")
|
|
|
|
fs.S3Config.StorageClass = r.Form.Get("s3_storage_class")
|
2020-01-19 22:23:09 +00:00
|
|
|
fs.S3Config.KeyPrefix = r.Form.Get("s3_key_prefix")
|
2020-03-13 16:28:55 +00:00
|
|
|
fs.S3Config.UploadPartSize, err = strconv.ParseInt(r.Form.Get("s3_upload_part_size"), 10, 64)
|
2020-03-13 07:54:36 +00:00
|
|
|
if err != nil {
|
|
|
|
return fs, err
|
|
|
|
}
|
2020-03-13 18:13:58 +00:00
|
|
|
fs.S3Config.UploadConcurrency, err = strconv.Atoi(r.Form.Get("s3_upload_concurrency"))
|
|
|
|
if err != nil {
|
|
|
|
return fs, err
|
|
|
|
}
|
2020-10-05 18:58:41 +00:00
|
|
|
} else if fs.Provider == dataprovider.GCSFilesystemProvider {
|
2020-01-31 18:04:00 +00:00
|
|
|
fs.GCSConfig.Bucket = r.Form.Get("gcs_bucket")
|
|
|
|
fs.GCSConfig.StorageClass = r.Form.Get("gcs_storage_class")
|
|
|
|
fs.GCSConfig.KeyPrefix = r.Form.Get("gcs_key_prefix")
|
2020-02-19 08:41:15 +00:00
|
|
|
autoCredentials := r.Form.Get("gcs_auto_credentials")
|
|
|
|
if len(autoCredentials) > 0 {
|
|
|
|
fs.GCSConfig.AutomaticCredentials = 1
|
|
|
|
} else {
|
|
|
|
fs.GCSConfig.AutomaticCredentials = 0
|
|
|
|
}
|
2020-01-31 18:04:00 +00:00
|
|
|
credentials, _, err := r.FormFile("gcs_credential_file")
|
|
|
|
if err == http.ErrMissingFile {
|
|
|
|
return fs, nil
|
|
|
|
}
|
|
|
|
if err != nil {
|
|
|
|
return fs, err
|
|
|
|
}
|
|
|
|
defer credentials.Close()
|
|
|
|
fileBytes, err := ioutil.ReadAll(credentials)
|
|
|
|
if err != nil || len(fileBytes) == 0 {
|
|
|
|
if len(fileBytes) == 0 {
|
|
|
|
err = errors.New("credentials file size must be greater than 0")
|
|
|
|
}
|
|
|
|
return fs, err
|
|
|
|
}
|
2020-11-30 20:46:34 +00:00
|
|
|
fs.GCSConfig.Credentials = kms.NewPlainSecret(string(fileBytes))
|
2020-02-19 08:41:15 +00:00
|
|
|
fs.GCSConfig.AutomaticCredentials = 0
|
2020-10-25 07:18:48 +00:00
|
|
|
} else if fs.Provider == dataprovider.AzureBlobFilesystemProvider {
|
|
|
|
fs.AzBlobConfig.Container = r.Form.Get("az_container")
|
|
|
|
fs.AzBlobConfig.AccountName = r.Form.Get("az_account_name")
|
2020-11-22 20:53:04 +00:00
|
|
|
fs.AzBlobConfig.AccountKey = getSecretFromFormField(r, "az_account_key")
|
2020-10-25 07:18:48 +00:00
|
|
|
fs.AzBlobConfig.SASURL = r.Form.Get("az_sas_url")
|
|
|
|
fs.AzBlobConfig.Endpoint = r.Form.Get("az_endpoint")
|
|
|
|
fs.AzBlobConfig.KeyPrefix = r.Form.Get("az_key_prefix")
|
2020-10-30 21:17:17 +00:00
|
|
|
fs.AzBlobConfig.AccessTier = r.Form.Get("az_access_tier")
|
2020-10-25 07:18:48 +00:00
|
|
|
fs.AzBlobConfig.UseEmulator = len(r.Form.Get("az_use_emulator")) > 0
|
|
|
|
fs.AzBlobConfig.UploadPartSize, err = strconv.ParseInt(r.Form.Get("az_upload_part_size"), 10, 64)
|
|
|
|
if err != nil {
|
|
|
|
return fs, err
|
|
|
|
}
|
|
|
|
fs.AzBlobConfig.UploadConcurrency, err = strconv.Atoi(r.Form.Get("az_upload_concurrency"))
|
|
|
|
if err != nil {
|
|
|
|
return fs, err
|
|
|
|
}
|
2020-01-19 06:41:05 +00:00
|
|
|
}
|
2020-01-31 18:04:00 +00:00
|
|
|
return fs, nil
|
2020-01-19 06:41:05 +00:00
|
|
|
}
|
|
|
|
|
2019-10-07 16:19:01 +00:00
|
|
|
func getUserFromPostFields(r *http.Request) (dataprovider.User, error) {
|
|
|
|
var user dataprovider.User
|
2020-01-31 18:04:00 +00:00
|
|
|
err := r.ParseMultipartForm(maxRequestSize)
|
2019-10-07 16:19:01 +00:00
|
|
|
if err != nil {
|
|
|
|
return user, err
|
|
|
|
}
|
|
|
|
publicKeysFormValue := r.Form.Get("public_keys")
|
2019-12-30 17:37:50 +00:00
|
|
|
publicKeys := getSliceFromDelimitedValues(publicKeysFormValue, "\n")
|
2019-10-07 16:19:01 +00:00
|
|
|
uid, err := strconv.Atoi(r.Form.Get("uid"))
|
|
|
|
if err != nil {
|
|
|
|
return user, err
|
|
|
|
}
|
|
|
|
gid, err := strconv.Atoi(r.Form.Get("gid"))
|
|
|
|
if err != nil {
|
|
|
|
return user, err
|
|
|
|
}
|
|
|
|
maxSessions, err := strconv.Atoi(r.Form.Get("max_sessions"))
|
|
|
|
if err != nil {
|
|
|
|
return user, err
|
|
|
|
}
|
|
|
|
quotaSize, err := strconv.ParseInt(r.Form.Get("quota_size"), 10, 64)
|
|
|
|
if err != nil {
|
|
|
|
return user, err
|
|
|
|
}
|
|
|
|
quotaFiles, err := strconv.Atoi(r.Form.Get("quota_files"))
|
|
|
|
if err != nil {
|
|
|
|
return user, err
|
|
|
|
}
|
|
|
|
bandwidthUL, err := strconv.ParseInt(r.Form.Get("upload_bandwidth"), 10, 64)
|
|
|
|
if err != nil {
|
|
|
|
return user, err
|
|
|
|
}
|
|
|
|
bandwidthDL, err := strconv.ParseInt(r.Form.Get("download_bandwidth"), 10, 64)
|
|
|
|
if err != nil {
|
|
|
|
return user, err
|
|
|
|
}
|
2019-11-13 10:36:21 +00:00
|
|
|
status, err := strconv.Atoi(r.Form.Get("status"))
|
|
|
|
if err != nil {
|
|
|
|
return user, err
|
|
|
|
}
|
|
|
|
expirationDateMillis := int64(0)
|
|
|
|
expirationDateString := r.Form.Get("expiration_date")
|
|
|
|
if len(strings.TrimSpace(expirationDateString)) > 0 {
|
|
|
|
expirationDate, err := time.Parse(webDateTimeFormat, expirationDateString)
|
|
|
|
if err != nil {
|
|
|
|
return user, err
|
|
|
|
}
|
|
|
|
expirationDateMillis = utils.GetTimeAsMsSinceEpoch(expirationDate)
|
|
|
|
}
|
2020-01-31 18:04:00 +00:00
|
|
|
fsConfig, err := getFsConfigFromUserPostFields(r)
|
|
|
|
if err != nil {
|
|
|
|
return user, err
|
|
|
|
}
|
2019-10-07 16:19:01 +00:00
|
|
|
user = dataprovider.User{
|
|
|
|
Username: r.Form.Get("username"),
|
|
|
|
Password: r.Form.Get("password"),
|
|
|
|
PublicKeys: publicKeys,
|
|
|
|
HomeDir: r.Form.Get("home_dir"),
|
2020-02-23 10:30:26 +00:00
|
|
|
VirtualFolders: getVirtualFoldersFromPostFields(r),
|
2019-10-07 16:19:01 +00:00
|
|
|
UID: uid,
|
|
|
|
GID: gid,
|
2019-12-25 17:20:19 +00:00
|
|
|
Permissions: getUserPermissionsFromPostFields(r),
|
2019-10-07 16:19:01 +00:00
|
|
|
MaxSessions: maxSessions,
|
|
|
|
QuotaSize: quotaSize,
|
|
|
|
QuotaFiles: quotaFiles,
|
|
|
|
UploadBandwidth: bandwidthUL,
|
|
|
|
DownloadBandwidth: bandwidthDL,
|
2019-11-13 10:36:21 +00:00
|
|
|
Status: status,
|
|
|
|
ExpirationDate: expirationDateMillis,
|
2019-12-30 17:37:50 +00:00
|
|
|
Filters: getFiltersFromUserPostFields(r),
|
2020-01-31 18:04:00 +00:00
|
|
|
FsConfig: fsConfig,
|
2020-11-25 21:26:34 +00:00
|
|
|
AdditionalInfo: r.Form.Get("additional_info"),
|
2019-10-07 16:19:01 +00:00
|
|
|
}
|
2020-08-16 18:17:02 +00:00
|
|
|
maxFileSize, err := strconv.ParseInt(r.Form.Get("max_upload_file_size"), 10, 64)
|
|
|
|
user.Filters.MaxUploadFileSize = maxFileSize
|
2019-10-07 16:19:01 +00:00
|
|
|
return user, err
|
|
|
|
}
|
|
|
|
|
|
|
|
func handleGetWebUsers(w http.ResponseWriter, r *http.Request) {
|
2020-06-07 21:30:18 +00:00
|
|
|
limit := defaultQueryLimit
|
2019-10-07 16:19:01 +00:00
|
|
|
if _, ok := r.URL.Query()["qlimit"]; ok {
|
|
|
|
var err error
|
|
|
|
limit, err = strconv.Atoi(r.URL.Query().Get("qlimit"))
|
|
|
|
if err != nil {
|
2020-06-07 21:30:18 +00:00
|
|
|
limit = defaultQueryLimit
|
2019-10-07 16:19:01 +00:00
|
|
|
}
|
|
|
|
}
|
2020-06-07 21:30:18 +00:00
|
|
|
users := make([]dataprovider.User, 0, limit)
|
|
|
|
for {
|
2020-07-08 17:59:31 +00:00
|
|
|
u, err := dataprovider.GetUsers(limit, len(users), dataprovider.OrderASC, "")
|
2020-06-07 21:30:18 +00:00
|
|
|
if err != nil {
|
|
|
|
renderInternalServerErrorPage(w, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
users = append(users, u...)
|
|
|
|
if len(u) < limit {
|
2019-10-07 16:19:01 +00:00
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
data := usersPage{
|
|
|
|
basePage: getBasePageData(pageUsersTitle, webUsersPath),
|
|
|
|
Users: users,
|
|
|
|
}
|
|
|
|
renderTemplate(w, templateUsers, data)
|
|
|
|
}
|
|
|
|
|
|
|
|
func handleWebAddUserGet(w http.ResponseWriter, r *http.Request) {
|
2019-11-13 10:36:21 +00:00
|
|
|
renderAddUserPage(w, dataprovider.User{Status: 1}, "")
|
2019-10-07 16:19:01 +00:00
|
|
|
}
|
|
|
|
|
2020-04-21 17:24:38 +00:00
|
|
|
func handleWebUpdateUserGet(w http.ResponseWriter, r *http.Request) {
|
|
|
|
id, err := strconv.ParseInt(chi.URLParam(r, "userID"), 10, 64)
|
2019-10-07 16:19:01 +00:00
|
|
|
if err != nil {
|
|
|
|
renderBadRequestPage(w, err)
|
|
|
|
return
|
|
|
|
}
|
2020-07-08 17:59:31 +00:00
|
|
|
user, err := dataprovider.GetUserByID(id)
|
2019-10-07 16:19:01 +00:00
|
|
|
if err == nil {
|
|
|
|
renderUpdateUserPage(w, user, "")
|
|
|
|
} else if _, ok := err.(*dataprovider.RecordNotFoundError); ok {
|
|
|
|
renderNotFoundPage(w, err)
|
|
|
|
} else {
|
|
|
|
renderInternalServerErrorPage(w, err)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func handleWebAddUserPost(w http.ResponseWriter, r *http.Request) {
|
2020-01-31 18:04:00 +00:00
|
|
|
r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
|
2019-10-07 16:19:01 +00:00
|
|
|
user, err := getUserFromPostFields(r)
|
|
|
|
if err != nil {
|
|
|
|
renderAddUserPage(w, user, err.Error())
|
|
|
|
return
|
|
|
|
}
|
2020-07-08 17:59:31 +00:00
|
|
|
err = dataprovider.AddUser(user)
|
2019-10-07 16:19:01 +00:00
|
|
|
if err == nil {
|
|
|
|
http.Redirect(w, r, webUsersPath, http.StatusSeeOther)
|
|
|
|
} else {
|
|
|
|
renderAddUserPage(w, user, err.Error())
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2020-04-21 17:24:38 +00:00
|
|
|
func handleWebUpdateUserPost(w http.ResponseWriter, r *http.Request) {
|
2020-01-31 18:04:00 +00:00
|
|
|
r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
|
2020-04-21 17:24:38 +00:00
|
|
|
id, err := strconv.ParseInt(chi.URLParam(r, "userID"), 10, 64)
|
2019-10-07 16:19:01 +00:00
|
|
|
if err != nil {
|
|
|
|
renderBadRequestPage(w, err)
|
|
|
|
return
|
|
|
|
}
|
2020-07-08 17:59:31 +00:00
|
|
|
user, err := dataprovider.GetUserByID(id)
|
2019-10-07 16:19:01 +00:00
|
|
|
if _, ok := err.(*dataprovider.RecordNotFoundError); ok {
|
|
|
|
renderNotFoundPage(w, err)
|
|
|
|
return
|
|
|
|
} else if err != nil {
|
|
|
|
renderInternalServerErrorPage(w, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
updatedUser, err := getUserFromPostFields(r)
|
|
|
|
if err != nil {
|
|
|
|
renderUpdateUserPage(w, user, err.Error())
|
|
|
|
return
|
|
|
|
}
|
|
|
|
updatedUser.ID = user.ID
|
2020-11-30 20:46:34 +00:00
|
|
|
updatedUser.SetEmptySecretsIfNil()
|
2019-10-07 16:19:01 +00:00
|
|
|
if len(updatedUser.Password) == 0 {
|
|
|
|
updatedUser.Password = user.Password
|
|
|
|
}
|
2020-11-22 20:53:04 +00:00
|
|
|
if !updatedUser.FsConfig.S3Config.AccessSecret.IsPlain() && !updatedUser.FsConfig.S3Config.AccessSecret.IsEmpty() {
|
|
|
|
updatedUser.FsConfig.S3Config.AccessSecret = user.FsConfig.S3Config.AccessSecret
|
|
|
|
}
|
|
|
|
if !updatedUser.FsConfig.AzBlobConfig.AccountKey.IsPlain() && !updatedUser.FsConfig.AzBlobConfig.AccountKey.IsEmpty() {
|
|
|
|
updatedUser.FsConfig.AzBlobConfig.AccountKey = user.FsConfig.AzBlobConfig.AccountKey
|
|
|
|
}
|
2020-07-08 17:59:31 +00:00
|
|
|
err = dataprovider.UpdateUser(updatedUser)
|
2019-10-07 16:19:01 +00:00
|
|
|
if err == nil {
|
2020-09-01 14:10:26 +00:00
|
|
|
if len(r.Form.Get("disconnect")) > 0 {
|
|
|
|
disconnectUser(user.Username)
|
|
|
|
}
|
2019-10-07 16:19:01 +00:00
|
|
|
http.Redirect(w, r, webUsersPath, http.StatusSeeOther)
|
|
|
|
} else {
|
|
|
|
renderUpdateUserPage(w, user, err.Error())
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func handleWebGetConnections(w http.ResponseWriter, r *http.Request) {
|
2020-07-24 21:39:38 +00:00
|
|
|
connectionStats := common.Connections.GetStats()
|
2019-10-07 16:19:01 +00:00
|
|
|
data := connectionsPage{
|
|
|
|
basePage: getBasePageData(pageConnectionsTitle, webConnectionsPath),
|
|
|
|
Connections: connectionStats,
|
|
|
|
}
|
|
|
|
renderTemplate(w, templateConnections, data)
|
|
|
|
}
|
2020-06-07 21:30:18 +00:00
|
|
|
|
|
|
|
func handleWebAddFolderGet(w http.ResponseWriter, r *http.Request) {
|
|
|
|
renderAddFolderPage(w, vfs.BaseVirtualFolder{}, "")
|
|
|
|
}
|
|
|
|
|
|
|
|
func handleWebAddFolderPost(w http.ResponseWriter, r *http.Request) {
|
|
|
|
r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
|
|
|
|
folder := vfs.BaseVirtualFolder{}
|
|
|
|
err := r.ParseForm()
|
|
|
|
if err != nil {
|
|
|
|
renderAddFolderPage(w, folder, err.Error())
|
|
|
|
return
|
|
|
|
}
|
|
|
|
folder.MappedPath = r.Form.Get("mapped_path")
|
|
|
|
|
2020-07-08 17:59:31 +00:00
|
|
|
err = dataprovider.AddFolder(folder)
|
2020-06-07 21:30:18 +00:00
|
|
|
if err == nil {
|
|
|
|
http.Redirect(w, r, webFoldersPath, http.StatusSeeOther)
|
|
|
|
} else {
|
|
|
|
renderAddFolderPage(w, folder, err.Error())
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func handleWebGetFolders(w http.ResponseWriter, r *http.Request) {
|
|
|
|
limit := defaultQueryLimit
|
|
|
|
if _, ok := r.URL.Query()["qlimit"]; ok {
|
|
|
|
var err error
|
|
|
|
limit, err = strconv.Atoi(r.URL.Query().Get("qlimit"))
|
|
|
|
if err != nil {
|
|
|
|
limit = defaultQueryLimit
|
|
|
|
}
|
|
|
|
}
|
|
|
|
folders := make([]vfs.BaseVirtualFolder, 0, limit)
|
|
|
|
for {
|
2020-07-08 17:59:31 +00:00
|
|
|
f, err := dataprovider.GetFolders(limit, len(folders), dataprovider.OrderASC, "")
|
2020-06-07 21:30:18 +00:00
|
|
|
if err != nil {
|
|
|
|
renderInternalServerErrorPage(w, err)
|
|
|
|
return
|
|
|
|
}
|
|
|
|
folders = append(folders, f...)
|
|
|
|
if len(f) < limit {
|
|
|
|
break
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
data := foldersPage{
|
|
|
|
basePage: getBasePageData(pageFoldersTitle, webFoldersPath),
|
|
|
|
Folders: folders,
|
|
|
|
}
|
|
|
|
renderTemplate(w, templateFolders, data)
|
|
|
|
}
|