refactor virtual folders

The same virtual folder can now be shared among users and different
folder quota limits for each user are supported.

Fixes #120
This commit is contained in:
Nicola Murino 2020-06-07 23:30:18 +02:00
parent dc011af90d
commit 8306b6bde6
56 changed files with 6969 additions and 1018 deletions

View file

@ -22,7 +22,7 @@ jobs:
uses: actions/checkout@v2
- name: Install golangci-lint
run: curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.26.0
run: curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin v1.27.0
- name: Run golangci-lint
run: golangci-lint run

View file

@ -24,7 +24,7 @@ Fully featured and highly configurable SFTP server, written in Go
- Per user IP filters are supported: login can be restricted to specific ranges of IP addresses or to a specific IP address.
- Per user and per directory file extensions filters are supported: files can be allowed or denied based on their extensions.
- Virtual folders are supported: directories outside the user home directory can be exposed as virtual folders.
- Configurable custom commands and/or HTTP notifications on file upload, download, delete, rename, on SSH commands and on user add, update and delete.
- Configurable custom commands and/or HTTP notifications on file upload, download, pre-delete, delete, rename, on SSH commands and on user add, update and delete.
- Automatically terminating idle connections.
- Atomic uploads are configurable.
- Support for Git repositories over SSH.
@ -132,6 +132,10 @@ SFTPGo allows to configure custom commands and/or HTTP notifications on file upl
More information about custom actions can be found [here](./docs/custom-actions.md).
## Virtual folders
Directories outside the user home directory can be exposed as virtual folders, more information [here](./docs/virtual-folders.md).
## Storage backends
### S3 Compabible Object Storage backends

View file

@ -75,7 +75,7 @@ func init() {
Username: "",
Password: "",
ConnectionString: "",
UsersTable: "users",
SQLTablesPrefix: "",
ManageUsers: 1,
SSLMode: 0,
TrackQuota: 1,

View file

@ -14,15 +14,17 @@ import (
"github.com/drakkan/sftpgo/logger"
"github.com/drakkan/sftpgo/utils"
"github.com/drakkan/sftpgo/vfs"
)
const (
boltDatabaseVersion = 3
boltDatabaseVersion = 4
)
var (
usersBucket = []byte("users")
usersIDIdxBucket = []byte("users_id_idx")
foldersBucket = []byte("folders")
dbVersionBucket = []byte("db_version")
dbVersionKey = []byte("version")
)
@ -90,6 +92,14 @@ func initializeBoltProvider(basePath string) error {
providerLog(logger.LevelWarn, "error creating username idx bucket: %v", err)
return err
}
err = dbHandle.Update(func(tx *bolt.Tx) error {
_, e := tx.CreateBucketIfNotExists(foldersBucket)
return e
})
if err != nil {
providerLog(logger.LevelWarn, "error creating username idx bucket: %v", err)
return err
}
err = dbHandle.Update(func(tx *bolt.Tx) error {
_, e := tx.CreateBucketIfNotExists(dbVersionBucket)
return e
@ -106,7 +116,7 @@ func initializeBoltProvider(basePath string) error {
}
func (p BoltProvider) checkAvailability() error {
_, err := p.getUsers(1, 0, "ASC", "")
_, err := getBoltDatabaseVersion(p.dbHandle)
return err
}
@ -152,7 +162,12 @@ func (p BoltProvider) getUserByID(ID int64) (User, error) {
if u == nil {
return &RecordNotFoundError{err: fmt.Sprintf("username %#v and ID: %v does not exist", string(username), ID)}
}
return json.Unmarshal(u, &user)
folderBucket, err := getFolderBucket(tx)
if err != nil {
return err
}
user, err = joinUserAndFolders(u, folderBucket)
return err
})
return user, err
@ -215,7 +230,10 @@ func (p BoltProvider) updateQuota(username string, filesAdd int, sizeAdd int64,
if err != nil {
return err
}
return bucket.Put([]byte(username), buf)
err = bucket.Put([]byte(username), buf)
providerLog(logger.LevelDebug, "quota updated for user %#v, files increment: %v size increment: %v is reset? %v",
username, filesAdd, sizeAdd, reset)
return err
})
}
@ -239,7 +257,12 @@ func (p BoltProvider) userExists(username string) (User, error) {
if u == nil {
return &RecordNotFoundError{err: fmt.Sprintf("username %v does not exist", username)}
}
return json.Unmarshal(u, &user)
folderBucket, err := getFolderBucket(tx)
if err != nil {
return err
}
user, err = joinUserAndFolders(u, folderBucket)
return err
})
return user, err
}
@ -254,6 +277,10 @@ func (p BoltProvider) addUser(user User) error {
if err != nil {
return err
}
folderBucket, err := getFolderBucket(tx)
if err != nil {
return err
}
if u := bucket.Get([]byte(user.Username)); u != nil {
return fmt.Errorf("username %v already exists", user.Username)
}
@ -262,15 +289,21 @@ func (p BoltProvider) addUser(user User) error {
return err
}
user.ID = int64(id)
for _, folder := range user.VirtualFolders {
err = addUserToFolderMapping(folder, user, folderBucket)
if err != nil {
return err
}
}
buf, err := json.Marshal(user)
if err != nil {
return err
}
userIDAsBytes := itob(user.ID)
err = bucket.Put([]byte(user.Username), buf)
if err != nil {
return err
}
userIDAsBytes := itob(user.ID)
return idxBucket.Put(userIDAsBytes, []byte(user.Username))
})
}
@ -285,9 +318,35 @@ func (p BoltProvider) updateUser(user User) error {
if err != nil {
return err
}
if u := bucket.Get([]byte(user.Username)); u == nil {
folderBucket, err := getFolderBucket(tx)
if err != nil {
return err
}
var u []byte
if u = bucket.Get([]byte(user.Username)); u == nil {
return &RecordNotFoundError{err: fmt.Sprintf("username %v does not exist", user.Username)}
}
var oldUser User
err = json.Unmarshal(u, &oldUser)
if err != nil {
return err
}
for _, folder := range oldUser.VirtualFolders {
err = removeUserFromFolderMapping(folder, oldUser, folderBucket)
if err != nil {
return err
}
}
for _, folder := range user.VirtualFolders {
err = addUserToFolderMapping(folder, user, folderBucket)
if err != nil {
return err
}
}
user.LastQuotaUpdate = oldUser.LastQuotaUpdate
user.UsedQuotaSize = oldUser.UsedQuotaSize
user.UsedQuotaFiles = oldUser.UsedQuotaFiles
user.LastLogin = oldUser.LastLogin
buf, err := json.Marshal(user)
if err != nil {
return err
@ -302,6 +361,18 @@ func (p BoltProvider) deleteUser(user User) error {
if err != nil {
return err
}
if len(user.VirtualFolders) > 0 {
folderBucket, err := getFolderBucket(tx)
if err != nil {
return err
}
for _, folder := range user.VirtualFolders {
err = removeUserFromFolderMapping(folder, user, folderBucket)
if err != nil {
return err
}
}
}
userIDAsBytes := itob(user.ID)
userName := idxBucket.Get(userIDAsBytes)
if userName == nil {
@ -316,16 +387,19 @@ func (p BoltProvider) deleteUser(user User) error {
}
func (p BoltProvider) dumpUsers() ([]User, error) {
users := []User{}
users := make([]User, 0, 100)
err := p.dbHandle.View(func(tx *bolt.Tx) error {
bucket, _, err := getBuckets(tx)
if err != nil {
return err
}
folderBucket, err := getFolderBucket(tx)
if err != nil {
return err
}
cursor := bucket.Cursor()
for k, v := cursor.First(); k != nil; k, v = cursor.Next() {
var user User
err = json.Unmarshal(v, &user)
user, err := joinUserAndFolders(v, folderBucket)
if err != nil {
return err
}
@ -355,7 +429,7 @@ func (p BoltProvider) getUserWithUsername(username string) ([]User, error) {
}
func (p BoltProvider) getUsers(limit int, offset int, order string, username string) ([]User, error) {
users := []User{}
users := make([]User, 0, limit)
var err error
if limit <= 0 {
return users, err
@ -371,16 +445,19 @@ func (p BoltProvider) getUsers(limit int, offset int, order string, username str
if err != nil {
return err
}
folderBucket, err := getFolderBucket(tx)
if err != nil {
return err
}
cursor := bucket.Cursor()
itNum := 0
if order == "ASC" {
if order == OrderASC {
for k, v := cursor.First(); k != nil; k, v = cursor.Next() {
itNum++
if itNum <= offset {
continue
}
var user User
err = json.Unmarshal(v, &user)
user, err := joinUserAndFolders(v, folderBucket)
if err == nil {
users = append(users, HideUserSensitiveData(&user))
}
@ -394,8 +471,7 @@ func (p BoltProvider) getUsers(limit int, offset int, order string, username str
if itNum <= offset {
continue
}
var user User
err = json.Unmarshal(v, &user)
user, err := joinUserAndFolders(v, folderBucket)
if err == nil {
users = append(users, HideUserSensitiveData(&user))
}
@ -409,6 +485,209 @@ func (p BoltProvider) getUsers(limit int, offset int, order string, username str
return users, err
}
func (p BoltProvider) dumpFolders() ([]vfs.BaseVirtualFolder, error) {
folders := make([]vfs.BaseVirtualFolder, 0, 50)
err := p.dbHandle.View(func(tx *bolt.Tx) error {
bucket, err := getFolderBucket(tx)
if err != nil {
return err
}
cursor := bucket.Cursor()
for k, v := cursor.First(); k != nil; k, v = cursor.Next() {
var folder vfs.BaseVirtualFolder
err = json.Unmarshal(v, &folder)
if err != nil {
return err
}
folders = append(folders, folder)
}
return err
})
return folders, err
}
func (p BoltProvider) getFolders(limit, offset int, order, folderPath string) ([]vfs.BaseVirtualFolder, error) {
folders := make([]vfs.BaseVirtualFolder, 0, limit)
var err error
if limit <= 0 {
return folders, err
}
if len(folderPath) > 0 {
if offset == 0 {
var folder vfs.BaseVirtualFolder
folder, err = p.getFolderByPath(folderPath)
if err == nil {
folders = append(folders, folder)
}
}
return folders, err
}
err = p.dbHandle.View(func(tx *bolt.Tx) error {
bucket, err := getFolderBucket(tx)
if err != nil {
return err
}
cursor := bucket.Cursor()
itNum := 0
if order == OrderASC {
for k, v := cursor.First(); k != nil; k, v = cursor.Next() {
itNum++
if itNum <= offset {
continue
}
var folder vfs.BaseVirtualFolder
err = json.Unmarshal(v, &folder)
if err != nil {
return err
}
folders = append(folders, folder)
if len(folders) >= limit {
break
}
}
} else {
for k, v := cursor.Last(); k != nil; k, v = cursor.Prev() {
itNum++
if itNum <= offset {
continue
}
var folder vfs.BaseVirtualFolder
err = json.Unmarshal(v, &folder)
if err != nil {
return err
}
folders = append(folders, folder)
if len(folders) >= limit {
break
}
}
}
return err
})
return folders, err
}
func (p BoltProvider) getFolderByPath(name string) (vfs.BaseVirtualFolder, error) {
var folder vfs.BaseVirtualFolder
err := p.dbHandle.View(func(tx *bolt.Tx) error {
bucket, err := getFolderBucket(tx)
if err != nil {
return err
}
folder, err = folderExistsInternal(name, bucket)
return err
})
return folder, err
}
func (p BoltProvider) addFolder(folder vfs.BaseVirtualFolder) error {
err := validateFolder(&folder)
if err != nil {
return err
}
return p.dbHandle.Update(func(tx *bolt.Tx) error {
bucket, err := getFolderBucket(tx)
if err != nil {
return err
}
if f := bucket.Get([]byte(folder.MappedPath)); f != nil {
return fmt.Errorf("folder %v already exists", folder.MappedPath)
}
_, err = addFolderInternal(folder, bucket)
return err
})
}
func (p BoltProvider) deleteFolder(folder vfs.BaseVirtualFolder) error {
return p.dbHandle.Update(func(tx *bolt.Tx) error {
bucket, err := getFolderBucket(tx)
if err != nil {
return err
}
usersBucket, _, err := getBuckets(tx)
if err != nil {
return err
}
var f []byte
if f = bucket.Get([]byte(folder.MappedPath)); f == nil {
return &RecordNotFoundError{err: fmt.Sprintf("folder %v does not exist", folder.MappedPath)}
}
var folder vfs.BaseVirtualFolder
err = json.Unmarshal(f, &folder)
if err != nil {
return err
}
for _, username := range folder.Users {
var u []byte
if u = usersBucket.Get([]byte(username)); u == nil {
continue
}
var user User
err = json.Unmarshal(u, &user)
if err != nil {
return err
}
var folders []vfs.VirtualFolder
for _, userFolder := range user.VirtualFolders {
if folder.MappedPath != userFolder.MappedPath {
folders = append(folders, userFolder)
}
}
user.VirtualFolders = folders
buf, err := json.Marshal(user)
if err != nil {
return err
}
err = usersBucket.Put([]byte(user.Username), buf)
if err != nil {
return err
}
}
return bucket.Delete([]byte(folder.MappedPath))
})
}
func (p BoltProvider) updateFolderQuota(mappedPath string, filesAdd int, sizeAdd int64, reset bool) error {
return p.dbHandle.Update(func(tx *bolt.Tx) error {
bucket, err := getFolderBucket(tx)
if err != nil {
return err
}
var f []byte
if f = bucket.Get([]byte(mappedPath)); f == nil {
return &RecordNotFoundError{err: fmt.Sprintf("folder %v does not exist, unable to update quota", mappedPath)}
}
var folder vfs.BaseVirtualFolder
err = json.Unmarshal(f, &folder)
if err != nil {
return err
}
if reset {
folder.UsedQuotaSize = sizeAdd
folder.UsedQuotaFiles = filesAdd
} else {
folder.UsedQuotaSize += sizeAdd
folder.UsedQuotaFiles += filesAdd
}
folder.LastQuotaUpdate = utils.GetTimeAsMsSinceEpoch(time.Now())
buf, err := json.Marshal(folder)
if err != nil {
return err
}
return bucket.Put([]byte(folder.MappedPath), buf)
})
}
func (p BoltProvider) getUsedFolderQuota(mappedPath string) (int, int64, error) {
folder, err := p.getFolderByPath(mappedPath)
if err != nil {
providerLog(logger.LevelWarn, "unable to get quota for folder %#v error: %v", mappedPath, err)
return 0, 0, err
}
return folder.UsedQuotaFiles, folder.UsedQuotaSize, err
}
func (p BoltProvider) close() error {
return p.dbHandle.Close()
}
@ -437,9 +716,19 @@ func (p BoltProvider) migrateDatabase() error {
if err != nil {
return err
}
return updateDatabaseFrom2To3(p.dbHandle)
err = updateDatabaseFrom2To3(p.dbHandle)
if err != nil {
return err
}
return updateDatabaseFrom3To4(p.dbHandle)
case 2:
return updateDatabaseFrom2To3(p.dbHandle)
err = updateDatabaseFrom2To3(p.dbHandle)
if err != nil {
return err
}
return updateDatabaseFrom3To4(p.dbHandle)
case 3:
return updateDatabaseFrom3To4(p.dbHandle)
default:
return fmt.Errorf("Database version not handled: %v", dbVersion.Version)
}
@ -452,6 +741,106 @@ func itob(v int64) []byte {
return b
}
func joinUserAndFolders(u []byte, foldersBucket *bolt.Bucket) (User, error) {
var user User
err := json.Unmarshal(u, &user)
if len(user.VirtualFolders) > 0 {
var folders []vfs.VirtualFolder
for _, folder := range user.VirtualFolders {
baseFolder, err := folderExistsInternal(folder.MappedPath, foldersBucket)
if err != nil {
continue
}
folder.UsedQuotaFiles = baseFolder.UsedQuotaFiles
folder.UsedQuotaSize = baseFolder.UsedQuotaSize
folder.LastQuotaUpdate = baseFolder.LastQuotaUpdate
folder.ID = baseFolder.ID
folders = append(folders, folder)
}
user.VirtualFolders = folders
}
return user, err
}
func folderExistsInternal(name string, bucket *bolt.Bucket) (vfs.BaseVirtualFolder, error) {
var folder vfs.BaseVirtualFolder
f := bucket.Get([]byte(name))
if f == nil {
err := &RecordNotFoundError{err: fmt.Sprintf("folder %v does not exist", name)}
return folder, err
}
err := json.Unmarshal(f, &folder)
return folder, err
}
func addFolderInternal(folder vfs.BaseVirtualFolder, bucket *bolt.Bucket) (vfs.BaseVirtualFolder, error) {
id, err := bucket.NextSequence()
if err != nil {
return folder, err
}
folder.ID = int64(id)
buf, err := json.Marshal(folder)
if err != nil {
return folder, err
}
err = bucket.Put([]byte(folder.MappedPath), buf)
return folder, err
}
func addUserToFolderMapping(folder vfs.VirtualFolder, user User, bucket *bolt.Bucket) error {
var baseFolder vfs.BaseVirtualFolder
var err error
if f := bucket.Get([]byte(folder.MappedPath)); f == nil {
// folder does not exists, try to create
baseFolder, err = addFolderInternal(folder.BaseVirtualFolder, bucket)
} else {
err = json.Unmarshal(f, &baseFolder)
}
if err != nil {
return err
}
if !utils.IsStringInSlice(user.Username, baseFolder.Users) {
baseFolder.Users = append(baseFolder.Users, user.Username)
buf, err := json.Marshal(baseFolder)
if err != nil {
return err
}
err = bucket.Put([]byte(folder.MappedPath), buf)
if err != nil {
return err
}
}
return err
}
func removeUserFromFolderMapping(folder vfs.VirtualFolder, user User, bucket *bolt.Bucket) error {
var f []byte
if f = bucket.Get([]byte(folder.MappedPath)); f == nil {
// the folder does not exists so there is no associated user
return nil
}
var baseFolder vfs.BaseVirtualFolder
err := json.Unmarshal(f, &baseFolder)
if err != nil {
return err
}
if utils.IsStringInSlice(user.Username, baseFolder.Users) {
var newUserMapping []string
for _, u := range baseFolder.Users {
if u != user.Username {
newUserMapping = append(newUserMapping, u)
}
}
baseFolder.Users = newUserMapping
buf, err := json.Marshal(baseFolder)
if err != nil {
return err
}
return bucket.Put([]byte(folder.MappedPath), buf)
}
return err
}
func getBuckets(tx *bolt.Tx) (*bolt.Bucket, *bolt.Bucket, error) {
var err error
bucket := tx.Bucket(usersBucket)
@ -462,6 +851,15 @@ func getBuckets(tx *bolt.Tx) (*bolt.Bucket, *bolt.Bucket, error) {
return bucket, idxBucket, err
}
func getFolderBucket(tx *bolt.Tx) (*bolt.Bucket, error) {
var err error
bucket := tx.Bucket(foldersBucket)
if bucket == nil {
err = fmt.Errorf("unable to find required buckets, bolt database structure not correcly defined")
}
return bucket, err
}
func updateDatabaseFrom1To2(dbHandle *bolt.DB) error {
providerLog(logger.LevelInfo, "updating bolt database version: 1 -> 2")
usernames, err := getBoltAvailableUsernames(dbHandle)
@ -537,6 +935,69 @@ func updateDatabaseFrom2To3(dbHandle *bolt.DB) error {
return updateBoltDatabaseVersion(dbHandle, 3)
}
func updateDatabaseFrom3To4(dbHandle *bolt.DB) error {
providerLog(logger.LevelInfo, "updating bolt database version: 3 -> 4")
foldersToScan := []string{}
users := []userCompactVFolders{}
err := dbHandle.View(func(tx *bolt.Tx) error {
bucket, _, err := getBuckets(tx)
if err != nil {
return err
}
cursor := bucket.Cursor()
for k, v := cursor.First(); k != nil; k, v = cursor.Next() {
var compatUser userCompactVFolders
err = json.Unmarshal(v, &compatUser)
if err == nil && len(compatUser.VirtualFolders) > 0 {
users = append(users, compatUser)
}
}
return err
})
if err != nil {
return err
}
for _, u := range users {
user, err := provider.userExists(u.Username)
if err != nil {
return err
}
var folders []vfs.VirtualFolder
for _, f := range u.VirtualFolders {
providerLog(logger.LevelInfo, "restoring virtual folder: %+v for user %#v", f, user.Username)
quotaSize := int64(-1)
quotaFiles := -1
if f.ExcludeFromQuota {
quotaSize = 0
quotaFiles = 0
}
folder := vfs.VirtualFolder{
QuotaSize: quotaSize,
QuotaFiles: quotaFiles,
VirtualPath: f.VirtualPath,
}
folder.MappedPath = f.MappedPath
folders = append(folders, folder)
if !utils.IsStringInSlice(folder.MappedPath, foldersToScan) {
foldersToScan = append(foldersToScan, folder.MappedPath)
}
}
user.VirtualFolders = folders
err = provider.updateUser(user)
providerLog(logger.LevelInfo, "number of virtual folders to restore %v, user %#v, error: %v", len(user.VirtualFolders),
user.Username, err)
if err != nil {
return err
}
}
err = updateBoltDatabaseVersion(dbHandle, 4)
if err == nil {
go updateVFoldersQuotaAfterRestore(foldersToScan)
}
return err
}
func getBoltAvailableUsernames(dbHandle *bolt.DB) ([]string, error) {
usernames := []string{}
err := dbHandle.View(func(tx *bolt.Tx) error {

View file

@ -1,6 +1,5 @@
// Package dataprovider provides data access.
// It abstract different data providers and exposes a common API.
// Currently the supported data providers are: PostreSQL (9+), MySQL (4.1+) and SQLite 3.x
// It abstracts different data providers and exposes a common API.
package dataprovider
import (
@ -72,6 +71,13 @@ const (
operationAdd = "add"
operationUpdate = "update"
operationDelete = "delete"
sqlPrefixValidChars = "abcdefghijklmnopqrstuvwxyz_"
)
// ordering constants
const (
OrderASC = "ASC"
OrderDESC = "DESC"
)
var (
@ -100,6 +106,10 @@ var (
errWrongPassword = errors.New("password does not match")
errNoInitRequired = errors.New("initialization is not required for this data provider")
credentialsDirPath string
sqlTableUsers = "users"
sqlTableFolders = "folders"
sqlTableFoldersMapping = "folders_mapping"
sqlTableSchemaVersion = "schema_version"
)
type schemaVersion struct {
@ -143,14 +153,15 @@ type Config struct {
// Custom database connection string.
// If not empty this connection string will be used instead of build one using the previous parameters
ConnectionString string `json:"connection_string" mapstructure:"connection_string"`
// Database table for SFTP users
UsersTable string `json:"users_table" mapstructure:"users_table"`
// prefix for SQL tables
SQLTablesPrefix string `json:"sql_tables_prefix" mapstructure:"sql_tables_prefix"`
// Set to 0 to disable users management, 1 to enable
ManageUsers int `json:"manage_users" mapstructure:"manage_users"`
// Set the preferred way to track users quota between the following choices:
// 0, disable quota tracking. REST API to scan user dir and update quota will do nothing
// 1, quota is updated each time a user upload or delete a file even if the user has no quota restrictions
// 2, quota is updated each time a user upload or delete a file but only for users with quota restrictions.
// 2, quota is updated each time a user upload or delete a file but only for users with quota restrictions
// and for virtual folders.
// With this configuration the "quota scan" REST API can still be used to periodically update space usage
// for users without quota restrictions
TrackQuota int `json:"track_quota" mapstructure:"track_quota"`
@ -253,7 +264,8 @@ type Config struct {
// BackupData defines the structure for the backup/restore files
type BackupData struct {
Users []User `json:"users"`
Users []User `json:"users"`
Folders []vfs.BaseVirtualFolder `json:"folders"`
}
type keyboardAuthHookRequest struct {
@ -272,6 +284,18 @@ type keyboardAuthHookResponse struct {
CheckPwd int `json:"check_password"`
}
type virtualFoldersCompact struct {
VirtualPath string `json:"virtual_path"`
MappedPath string `json:"mapped_path"`
ExcludeFromQuota bool `json:"exclude_from_quota"`
}
type userCompactVFolders struct {
ID int64 `json:"id"`
Username string `json:"username"`
VirtualFolders []virtualFoldersCompact `json:"virtual_folders"`
}
// ValidationError raised if input data is not valid
type ValidationError struct {
err string
@ -313,7 +337,7 @@ func GetQuotaTracking() int {
return config.TrackQuota
}
// Provider interface that data providers must implement.
// Provider defines the interface that data providers must implement.
type Provider interface {
validateUserAndPass(username string, password string) (User, error)
validateUserAndPubKey(username string, pubKey []byte) (User, string, error)
@ -327,6 +351,13 @@ type Provider interface {
dumpUsers() ([]User, error)
getUserByID(ID int64) (User, error)
updateLastLogin(username string) error
getFolders(limit, offset int, order, folderPath string) ([]vfs.BaseVirtualFolder, error)
getFolderByPath(mappedPath string) (vfs.BaseVirtualFolder, error)
addFolder(folder vfs.BaseVirtualFolder) error
deleteFolder(folder vfs.BaseVirtualFolder) error
updateFolderQuota(mappedPath string, filesAdd int, sizeAdd int64, reset bool) error
getUsedFolderQuota(mappedPath string) (int, int64, error)
dumpFolders() ([]vfs.BaseVirtualFolder, error)
checkAvailability() error
close() error
reloadConfig() error
@ -343,7 +374,6 @@ func init() {
func Initialize(cnf Config, basePath string) error {
var err error
config = cnf
sqlPlaceholders = getSQLPlaceholders()
if err = validateHooks(); err != nil {
return err
@ -388,10 +418,26 @@ func validateHooks() error {
return nil
}
func validateSQLTablesPrefix() error {
if len(config.SQLTablesPrefix) > 0 {
for _, char := range config.SQLTablesPrefix {
if !strings.Contains(sqlPrefixValidChars, strings.ToLower(string(char))) {
return errors.New("Invalid sql_tables_prefix only chars in range 'a..z', 'A..Z' and '_' are allowed")
}
}
sqlTableUsers = config.SQLTablesPrefix + sqlTableUsers
sqlTableFolders = config.SQLTablesPrefix + sqlTableFolders
sqlTableFoldersMapping = config.SQLTablesPrefix + sqlTableFoldersMapping
sqlTableSchemaVersion = config.SQLTablesPrefix + sqlTableSchemaVersion
providerLog(logger.LevelDebug, "sql table for users %#v, folders %#v folders mapping %#v schema version %#v",
sqlTableUsers, sqlTableFolders, sqlTableFoldersMapping, sqlTableSchemaVersion)
}
return nil
}
// InitializeDatabase creates the initial database structure
func InitializeDatabase(cnf Config, basePath string) error {
config = cnf
sqlPlaceholders = getSQLPlaceholders()
if config.Driver == BoltDataProviderName || config.Driver == MemoryDataProviderName {
return errNoInitRequired
@ -481,8 +527,19 @@ func UpdateUserQuota(p Provider, user User, filesAdd int, sizeAdd int64, reset b
return p.updateQuota(user.Username, filesAdd, sizeAdd, reset)
}
// UpdateVirtualFolderQuota updates the quota for the given virtual folder adding filesAdd and sizeAdd.
// If reset is true filesAdd and sizeAdd indicates the total files and the total size instead of the difference.
func UpdateVirtualFolderQuota(p Provider, vfolder vfs.BaseVirtualFolder, filesAdd int, sizeAdd int64, reset bool) error {
if config.TrackQuota == 0 {
return &MethodDisabledError{err: trackQuotaDisabledError}
}
if config.ManageUsers == 0 {
return &MethodDisabledError{err: manageUsersDisabledError}
}
return p.updateFolderQuota(vfolder.MappedPath, filesAdd, sizeAdd, reset)
}
// GetUsedQuota returns the used quota for the given SFTP user.
// TrackQuota must be >=1 to enable this method
func GetUsedQuota(p Provider, username string) (int, int64, error) {
if config.TrackQuota == 0 {
return 0, 0, &MethodDisabledError{err: trackQuotaDisabledError}
@ -490,6 +547,14 @@ func GetUsedQuota(p Provider, username string) (int, int64, error) {
return p.getUsedQuota(username)
}
// GetUsedVirtualFolderQuota returns the used quota for the given virtual folder.
func GetUsedVirtualFolderQuota(p Provider, mappedPath string) (int, int64, error) {
if config.TrackQuota == 0 {
return 0, 0, &MethodDisabledError{err: trackQuotaDisabledError}
}
return p.getUsedFolderQuota(mappedPath)
}
// UserExists checks if the given SFTP username exists, returns an error if no match is found
func UserExists(p Provider, username string) (User, error) {
return p.userExists(username)
@ -534,11 +599,6 @@ func DeleteUser(p Provider, user User) error {
return err
}
// DumpUsers returns an array with all users including their hashed password
func DumpUsers(p Provider) ([]User, error) {
return p.dumpUsers()
}
// ReloadConfig reloads provider configuration.
// Currently only implemented for memory provider, allows to reload the users
// from the configured file, if defined
@ -547,7 +607,7 @@ func ReloadConfig() error {
}
// GetUsers returns an array of users respecting limit and offset and filtered by username exact match if not empty
func GetUsers(p Provider, limit int, offset int, order string, username string) ([]User, error) {
func GetUsers(p Provider, limit, offset int, order string, username string) ([]User, error) {
return p.getUsers(limit, offset, order, username)
}
@ -556,6 +616,50 @@ func GetUserByID(p Provider, ID int64) (User, error) {
return p.getUserByID(ID)
}
// AddFolder adds a new virtual folder.
// ManageUsers configuration must be set to 1 to enable this method
func AddFolder(p Provider, folder vfs.BaseVirtualFolder) error {
if config.ManageUsers == 0 {
return &MethodDisabledError{err: manageUsersDisabledError}
}
return p.addFolder(folder)
}
// DeleteFolder deletes an existing folder.
// ManageUsers configuration must be set to 1 to enable this method
func DeleteFolder(p Provider, folder vfs.BaseVirtualFolder) error {
if config.ManageUsers == 0 {
return &MethodDisabledError{err: manageUsersDisabledError}
}
return p.deleteFolder(folder)
}
// GetFolderByPath returns the folder with the specified path if any
func GetFolderByPath(p Provider, mappedPath string) (vfs.BaseVirtualFolder, error) {
return p.getFolderByPath(mappedPath)
}
// GetFolders returns an array of folders respecting limit and offset
func GetFolders(p Provider, limit, offset int, order, folderPath string) ([]vfs.BaseVirtualFolder, error) {
return p.getFolders(limit, offset, order, folderPath)
}
// DumpData returns all users and folders
func DumpData(p Provider) (BackupData, error) {
var data BackupData
users, err := p.dumpUsers()
if err != nil {
return data, err
}
folders, err := p.dumpFolders()
if err != nil {
return data, err
}
data.Users = users
data.Folders = folders
return data, err
}
// GetProviderStatus returns an error if the provider is not available
func GetProviderStatus(p Provider) error {
return p.checkAvailability()
@ -572,6 +676,10 @@ func Close(p Provider) error {
func createProvider(basePath string) error {
var err error
sqlPlaceholders = getSQLPlaceholders()
if err = validateSQLTablesPrefix(); err != nil {
return err
}
if config.Driver == SQLiteDataProviderName {
err = initializeSQLiteProvider(basePath)
} else if config.Driver == PGSQLDataProviderName {
@ -630,7 +738,21 @@ func isMappedDirOverlapped(dir1, dir2 string) bool {
return false
}
func validateVirtualFolders(user *User) error {
func validateFolderQuotaLimits(folder vfs.VirtualFolder) error {
if folder.QuotaSize < -1 {
return &ValidationError{err: fmt.Sprintf("invalid quota_size: %v folder path %#v", folder.QuotaSize, folder.MappedPath)}
}
if folder.QuotaFiles < -1 {
return &ValidationError{err: fmt.Sprintf("invalid quota_file: %v folder path %#v", folder.QuotaSize, folder.MappedPath)}
}
if (folder.QuotaSize == -1 && folder.QuotaFiles != -1) || (folder.QuotaFiles == -1 && folder.QuotaSize != -1) {
return &ValidationError{err: fmt.Sprintf("virtual folder quota_size and quota_files must be both -1 or >= 0, quota_size: %v quota_files: %v",
folder.QuotaFiles, folder.QuotaSize)}
}
return nil
}
func validateUserVirtualFolders(user *User) error {
if len(user.VirtualFolders) == 0 || user.FsConfig.Provider != 0 {
user.VirtualFolders = []vfs.VirtualFolder{}
return nil
@ -642,6 +764,9 @@ func validateVirtualFolders(user *User) error {
if !path.IsAbs(cleanedVPath) || cleanedVPath == "/" {
return &ValidationError{err: fmt.Sprintf("invalid virtual folder %#v", v.VirtualPath)}
}
if err := validateFolderQuotaLimits(v); err != nil {
return err
}
cleanedMPath := filepath.Clean(v.MappedPath)
if !filepath.IsAbs(cleanedMPath) {
return &ValidationError{err: fmt.Sprintf("invalid mapped folder %#v", v.MappedPath)}
@ -651,9 +776,12 @@ func validateVirtualFolders(user *User) error {
v.MappedPath, user.GetHomeDir())}
}
virtualFolders = append(virtualFolders, vfs.VirtualFolder{
VirtualPath: cleanedVPath,
MappedPath: cleanedMPath,
ExcludeFromQuota: v.ExcludeFromQuota,
BaseVirtualFolder: vfs.BaseVirtualFolder{
MappedPath: cleanedMPath,
},
VirtualPath: cleanedVPath,
QuotaSize: v.QuotaSize,
QuotaFiles: v.QuotaFiles,
})
for k, virtual := range mappedPaths {
if isMappedDirOverlapped(k, cleanedMPath) {
@ -859,6 +987,15 @@ func createUserPasswordHash(user *User) error {
return nil
}
func validateFolder(folder *vfs.BaseVirtualFolder) error {
cleanedMPath := filepath.Clean(folder.MappedPath)
if !filepath.IsAbs(cleanedMPath) {
return &ValidationError{err: fmt.Sprintf("invalid mapped folder %#v", folder.MappedPath)}
}
folder.MappedPath = cleanedMPath
return nil
}
func validateUser(user *User) error {
buildUserHomeDir(user)
if err := validateBaseParams(user); err != nil {
@ -870,7 +1007,7 @@ func validateUser(user *User) error {
if err := validateFilesystemConfig(user); err != nil {
return err
}
if err := validateVirtualFolders(user); err != nil {
if err := validateUserVirtualFolders(user); err != nil {
return err
}
if user.Status < 0 || user.Status > 1 {
@ -1581,3 +1718,23 @@ func executeAction(operation string, user User) {
executeNotificationCommand(operation, user) //nolint:errcheck // the error is used in test cases only
}
}
// after migrating database to v4 we have to update the quota for the imported folders
func updateVFoldersQuotaAfterRestore(foldersToScan []string) {
fs := vfs.NewOsFs("", "", nil).(vfs.OsFs)
for _, folder := range foldersToScan {
providerLog(logger.LevelDebug, "starting quota scan after migration for folder %#v", folder)
vfolder, err := provider.getFolderByPath(folder)
if err != nil {
providerLog(logger.LevelWarn, "error getting folder to scan %#v: %v", folder, err)
continue
}
numFiles, size, err := fs.GetDirSize(folder)
if err != nil {
providerLog(logger.LevelWarn, "error scanning folder %#v: %v", folder, err)
continue
}
err = UpdateVirtualFolderQuota(provider, vfolder, numFiles, size, true)
providerLog(logger.LevelDebug, "quota updated for virtual folder %#v, error: %v", vfolder.MappedPath, err)
}
}

View file

@ -13,6 +13,7 @@ import (
"github.com/drakkan/sftpgo/logger"
"github.com/drakkan/sftpgo/utils"
"github.com/drakkan/sftpgo/vfs"
)
var (
@ -27,6 +28,10 @@ type memoryProviderHandle struct {
usersIdx map[int64]string
// map for users, username is the key
users map[string]User
// map for virtual folders, MappedPath is the key
vfolders map[string]vfs.BaseVirtualFolder
// slice with ordered folders mapped path
vfoldersPaths []string
// configuration file to use for loading users
configFile string
lock *sync.Mutex
@ -48,12 +53,14 @@ func initializeMemoryProvider(basePath string) error {
}
provider = MemoryProvider{
dbHandle: &memoryProviderHandle{
isClosed: false,
usernames: []string{},
usersIdx: make(map[int64]string),
users: make(map[string]User),
configFile: configFile,
lock: new(sync.Mutex),
isClosed: false,
usernames: []string{},
usersIdx: make(map[int64]string),
users: make(map[string]User),
vfolders: make(map[string]vfs.BaseVirtualFolder),
vfoldersPaths: []string{},
configFile: configFile,
lock: new(sync.Mutex),
},
}
return provider.reloadConfig()
@ -85,7 +92,7 @@ func (p MemoryProvider) validateUserAndPass(username string, password string) (U
}
user, err := p.userExists(username)
if err != nil {
providerLog(logger.LevelWarn, "error authenticating user: %v, error: %v", username, err)
providerLog(logger.LevelWarn, "error authenticating user %#v, error: %v", username, err)
return user, err
}
return checkUserAndPass(user, password)
@ -98,7 +105,7 @@ func (p MemoryProvider) validateUserAndPubKey(username string, pubKey []byte) (U
}
user, err := p.userExists(username)
if err != nil {
providerLog(logger.LevelWarn, "error authenticating user: %v, error: %v", username, err)
providerLog(logger.LevelWarn, "error authenticating user %#v, error: %v", username, err)
return user, "", err
}
return checkUserAndPubKey(user, pubKey)
@ -139,7 +146,7 @@ func (p MemoryProvider) updateQuota(username string, filesAdd int, sizeAdd int64
}
user, err := p.userExistsInternal(username)
if err != nil {
providerLog(logger.LevelWarn, "unable to update quota for user %v error: %v", username, err)
providerLog(logger.LevelWarn, "unable to update quota for user %#v error: %v", username, err)
return err
}
if reset {
@ -150,6 +157,8 @@ func (p MemoryProvider) updateQuota(username string, filesAdd int, sizeAdd int64
user.UsedQuotaFiles += filesAdd
}
user.LastQuotaUpdate = utils.GetTimeAsMsSinceEpoch(time.Now())
providerLog(logger.LevelDebug, "quota updated for user %#v, files increment: %v size increment: %v is reset? %v",
username, filesAdd, sizeAdd, reset)
p.dbHandle.users[user.Username] = user
return nil
}
@ -162,7 +171,7 @@ func (p MemoryProvider) getUsedQuota(username string) (int, int64, error) {
}
user, err := p.userExistsInternal(username)
if err != nil {
providerLog(logger.LevelWarn, "unable to get quota for user %v error: %v", username, err)
providerLog(logger.LevelWarn, "unable to get quota for user %#v error: %v", username, err)
return 0, 0, err
}
return user.UsedQuotaFiles, user.UsedQuotaSize, err
@ -180,9 +189,10 @@ func (p MemoryProvider) addUser(user User) error {
}
_, err = p.userExistsInternal(user.Username)
if err == nil {
return fmt.Errorf("username %v already exists", user.Username)
return fmt.Errorf("username %#v already exists", user.Username)
}
user.ID = p.getNextID()
user.VirtualFolders = p.joinVirtualFoldersFields(user)
p.dbHandle.users[user.Username] = user
p.dbHandle.usersIdx[user.ID] = user.Username
p.dbHandle.usernames = append(p.dbHandle.usernames, user.Username)
@ -200,10 +210,18 @@ func (p MemoryProvider) updateUser(user User) error {
if err != nil {
return err
}
_, err = p.userExistsInternal(user.Username)
u, err := p.userExistsInternal(user.Username)
if err != nil {
return err
}
for _, oldFolder := range u.VirtualFolders {
p.removeUserFromFolderMapping(oldFolder.MappedPath, u.Username)
}
user.VirtualFolders = p.joinVirtualFoldersFields(user)
user.LastQuotaUpdate = u.LastQuotaUpdate
user.UsedQuotaSize = u.UsedQuotaSize
user.UsedQuotaFiles = u.UsedQuotaFiles
user.LastLogin = u.LastLogin
p.dbHandle.users[user.Username] = user
return nil
}
@ -214,10 +232,13 @@ func (p MemoryProvider) deleteUser(user User) error {
if p.dbHandle.isClosed {
return errMemoryProviderClosed
}
_, err := p.userExistsInternal(user.Username)
u, err := p.userExistsInternal(user.Username)
if err != nil {
return err
}
for _, oldFolder := range u.VirtualFolders {
p.removeUserFromFolderMapping(oldFolder.MappedPath, u.Username)
}
delete(p.dbHandle.users, user.Username)
delete(p.dbHandle.usersIdx, user.ID)
// this could be more efficient
@ -230,10 +251,10 @@ func (p MemoryProvider) deleteUser(user User) error {
}
func (p MemoryProvider) dumpUsers() ([]User, error) {
users := []User{}
var err error
p.dbHandle.lock.Lock()
defer p.dbHandle.lock.Unlock()
users := make([]User, 0, len(p.dbHandle.usernames))
var err error
if p.dbHandle.isClosed {
return users, errMemoryProviderClosed
}
@ -248,8 +269,21 @@ func (p MemoryProvider) dumpUsers() ([]User, error) {
return users, err
}
func (p MemoryProvider) dumpFolders() ([]vfs.BaseVirtualFolder, error) {
p.dbHandle.lock.Lock()
defer p.dbHandle.lock.Unlock()
folders := make([]vfs.BaseVirtualFolder, 0, len(p.dbHandle.vfoldersPaths))
if p.dbHandle.isClosed {
return folders, errMemoryProviderClosed
}
for _, f := range p.dbHandle.vfolders {
folders = append(folders, f)
}
return folders, nil
}
func (p MemoryProvider) getUsers(limit int, offset int, order string, username string) ([]User, error) {
users := []User{}
users := make([]User, 0, limit)
var err error
p.dbHandle.lock.Lock()
defer p.dbHandle.lock.Unlock()
@ -269,7 +303,7 @@ func (p MemoryProvider) getUsers(limit int, offset int, order string, username s
return users, err
}
itNum := 0
if order == "ASC" {
if order == OrderASC {
for _, username := range p.dbHandle.usernames {
itNum++
if itNum <= offset {
@ -311,7 +345,224 @@ func (p MemoryProvider) userExistsInternal(username string) (User, error) {
if val, ok := p.dbHandle.users[username]; ok {
return val.getACopy(), nil
}
return User{}, &RecordNotFoundError{err: fmt.Sprintf("username %v does not exist", username)}
return User{}, &RecordNotFoundError{err: fmt.Sprintf("username %#v does not exist", username)}
}
func (p MemoryProvider) updateFolderQuota(mappedPath string, filesAdd int, sizeAdd int64, reset bool) error {
p.dbHandle.lock.Lock()
defer p.dbHandle.lock.Unlock()
if p.dbHandle.isClosed {
return errMemoryProviderClosed
}
folder, err := p.folderExistsInternal(mappedPath)
if err != nil {
providerLog(logger.LevelWarn, "unable to update quota for folder %#v error: %v", mappedPath, err)
return err
}
if reset {
folder.UsedQuotaSize = sizeAdd
folder.UsedQuotaFiles = filesAdd
} else {
folder.UsedQuotaSize += sizeAdd
folder.UsedQuotaFiles += filesAdd
}
folder.LastQuotaUpdate = utils.GetTimeAsMsSinceEpoch(time.Now())
p.dbHandle.vfolders[mappedPath] = folder
return nil
}
func (p MemoryProvider) getUsedFolderQuota(mappedPath string) (int, int64, error) {
p.dbHandle.lock.Lock()
defer p.dbHandle.lock.Unlock()
if p.dbHandle.isClosed {
return 0, 0, errMemoryProviderClosed
}
folder, err := p.folderExistsInternal(mappedPath)
if err != nil {
providerLog(logger.LevelWarn, "unable to get quota for folder %#v error: %v", mappedPath, err)
return 0, 0, err
}
return folder.UsedQuotaFiles, folder.UsedQuotaSize, err
}
func (p MemoryProvider) joinVirtualFoldersFields(user User) []vfs.VirtualFolder {
var folders []vfs.VirtualFolder
for _, folder := range user.VirtualFolders {
f, err := p.addOrGetFolderInternal(folder.MappedPath, user.Username, folder.UsedQuotaSize, folder.UsedQuotaFiles,
folder.LastQuotaUpdate)
if err == nil {
folder.UsedQuotaFiles = f.UsedQuotaFiles
folder.UsedQuotaSize = f.UsedQuotaSize
folder.LastQuotaUpdate = f.LastQuotaUpdate
folder.ID = f.ID
folders = append(folders, folder)
}
}
return folders
}
func (p MemoryProvider) removeUserFromFolderMapping(mappedPath, username string) {
folder, err := p.folderExistsInternal(mappedPath)
if err == nil {
var usernames []string
for _, user := range folder.Users {
if user != username {
usernames = append(usernames, user)
}
}
folder.Users = usernames
p.dbHandle.vfolders[folder.MappedPath] = folder
}
}
func (p MemoryProvider) updateFoldersMappingInternal(folder vfs.BaseVirtualFolder) {
p.dbHandle.vfolders[folder.MappedPath] = folder
if !utils.IsStringInSlice(folder.MappedPath, p.dbHandle.vfoldersPaths) {
p.dbHandle.vfoldersPaths = append(p.dbHandle.vfoldersPaths, folder.MappedPath)
sort.Strings(p.dbHandle.vfoldersPaths)
}
}
func (p MemoryProvider) addOrGetFolderInternal(mappedPath, username string, usedQuotaSize int64, usedQuotaFiles int, lastQuotaUpdate int64) (vfs.BaseVirtualFolder, error) {
folder, err := p.folderExistsInternal(mappedPath)
if _, ok := err.(*RecordNotFoundError); ok {
folder := vfs.BaseVirtualFolder{
ID: p.getNextFolderID(),
MappedPath: mappedPath,
UsedQuotaSize: usedQuotaSize,
UsedQuotaFiles: usedQuotaFiles,
LastQuotaUpdate: lastQuotaUpdate,
Users: []string{username},
}
p.updateFoldersMappingInternal(folder)
return folder, nil
}
if err == nil && !utils.IsStringInSlice(username, folder.Users) {
folder.Users = append(folder.Users, username)
p.updateFoldersMappingInternal(folder)
}
return folder, err
}
func (p MemoryProvider) folderExistsInternal(mappedPath string) (vfs.BaseVirtualFolder, error) {
if val, ok := p.dbHandle.vfolders[mappedPath]; ok {
return val, nil
}
return vfs.BaseVirtualFolder{}, &RecordNotFoundError{err: fmt.Sprintf("folder %#v does not exist", mappedPath)}
}
func (p MemoryProvider) getFolders(limit, offset int, order, folderPath string) ([]vfs.BaseVirtualFolder, error) {
folders := make([]vfs.BaseVirtualFolder, 0, limit)
var err error
p.dbHandle.lock.Lock()
defer p.dbHandle.lock.Unlock()
if p.dbHandle.isClosed {
return folders, errMemoryProviderClosed
}
if limit <= 0 {
return folders, err
}
if len(folderPath) > 0 {
if offset == 0 {
var folder vfs.BaseVirtualFolder
folder, err = p.folderExistsInternal(folderPath)
if err == nil {
folders = append(folders, folder)
}
}
return folders, err
}
itNum := 0
if order == OrderASC {
for _, mappedPath := range p.dbHandle.vfoldersPaths {
itNum++
if itNum <= offset {
continue
}
folder := p.dbHandle.vfolders[mappedPath]
folders = append(folders, folder)
if len(folders) >= limit {
break
}
}
} else {
for i := len(p.dbHandle.vfoldersPaths) - 1; i >= 0; i-- {
itNum++
if itNum <= offset {
continue
}
mappedPath := p.dbHandle.vfoldersPaths[i]
folder := p.dbHandle.vfolders[mappedPath]
folders = append(folders, folder)
if len(folders) >= limit {
break
}
}
}
return folders, err
}
func (p MemoryProvider) getFolderByPath(mappedPath string) (vfs.BaseVirtualFolder, error) {
p.dbHandle.lock.Lock()
defer p.dbHandle.lock.Unlock()
if p.dbHandle.isClosed {
return vfs.BaseVirtualFolder{}, errMemoryProviderClosed
}
return p.folderExistsInternal(mappedPath)
}
func (p MemoryProvider) addFolder(folder vfs.BaseVirtualFolder) error {
p.dbHandle.lock.Lock()
defer p.dbHandle.lock.Unlock()
if p.dbHandle.isClosed {
return errMemoryProviderClosed
}
err := validateFolder(&folder)
if err != nil {
return err
}
_, err = p.folderExistsInternal(folder.MappedPath)
if err == nil {
return fmt.Errorf("folder %#v already exists", folder.MappedPath)
}
folder.ID = p.getNextFolderID()
p.dbHandle.vfolders[folder.MappedPath] = folder
p.dbHandle.vfoldersPaths = append(p.dbHandle.vfoldersPaths, folder.MappedPath)
sort.Strings(p.dbHandle.vfoldersPaths)
return nil
}
func (p MemoryProvider) deleteFolder(folder vfs.BaseVirtualFolder) error {
p.dbHandle.lock.Lock()
defer p.dbHandle.lock.Unlock()
if p.dbHandle.isClosed {
return errMemoryProviderClosed
}
_, err := p.folderExistsInternal(folder.MappedPath)
if err != nil {
return err
}
for _, username := range folder.Users {
user, err := p.userExistsInternal(username)
if err == nil {
var folders []vfs.VirtualFolder
for _, userFolder := range user.VirtualFolders {
if folder.MappedPath != userFolder.MappedPath {
folders = append(folders, userFolder)
}
}
user.VirtualFolders = folders
p.dbHandle.users[user.Username] = user
}
}
delete(p.dbHandle.vfolders, folder.MappedPath)
p.dbHandle.vfoldersPaths = []string{}
for mappedPath := range p.dbHandle.vfolders {
p.dbHandle.vfoldersPaths = append(p.dbHandle.vfoldersPaths, mappedPath)
}
sort.Strings(p.dbHandle.vfoldersPaths)
return nil
}
func (p MemoryProvider) getNextID() int64 {
@ -324,12 +575,24 @@ func (p MemoryProvider) getNextID() int64 {
return nextID
}
func (p MemoryProvider) clearUsers() {
func (p MemoryProvider) getNextFolderID() int64 {
nextID := int64(1)
for _, v := range p.dbHandle.vfolders {
if v.ID >= nextID {
nextID = v.ID + 1
}
}
return nextID
}
func (p MemoryProvider) clear() {
p.dbHandle.lock.Lock()
defer p.dbHandle.lock.Unlock()
p.dbHandle.usernames = []string{}
p.dbHandle.usersIdx = make(map[int64]string)
p.dbHandle.users = make(map[string]User)
p.dbHandle.vfoldersPaths = []string{}
p.dbHandle.vfolders = make(map[string]vfs.BaseVirtualFolder)
}
func (p MemoryProvider) reloadConfig() error {
@ -364,23 +627,30 @@ func (p MemoryProvider) reloadConfig() error {
providerLog(logger.LevelWarn, "error loading users: %v", err)
return err
}
p.clearUsers()
p.clear()
for _, folder := range dump.Folders {
_, err := p.getFolderByPath(folder.MappedPath)
if err == nil {
logger.Debug(logSender, "", "folder %#v already exists, restore not needed", folder.MappedPath)
continue
}
folder.Users = nil
err = p.addFolder(folder)
if err != nil {
providerLog(logger.LevelWarn, "error adding folder %#v: %v", folder.MappedPath, err)
return err
}
}
for _, user := range dump.Users {
u, err := p.userExists(user.Username)
if err == nil {
user.ID = u.ID
user.LastLogin = u.LastLogin
user.UsedQuotaSize = u.UsedQuotaSize
user.UsedQuotaFiles = u.UsedQuotaFiles
err = p.updateUser(user)
if err != nil {
providerLog(logger.LevelWarn, "error updating user %#v: %v", user.Username, err)
return err
}
} else {
user.LastLogin = 0
user.UsedQuotaSize = 0
user.UsedQuotaFiles = 0
err = p.addUser(user)
if err != nil {
providerLog(logger.LevelWarn, "error adding user %#v: %v", user.Username, err)
@ -388,7 +658,7 @@ func (p MemoryProvider) reloadConfig() error {
}
}
}
providerLog(logger.LevelDebug, "users loaded from file: %#v", p.dbHandle.configFile)
providerLog(logger.LevelDebug, "user and folders loaded from file: %#v", p.dbHandle.configFile)
return nil
}

View file

@ -13,6 +13,7 @@ import (
"github.com/drakkan/sftpgo/logger"
"github.com/drakkan/sftpgo/utils"
"github.com/drakkan/sftpgo/vfs"
)
const (
@ -24,9 +25,18 @@ const (
"`upload_bandwidth` integer NOT NULL, `download_bandwidth` integer NOT NULL, `expiration_date` bigint(20) NOT NULL, " +
"`last_login` bigint(20) NOT NULL, `status` int(11) NOT NULL, `filters` longtext DEFAULT NULL, " +
"`filesystem` longtext DEFAULT NULL);"
mysqlSchemaTableSQL = "CREATE TABLE `schema_version` (`id` integer AUTO_INCREMENT NOT NULL PRIMARY KEY, `version` integer NOT NULL);"
mysqlUsersV2SQL = "ALTER TABLE `{{users}}` ADD COLUMN `virtual_folders` longtext NULL;"
mysqlUsersV3SQL = "ALTER TABLE `{{users}}` MODIFY `password` longtext NULL;"
mysqlSchemaTableSQL = "CREATE TABLE `{{schema_version}}` (`id` integer AUTO_INCREMENT NOT NULL PRIMARY KEY, `version` integer NOT NULL);"
mysqlV2SQL = "ALTER TABLE `{{users}}` ADD COLUMN `virtual_folders` longtext NULL;"
mysqlV3SQL = "ALTER TABLE `{{users}}` MODIFY `password` longtext NULL;"
mysqlV4SQL = "CREATE TABLE `{{folders}}` (`id` integer AUTO_INCREMENT NOT NULL PRIMARY KEY, `path` varchar(512) NOT NULL UNIQUE," +
"`used_quota_size` bigint NOT NULL, `used_quota_files` integer NOT NULL, `last_quota_update` bigint NOT NULL);" +
"ALTER TABLE `{{users}}` MODIFY `home_dir` varchar(512) NOT NULL;" +
"ALTER TABLE `{{users}}` DROP COLUMN `virtual_folders`;" +
"CREATE TABLE `{{folders_mapping}}` (`id` integer AUTO_INCREMENT NOT NULL PRIMARY KEY, `virtual_path` varchar(512) NOT NULL, " +
"`quota_size` bigint NOT NULL, `quota_files` integer NOT NULL, `folder_id` integer NOT NULL, `user_id` integer NOT NULL);" +
"ALTER TABLE `{{folders_mapping}}` ADD CONSTRAINT `unique_mapping` UNIQUE (`user_id`, `folder_id`);" +
"ALTER TABLE `{{folders_mapping}}` ADD CONSTRAINT `folders_mapping_folder_id_fk_folders_id` FOREIGN KEY (`folder_id`) REFERENCES `{{folders}}` (`id`) ON DELETE CASCADE;" +
"ALTER TABLE `{{folders_mapping}}` ADD CONSTRAINT `folders_mapping_user_id_fk_users_id` FOREIGN KEY (`user_id`) REFERENCES `{{users}}` (`id`) ON DELETE CASCADE;"
)
// MySQLProvider auth provider for MySQL/MariaDB database
@ -89,14 +99,14 @@ func (p MySQLProvider) updateQuota(username string, filesAdd int, sizeAdd int64,
return sqlCommonUpdateQuota(username, filesAdd, sizeAdd, reset, p.dbHandle)
}
func (p MySQLProvider) updateLastLogin(username string) error {
return sqlCommonUpdateLastLogin(username, p.dbHandle)
}
func (p MySQLProvider) getUsedQuota(username string) (int, int64, error) {
return sqlCommonGetUsedQuota(username, p.dbHandle)
}
func (p MySQLProvider) updateLastLogin(username string) error {
return sqlCommonUpdateLastLogin(username, p.dbHandle)
}
func (p MySQLProvider) userExists(username string) (User, error) {
return sqlCommonCheckUserExists(username, p.dbHandle)
}
@ -121,6 +131,34 @@ func (p MySQLProvider) getUsers(limit int, offset int, order string, username st
return sqlCommonGetUsers(limit, offset, order, username, p.dbHandle)
}
func (p MySQLProvider) dumpFolders() ([]vfs.BaseVirtualFolder, error) {
return sqlCommonDumpFolders(p.dbHandle)
}
func (p MySQLProvider) getFolders(limit, offset int, order, folderPath string) ([]vfs.BaseVirtualFolder, error) {
return sqlCommonGetFolders(limit, offset, order, folderPath, p.dbHandle)
}
func (p MySQLProvider) getFolderByPath(mappedPath string) (vfs.BaseVirtualFolder, error) {
return sqlCommonCheckFolderExists(mappedPath, p.dbHandle)
}
func (p MySQLProvider) addFolder(folder vfs.BaseVirtualFolder) error {
return sqlCommonAddFolder(folder, p.dbHandle)
}
func (p MySQLProvider) deleteFolder(folder vfs.BaseVirtualFolder) error {
return sqlCommonDeleteFolder(folder, p.dbHandle)
}
func (p MySQLProvider) updateFolderQuota(mappedPath string, filesAdd int, sizeAdd int64, reset bool) error {
return sqlCommonUpdateFolderQuota(mappedPath, filesAdd, sizeAdd, reset, p.dbHandle)
}
func (p MySQLProvider) getUsedFolderQuota(mappedPath string) (int, int64, error) {
return sqlCommonGetFolderUsedQuota(mappedPath, p.dbHandle)
}
func (p MySQLProvider) close() error {
return p.dbHandle.Close()
}
@ -131,7 +169,7 @@ func (p MySQLProvider) reloadConfig() error {
// initializeDatabase creates the initial database structure
func (p MySQLProvider) initializeDatabase() error {
sqlUsers := strings.Replace(mysqlUsersTableSQL, "{{users}}", config.UsersTable, 1)
sqlUsers := strings.Replace(mysqlUsersTableSQL, "{{users}}", sqlTableUsers, 1)
tx, err := p.dbHandle.Begin()
if err != nil {
return err
@ -141,12 +179,12 @@ func (p MySQLProvider) initializeDatabase() error {
sqlCommonRollbackTransaction(tx)
return err
}
_, err = tx.Exec(mysqlSchemaTableSQL)
_, err = tx.Exec(strings.Replace(mysqlSchemaTableSQL, "{{schema_version}}", sqlTableSchemaVersion, 1))
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
_, err = tx.Exec(initialDBVersionSQL)
_, err = tx.Exec(strings.Replace(initialDBVersionSQL, "{{schema_version}}", sqlTableSchemaVersion, 1))
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
@ -169,9 +207,19 @@ func (p MySQLProvider) migrateDatabase() error {
if err != nil {
return err
}
return updateMySQLDatabaseFrom2To3(p.dbHandle)
err = updateMySQLDatabaseFrom2To3(p.dbHandle)
if err != nil {
return err
}
return updateMySQLDatabaseFrom3To4(p.dbHandle)
case 2:
return updateMySQLDatabaseFrom2To3(p.dbHandle)
err = updateMySQLDatabaseFrom2To3(p.dbHandle)
if err != nil {
return err
}
return updateMySQLDatabaseFrom3To4(p.dbHandle)
case 3:
return updateMySQLDatabaseFrom3To4(p.dbHandle)
default:
return fmt.Errorf("Database version not handled: %v", dbVersion.Version)
}
@ -179,30 +227,16 @@ func (p MySQLProvider) migrateDatabase() error {
func updateMySQLDatabaseFrom1To2(dbHandle *sql.DB) error {
providerLog(logger.LevelInfo, "updating database version: 1 -> 2")
sql := strings.Replace(mysqlUsersV2SQL, "{{users}}", config.UsersTable, 1)
return updateMySQLDatabase(dbHandle, sql, 2)
sql := strings.Replace(mysqlV2SQL, "{{users}}", sqlTableUsers, 1)
return sqlCommonExecSQLAndUpdateDBVersion(dbHandle, []string{sql}, 2)
}
func updateMySQLDatabaseFrom2To3(dbHandle *sql.DB) error {
providerLog(logger.LevelInfo, "updating database version: 2 -> 3")
sql := strings.Replace(mysqlUsersV3SQL, "{{users}}", config.UsersTable, 1)
return updateMySQLDatabase(dbHandle, sql, 3)
sql := strings.Replace(mysqlV3SQL, "{{users}}", sqlTableUsers, 1)
return sqlCommonExecSQLAndUpdateDBVersion(dbHandle, []string{sql}, 3)
}
func updateMySQLDatabase(dbHandle *sql.DB, sql string, newVersion int) error {
tx, err := dbHandle.Begin()
if err != nil {
return err
}
_, err = tx.Exec(sql)
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
err = sqlCommonUpdateDatabaseVersionWithTX(tx, newVersion)
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
return tx.Commit()
func updateMySQLDatabaseFrom3To4(dbHandle *sql.DB) error {
return sqlCommonUpdateDatabaseFrom3To4(mysqlV4SQL, dbHandle)
}

View file

@ -12,6 +12,7 @@ import (
"github.com/drakkan/sftpgo/logger"
"github.com/drakkan/sftpgo/utils"
"github.com/drakkan/sftpgo/vfs"
)
const (
@ -22,9 +23,19 @@ const (
"last_quota_update" bigint NOT NULL, "upload_bandwidth" integer NOT NULL, "download_bandwidth" integer NOT NULL,
"expiration_date" bigint NOT NULL, "last_login" bigint NOT NULL, "status" integer NOT NULL, "filters" text NULL,
"filesystem" text NULL);`
pgsqlSchemaTableSQL = `CREATE TABLE "schema_version" ("id" serial NOT NULL PRIMARY KEY, "version" integer NOT NULL);`
pgsqlUsersV2SQL = `ALTER TABLE "{{users}}" ADD COLUMN "virtual_folders" text NULL;`
pgsqlUsersV3SQL = `ALTER TABLE "{{users}}" ALTER COLUMN "password" TYPE text USING "password"::text;`
pgsqlSchemaTableSQL = `CREATE TABLE "{{schema_version}}" ("id" serial NOT NULL PRIMARY KEY, "version" integer NOT NULL);`
pgsqlV2SQL = `ALTER TABLE "{{users}}" ADD COLUMN "virtual_folders" text NULL;`
pgsqlV3SQL = `ALTER TABLE "{{users}}" ALTER COLUMN "password" TYPE text USING "password"::text;`
pgsqlV4SQL = `CREATE TABLE "{{folders}}" ("id" serial NOT NULL PRIMARY KEY, "path" varchar(512) NOT NULL UNIQUE, "used_quota_size" bigint NOT NULL, "used_quota_files" integer NOT NULL, "last_quota_update" bigint NOT NULL);
ALTER TABLE "{{users}}" ALTER COLUMN "home_dir" TYPE varchar(512) USING "home_dir"::varchar(512);
ALTER TABLE "{{users}}" DROP COLUMN "virtual_folders" CASCADE;
CREATE TABLE "{{folders_mapping}}" ("id" serial NOT NULL PRIMARY KEY, "virtual_path" varchar(512) NOT NULL, "quota_size" bigint NOT NULL, "quota_files" integer NOT NULL, "folder_id" integer NOT NULL, "user_id" integer NOT NULL);
ALTER TABLE "{{folders_mapping}}" ADD CONSTRAINT "unique_mapping" UNIQUE ("user_id", "folder_id");
ALTER TABLE "{{folders_mapping}}" ADD CONSTRAINT "folders_mapping_folder_id_fk_folders_id" FOREIGN KEY ("folder_id") REFERENCES "{{folders}}" ("id") MATCH SIMPLE ON UPDATE NO ACTION ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED;
ALTER TABLE "{{folders_mapping}}" ADD CONSTRAINT "folders_mapping_user_id_fk_users_id" FOREIGN KEY ("user_id") REFERENCES "{{users}}" ("id") MATCH SIMPLE ON UPDATE NO ACTION ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED;
CREATE INDEX "folders_mapping_folder_id_idx" ON "{{folders_mapping}}" ("folder_id");
CREATE INDEX "folders_mapping_user_id_idx" ON "{{folders_mapping}}" ("user_id");
`
)
// PGSQLProvider auth provider for PostgreSQL database
@ -87,14 +98,14 @@ func (p PGSQLProvider) updateQuota(username string, filesAdd int, sizeAdd int64,
return sqlCommonUpdateQuota(username, filesAdd, sizeAdd, reset, p.dbHandle)
}
func (p PGSQLProvider) updateLastLogin(username string) error {
return sqlCommonUpdateLastLogin(username, p.dbHandle)
}
func (p PGSQLProvider) getUsedQuota(username string) (int, int64, error) {
return sqlCommonGetUsedQuota(username, p.dbHandle)
}
func (p PGSQLProvider) updateLastLogin(username string) error {
return sqlCommonUpdateLastLogin(username, p.dbHandle)
}
func (p PGSQLProvider) userExists(username string) (User, error) {
return sqlCommonCheckUserExists(username, p.dbHandle)
}
@ -119,6 +130,34 @@ func (p PGSQLProvider) getUsers(limit int, offset int, order string, username st
return sqlCommonGetUsers(limit, offset, order, username, p.dbHandle)
}
func (p PGSQLProvider) dumpFolders() ([]vfs.BaseVirtualFolder, error) {
return sqlCommonDumpFolders(p.dbHandle)
}
func (p PGSQLProvider) getFolders(limit, offset int, order, folderPath string) ([]vfs.BaseVirtualFolder, error) {
return sqlCommonGetFolders(limit, offset, order, folderPath, p.dbHandle)
}
func (p PGSQLProvider) getFolderByPath(mappedPath string) (vfs.BaseVirtualFolder, error) {
return sqlCommonCheckFolderExists(mappedPath, p.dbHandle)
}
func (p PGSQLProvider) addFolder(folder vfs.BaseVirtualFolder) error {
return sqlCommonAddFolder(folder, p.dbHandle)
}
func (p PGSQLProvider) deleteFolder(folder vfs.BaseVirtualFolder) error {
return sqlCommonDeleteFolder(folder, p.dbHandle)
}
func (p PGSQLProvider) updateFolderQuota(mappedPath string, filesAdd int, sizeAdd int64, reset bool) error {
return sqlCommonUpdateFolderQuota(mappedPath, filesAdd, sizeAdd, reset, p.dbHandle)
}
func (p PGSQLProvider) getUsedFolderQuota(mappedPath string) (int, int64, error) {
return sqlCommonGetFolderUsedQuota(mappedPath, p.dbHandle)
}
func (p PGSQLProvider) close() error {
return p.dbHandle.Close()
}
@ -129,7 +168,7 @@ func (p PGSQLProvider) reloadConfig() error {
// initializeDatabase creates the initial database structure
func (p PGSQLProvider) initializeDatabase() error {
sqlUsers := strings.Replace(pgsqlUsersTableSQL, "{{users}}", config.UsersTable, 1)
sqlUsers := strings.Replace(pgsqlUsersTableSQL, "{{users}}", sqlTableUsers, 1)
tx, err := p.dbHandle.Begin()
if err != nil {
return err
@ -139,12 +178,12 @@ func (p PGSQLProvider) initializeDatabase() error {
sqlCommonRollbackTransaction(tx)
return err
}
_, err = tx.Exec(pgsqlSchemaTableSQL)
_, err = tx.Exec(strings.Replace(pgsqlSchemaTableSQL, "{{schema_version}}", sqlTableSchemaVersion, 1))
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
_, err = tx.Exec(initialDBVersionSQL)
_, err = tx.Exec(strings.Replace(initialDBVersionSQL, "{{schema_version}}", sqlTableSchemaVersion, 1))
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
@ -167,9 +206,19 @@ func (p PGSQLProvider) migrateDatabase() error {
if err != nil {
return err
}
return updatePGSQLDatabaseFrom2To3(p.dbHandle)
err = updatePGSQLDatabaseFrom2To3(p.dbHandle)
if err != nil {
return err
}
return updatePGSQLDatabaseFrom3To4(p.dbHandle)
case 2:
return updatePGSQLDatabaseFrom2To3(p.dbHandle)
err = updatePGSQLDatabaseFrom2To3(p.dbHandle)
if err != nil {
return err
}
return updatePGSQLDatabaseFrom3To4(p.dbHandle)
case 3:
return updatePGSQLDatabaseFrom3To4(p.dbHandle)
default:
return fmt.Errorf("Database version not handled: %v", dbVersion.Version)
}
@ -177,30 +226,16 @@ func (p PGSQLProvider) migrateDatabase() error {
func updatePGSQLDatabaseFrom1To2(dbHandle *sql.DB) error {
providerLog(logger.LevelInfo, "updating database version: 1 -> 2")
sql := strings.Replace(pgsqlUsersV2SQL, "{{users}}", config.UsersTable, 1)
return updatePGSQLDatabase(dbHandle, sql, 2)
sql := strings.Replace(pgsqlV2SQL, "{{users}}", sqlTableUsers, 1)
return sqlCommonExecSQLAndUpdateDBVersion(dbHandle, []string{sql}, 2)
}
func updatePGSQLDatabaseFrom2To3(dbHandle *sql.DB) error {
providerLog(logger.LevelInfo, "updating database version: 2 -> 3")
sql := strings.Replace(pgsqlUsersV3SQL, "{{users}}", config.UsersTable, 1)
return updatePGSQLDatabase(dbHandle, sql, 3)
sql := strings.Replace(pgsqlV3SQL, "{{users}}", sqlTableUsers, 1)
return sqlCommonExecSQLAndUpdateDBVersion(dbHandle, []string{sql}, 3)
}
func updatePGSQLDatabase(dbHandle *sql.DB, sql string, newVersion int) error {
tx, err := dbHandle.Begin()
if err != nil {
return err
}
_, err = tx.Exec(sql)
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
err = sqlCommonUpdateDatabaseVersionWithTX(tx, newVersion)
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
return tx.Commit()
func updatePGSQLDatabaseFrom3To4(dbHandle *sql.DB) error {
return sqlCommonUpdateDatabaseFrom3To4(pgsqlV4SQL, dbHandle)
}

View file

@ -5,6 +5,7 @@ import (
"database/sql"
"encoding/json"
"errors"
"strings"
"time"
"github.com/drakkan/sftpgo/logger"
@ -13,11 +14,17 @@ import (
)
const (
sqlDatabaseVersion = 3
initialDBVersionSQL = "INSERT INTO schema_version (version) VALUES (1);"
sqlDatabaseVersion = 4
initialDBVersionSQL = "INSERT INTO {{schema_version}} (version) VALUES (1);"
)
func getUserByUsername(username string, dbHandle *sql.DB) (User, error) {
var errSQLFoldersAssosaction = errors.New("unable to associate virtual folders to user")
type sqlQuerier interface {
Prepare(query string) (*sql.Stmt, error)
}
func getUserByUsername(username string, dbHandle sqlQuerier) (User, error) {
var user User
q := getUserByUsernameQuery()
stmt, err := dbHandle.Prepare(q)
@ -28,7 +35,11 @@ func getUserByUsername(username string, dbHandle *sql.DB) (User, error) {
defer stmt.Close()
row := stmt.QueryRow(username)
return getUserFromDbRow(row, nil)
user, err = getUserFromDbRow(row, nil)
if err != nil {
return user, err
}
return getUserWithVirtualFolders(user, dbHandle)
}
func sqlCommonValidateUserAndPass(username string, password string, dbHandle *sql.DB) (User, error) {
@ -74,7 +85,11 @@ func sqlCommonGetUserByID(ID int64, dbHandle *sql.DB) (User, error) {
defer stmt.Close()
row := stmt.QueryRow(ID)
return getUserFromDbRow(row, nil)
user, err = getUserFromDbRow(row, nil)
if err != nil {
return user, err
}
return getUserWithVirtualFolders(user, dbHandle)
}
func sqlCommonUpdateQuota(username string, filesAdd int, sizeAdd int64, reset bool, dbHandle *sql.DB) error {
@ -95,23 +110,6 @@ func sqlCommonUpdateQuota(username string, filesAdd int, sizeAdd int64, reset bo
return err
}
func sqlCommonUpdateLastLogin(username string, dbHandle *sql.DB) error {
q := getUpdateLastLoginQuery()
stmt, err := dbHandle.Prepare(q)
if err != nil {
providerLog(logger.LevelWarn, "error preparing database query %#v: %v", q, err)
return err
}
defer stmt.Close()
_, err = stmt.Exec(utils.GetTimeAsMsSinceEpoch(time.Now()), username)
if err == nil {
providerLog(logger.LevelDebug, "last login updated for user %#v", username)
} else {
providerLog(logger.LevelWarn, "error updating last login for user %#v: %v", username, err)
}
return err
}
func sqlCommonGetUsedQuota(username string, dbHandle *sql.DB) (int, int64, error) {
q := getQuotaQuery()
stmt, err := dbHandle.Prepare(q)
@ -131,6 +129,23 @@ func sqlCommonGetUsedQuota(username string, dbHandle *sql.DB) (int, int64, error
return usedFiles, usedSize, err
}
func sqlCommonUpdateLastLogin(username string, dbHandle *sql.DB) error {
q := getUpdateLastLoginQuery()
stmt, err := dbHandle.Prepare(q)
if err != nil {
providerLog(logger.LevelWarn, "error preparing database query %#v: %v", q, err)
return err
}
defer stmt.Close()
_, err = stmt.Exec(utils.GetTimeAsMsSinceEpoch(time.Now()), username)
if err == nil {
providerLog(logger.LevelDebug, "last login updated for user %#v", username)
} else {
providerLog(logger.LevelWarn, "error updating last login for user %#v: %v", username, err)
}
return err
}
func sqlCommonCheckUserExists(username string, dbHandle *sql.DB) (User, error) {
var user User
q := getUserByUsernameQuery()
@ -141,7 +156,11 @@ func sqlCommonCheckUserExists(username string, dbHandle *sql.DB) (User, error) {
}
defer stmt.Close()
row := stmt.QueryRow(username)
return getUserFromDbRow(row, nil)
user, err = getUserFromDbRow(row, nil)
if err != nil {
return user, err
}
return getUserWithVirtualFolders(user, dbHandle)
}
func sqlCommonAddUser(user User, dbHandle *sql.DB) error {
@ -149,37 +168,51 @@ func sqlCommonAddUser(user User, dbHandle *sql.DB) error {
if err != nil {
return err
}
tx, err := dbHandle.Begin()
if err != nil {
return err
}
q := getAddUserQuery()
stmt, err := dbHandle.Prepare(q)
stmt, err := tx.Prepare(q)
if err != nil {
providerLog(logger.LevelWarn, "error preparing database query %#v: %v", q, err)
sqlCommonRollbackTransaction(tx)
return err
}
defer stmt.Close()
permissions, err := user.GetPermissionsAsJSON()
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
publicKeys, err := user.GetPublicKeysAsJSON()
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
filters, err := user.GetFiltersAsJSON()
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
fsConfig, err := user.GetFsConfigAsJSON()
if err != nil {
return err
}
virtualFolders, err := user.GetVirtualFoldersAsJSON()
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
_, err = stmt.Exec(user.Username, user.Password, string(publicKeys), user.HomeDir, user.UID, user.GID, user.MaxSessions, user.QuotaSize,
user.QuotaFiles, string(permissions), user.UploadBandwidth, user.DownloadBandwidth, user.Status, user.ExpirationDate, string(filters),
string(fsConfig), string(virtualFolders))
return err
string(fsConfig))
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
err = generateVirtualFoldersMapping(user, tx)
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
return tx.Commit()
}
func sqlCommonUpdateUser(user User, dbHandle *sql.DB) error {
@ -187,37 +220,51 @@ func sqlCommonUpdateUser(user User, dbHandle *sql.DB) error {
if err != nil {
return err
}
tx, err := dbHandle.Begin()
if err != nil {
return err
}
q := getUpdateUserQuery()
stmt, err := dbHandle.Prepare(q)
stmt, err := tx.Prepare(q)
if err != nil {
providerLog(logger.LevelWarn, "error preparing database query %#v: %v", q, err)
sqlCommonRollbackTransaction(tx)
return err
}
defer stmt.Close()
permissions, err := user.GetPermissionsAsJSON()
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
publicKeys, err := user.GetPublicKeysAsJSON()
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
filters, err := user.GetFiltersAsJSON()
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
fsConfig, err := user.GetFsConfigAsJSON()
if err != nil {
return err
}
virtualFolders, err := user.GetVirtualFoldersAsJSON()
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
_, err = stmt.Exec(user.Password, string(publicKeys), user.HomeDir, user.UID, user.GID, user.MaxSessions, user.QuotaSize,
user.QuotaFiles, string(permissions), user.UploadBandwidth, user.DownloadBandwidth, user.Status, user.ExpirationDate,
string(filters), string(fsConfig), string(virtualFolders), user.ID)
return err
string(filters), string(fsConfig), user.ID)
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
err = generateVirtualFoldersMapping(user, tx)
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
return tx.Commit()
}
func sqlCommonDeleteUser(user User, dbHandle *sql.DB) error {
@ -232,8 +279,8 @@ func sqlCommonDeleteUser(user User, dbHandle *sql.DB) error {
return err
}
func sqlCommonDumpUsers(dbHandle *sql.DB) ([]User, error) {
users := []User{}
func sqlCommonDumpUsers(dbHandle sqlQuerier) ([]User, error) {
users := make([]User, 0, 100)
q := getDumpUsersQuery()
stmt, err := dbHandle.Prepare(q)
if err != nil {
@ -242,26 +289,27 @@ func sqlCommonDumpUsers(dbHandle *sql.DB) ([]User, error) {
}
defer stmt.Close()
rows, err := stmt.Query()
if err == nil {
defer rows.Close()
for rows.Next() {
u, err := getUserFromDbRow(nil, rows)
if err != nil {
return users, err
}
err = addCredentialsToUser(&u)
if err != nil {
return users, err
}
users = append(users, u)
}
if err != nil {
return users, err
}
return users, err
defer rows.Close()
for rows.Next() {
u, err := getUserFromDbRow(nil, rows)
if err != nil {
return users, err
}
err = addCredentialsToUser(&u)
if err != nil {
return users, err
}
users = append(users, u)
}
return getUsersWithVirtualFolders(users, dbHandle)
}
func sqlCommonGetUsers(limit int, offset int, order string, username string, dbHandle *sql.DB) ([]User, error) {
users := []User{}
func sqlCommonGetUsers(limit int, offset int, order string, username string, dbHandle sqlQuerier) ([]User, error) {
users := make([]User, 0, limit)
q := getUsersQuery(order, username)
stmt, err := dbHandle.Prepare(q)
if err != nil {
@ -271,23 +319,25 @@ func sqlCommonGetUsers(limit int, offset int, order string, username string, dbH
defer stmt.Close()
var rows *sql.Rows
if len(username) > 0 {
rows, err = stmt.Query(username, limit, offset) //nolint:rowserrcheck // err is checked
rows, err = stmt.Query(username, limit, offset) //nolint:rowserrcheck // rows.Err() is checked
} else {
rows, err = stmt.Query(limit, offset) //nolint:rowserrcheck // err is checked
rows, err = stmt.Query(limit, offset) //nolint:rowserrcheck // rows.Err() is checked
}
if err == nil {
defer rows.Close()
for rows.Next() {
u, err := getUserFromDbRow(nil, rows)
if err == nil {
users = append(users, HideUserSensitiveData(&u))
} else {
break
if err != nil {
return users, err
}
users = append(users, HideUserSensitiveData(&u))
}
}
return users, err
err = rows.Err()
if err != nil {
return users, err
}
return getUsersWithVirtualFolders(users, dbHandle)
}
func updateUserPermissionsFromDb(user *User, permissions string) error {
@ -316,18 +366,15 @@ func getUserFromDbRow(row *sql.Row, rows *sql.Rows) (User, error) {
var publicKey sql.NullString
var filters sql.NullString
var fsConfig sql.NullString
var virtualFolders sql.NullString
var err error
if row != nil {
err = row.Scan(&user.ID, &user.Username, &password, &publicKey, &user.HomeDir, &user.UID, &user.GID, &user.MaxSessions,
&user.QuotaSize, &user.QuotaFiles, &permissions, &user.UsedQuotaSize, &user.UsedQuotaFiles, &user.LastQuotaUpdate,
&user.UploadBandwidth, &user.DownloadBandwidth, &user.ExpirationDate, &user.LastLogin, &user.Status, &filters, &fsConfig,
&virtualFolders)
&user.UploadBandwidth, &user.DownloadBandwidth, &user.ExpirationDate, &user.LastLogin, &user.Status, &filters, &fsConfig)
} else {
err = rows.Scan(&user.ID, &user.Username, &password, &publicKey, &user.HomeDir, &user.UID, &user.GID, &user.MaxSessions,
&user.QuotaSize, &user.QuotaFiles, &permissions, &user.UsedQuotaSize, &user.UsedQuotaFiles, &user.LastQuotaUpdate,
&user.UploadBandwidth, &user.DownloadBandwidth, &user.ExpirationDate, &user.LastLogin, &user.Status, &filters, &fsConfig,
&virtualFolders)
&user.UploadBandwidth, &user.DownloadBandwidth, &user.ExpirationDate, &user.LastLogin, &user.Status, &filters, &fsConfig)
}
if err != nil {
if err == sql.ErrNoRows {
@ -368,14 +415,308 @@ func getUserFromDbRow(row *sql.Row, rows *sql.Rows) (User, error) {
user.FsConfig = fs
}
}
if virtualFolders.Valid {
var list []vfs.VirtualFolder
err = json.Unmarshal([]byte(virtualFolders.String), &list)
if err == nil {
user.VirtualFolders = list
return user, err
}
func sqlCommonCheckFolderExists(name string, dbHandle sqlQuerier) (vfs.BaseVirtualFolder, error) {
var folder vfs.BaseVirtualFolder
q := getFolderByPathQuery()
stmt, err := dbHandle.Prepare(q)
if err != nil {
providerLog(logger.LevelWarn, "error preparing database query %#v: %v", q, err)
return folder, err
}
defer stmt.Close()
row := stmt.QueryRow(name)
err = row.Scan(&folder.ID, &folder.MappedPath, &folder.UsedQuotaSize, &folder.UsedQuotaFiles, &folder.LastQuotaUpdate)
if err == sql.ErrNoRows {
return folder, &RecordNotFoundError{err: err.Error()}
}
return folder, err
}
func sqlCommonAddOrGetFolder(name string, usedQuotaSize int64, usedQuotaFiles int, lastQuotaUpdate int64, dbHandle sqlQuerier) (vfs.BaseVirtualFolder, error) {
folder, err := sqlCommonCheckFolderExists(name, dbHandle)
if _, ok := err.(*RecordNotFoundError); ok {
f := vfs.BaseVirtualFolder{
MappedPath: name,
UsedQuotaSize: usedQuotaSize,
UsedQuotaFiles: usedQuotaFiles,
LastQuotaUpdate: lastQuotaUpdate,
}
err = sqlCommonAddFolder(f, dbHandle)
if err != nil {
return folder, err
}
return sqlCommonCheckFolderExists(name, dbHandle)
}
return folder, err
}
func sqlCommonAddFolder(folder vfs.BaseVirtualFolder, dbHandle sqlQuerier) error {
err := validateFolder(&folder)
if err != nil {
return err
}
q := getAddFolderQuery()
stmt, err := dbHandle.Prepare(q)
if err != nil {
providerLog(logger.LevelWarn, "error preparing database query %#v: %v", q, err)
return err
}
defer stmt.Close()
_, err = stmt.Exec(folder.MappedPath, folder.UsedQuotaSize, folder.UsedQuotaFiles, folder.LastQuotaUpdate)
return err
}
func sqlCommonDeleteFolder(folder vfs.BaseVirtualFolder, dbHandle sqlQuerier) error {
q := getDeleteFolderQuery()
stmt, err := dbHandle.Prepare(q)
if err != nil {
providerLog(logger.LevelWarn, "error preparing database query %#v: %v", q, err)
return err
}
defer stmt.Close()
_, err = stmt.Exec(folder.ID)
return err
}
func sqlCommonDumpFolders(dbHandle sqlQuerier) ([]vfs.BaseVirtualFolder, error) {
folders := make([]vfs.BaseVirtualFolder, 0, 50)
q := getDumpFoldersQuery()
stmt, err := dbHandle.Prepare(q)
if err != nil {
providerLog(logger.LevelWarn, "error preparing database query %#v: %v", q, err)
return nil, err
}
defer stmt.Close()
rows, err := stmt.Query()
if err != nil {
return folders, err
}
defer rows.Close()
for rows.Next() {
var folder vfs.BaseVirtualFolder
err = rows.Scan(&folder.ID, &folder.MappedPath, &folder.UsedQuotaSize, &folder.UsedQuotaFiles, &folder.LastQuotaUpdate)
if err != nil {
return folders, err
}
folders = append(folders, folder)
}
err = rows.Err()
if err != nil {
return folders, err
}
return getVirtualFoldersWithUsers(folders, dbHandle)
}
func sqlCommonGetFolders(limit, offset int, order, folderPath string, dbHandle sqlQuerier) ([]vfs.BaseVirtualFolder, error) {
folders := make([]vfs.BaseVirtualFolder, 0, limit)
q := getFoldersQuery(order, folderPath)
stmt, err := dbHandle.Prepare(q)
if err != nil {
providerLog(logger.LevelWarn, "error preparing database query %#v: %v", q, err)
return nil, err
}
defer stmt.Close()
var rows *sql.Rows
if len(folderPath) > 0 {
rows, err = stmt.Query(folderPath, limit, offset) //nolint:rowserrcheck // rows.Err() is checked
} else {
rows, err = stmt.Query(limit, offset) //nolint:rowserrcheck // rows.Err() is checked
}
if err != nil {
return folders, err
}
defer rows.Close()
for rows.Next() {
var folder vfs.BaseVirtualFolder
err = rows.Scan(&folder.ID, &folder.MappedPath, &folder.UsedQuotaSize, &folder.UsedQuotaFiles, &folder.LastQuotaUpdate)
if err != nil {
return folders, err
}
folders = append(folders, folder)
}
err = rows.Err()
if err != nil {
return folders, err
}
return getVirtualFoldersWithUsers(folders, dbHandle)
}
func sqlCommonClearFolderMapping(user User, dbHandle sqlQuerier) error {
q := getClearFolderMappingQuery()
stmt, err := dbHandle.Prepare(q)
if err != nil {
providerLog(logger.LevelWarn, "error preparing database query %#v: %v", q, err)
return err
}
defer stmt.Close()
_, err = stmt.Exec(user.Username)
return err
}
func sqlCommonAddFolderMapping(user User, folder vfs.VirtualFolder, dbHandle sqlQuerier) error {
q := getAddFolderMappingQuery()
stmt, err := dbHandle.Prepare(q)
if err != nil {
providerLog(logger.LevelWarn, "error preparing database query %#v: %v", q, err)
return err
}
defer stmt.Close()
_, err = stmt.Exec(folder.VirtualPath, folder.QuotaSize, folder.QuotaFiles, folder.ID, user.Username)
return err
}
func generateVirtualFoldersMapping(user User, dbHandle sqlQuerier) error {
err := sqlCommonClearFolderMapping(user, dbHandle)
if err != nil {
return err
}
for _, vfolder := range user.VirtualFolders {
f, err := sqlCommonAddOrGetFolder(vfolder.MappedPath, 0, 0, 0, dbHandle)
if err != nil {
return err
}
vfolder.BaseVirtualFolder = f
err = sqlCommonAddFolderMapping(user, vfolder, dbHandle)
if err != nil {
return err
}
}
return user, err
return err
}
func getUserWithVirtualFolders(user User, dbHandle sqlQuerier) (User, error) {
users, err := getUsersWithVirtualFolders([]User{user}, dbHandle)
if err != nil {
return user, err
}
if len(users) == 0 {
return user, errSQLFoldersAssosaction
}
return users[0], err
}
func getUsersWithVirtualFolders(users []User, dbHandle sqlQuerier) ([]User, error) {
var err error
usersVirtualFolders := make(map[int64][]vfs.VirtualFolder)
if len(users) == 0 {
return users, err
}
q := getRelatedFoldersForUsersQuery(users)
stmt, err := dbHandle.Prepare(q)
if err != nil {
providerLog(logger.LevelWarn, "error preparing database query %#v: %v", q, err)
return nil, err
}
defer stmt.Close()
rows, err := stmt.Query()
if err != nil {
return nil, err
}
defer rows.Close()
for rows.Next() {
var folder vfs.VirtualFolder
var userID int64
err = rows.Scan(&folder.ID, &folder.MappedPath, &folder.UsedQuotaSize, &folder.UsedQuotaFiles,
&folder.LastQuotaUpdate, &folder.VirtualPath, &folder.QuotaSize, &folder.QuotaFiles, &userID)
if err != nil {
return users, err
}
usersVirtualFolders[userID] = append(usersVirtualFolders[userID], folder)
}
err = rows.Err()
if err != nil {
return users, err
}
if len(usersVirtualFolders) == 0 {
return users, err
}
for idx := range users {
ref := &users[idx]
ref.VirtualFolders = usersVirtualFolders[ref.ID]
}
return users, err
}
func getVirtualFoldersWithUsers(folders []vfs.BaseVirtualFolder, dbHandle sqlQuerier) ([]vfs.BaseVirtualFolder, error) {
var err error
vFoldersUsers := make(map[int64][]string)
if len(folders) == 0 {
return folders, err
}
q := getRelatedUsersForFoldersQuery(folders)
stmt, err := dbHandle.Prepare(q)
if err != nil {
providerLog(logger.LevelWarn, "error preparing database query %#v: %v", q, err)
return nil, err
}
defer stmt.Close()
rows, err := stmt.Query()
if err != nil {
return nil, err
}
defer rows.Close()
for rows.Next() {
var username string
var folderID int64
err = rows.Scan(&folderID, &username)
if err != nil {
return folders, err
}
vFoldersUsers[folderID] = append(vFoldersUsers[folderID], username)
}
err = rows.Err()
if err != nil {
return folders, err
}
if len(vFoldersUsers) == 0 {
return folders, err
}
for idx := range folders {
ref := &folders[idx]
ref.Users = vFoldersUsers[ref.ID]
}
return folders, err
}
func sqlCommonUpdateFolderQuota(mappedPath string, filesAdd int, sizeAdd int64, reset bool, dbHandle *sql.DB) error {
q := getUpdateFolderQuotaQuery(reset)
stmt, err := dbHandle.Prepare(q)
if err != nil {
providerLog(logger.LevelWarn, "error preparing database query %#v: %v", q, err)
return err
}
defer stmt.Close()
_, err = stmt.Exec(sizeAdd, filesAdd, utils.GetTimeAsMsSinceEpoch(time.Now()), mappedPath)
if err == nil {
providerLog(logger.LevelDebug, "quota updated for folder %#v, files increment: %v size increment: %v is reset? %v",
mappedPath, filesAdd, sizeAdd, reset)
} else {
providerLog(logger.LevelWarn, "error updating quota for folder %#v: %v", mappedPath, err)
}
return err
}
func sqlCommonGetFolderUsedQuota(mappedPath string, dbHandle *sql.DB) (int, int64, error) {
q := getQuotaFolderQuery()
stmt, err := dbHandle.Prepare(q)
if err != nil {
providerLog(logger.LevelWarn, "error preparing database query %#v: %v", q, err)
return 0, 0, err
}
defer stmt.Close()
var usedFiles int
var usedSize int64
err = stmt.QueryRow(mappedPath).Scan(&usedSize, &usedFiles)
if err != nil {
providerLog(logger.LevelWarn, "error getting quota for folder: %v, error: %v", mappedPath, err)
return 0, 0, err
}
return usedFiles, usedSize, err
}
func sqlCommonRollbackTransaction(tx *sql.Tx) {
@ -399,7 +740,7 @@ func sqlCommonGetDatabaseVersion(dbHandle *sql.DB) (schemaVersion, error) {
return result, err
}
func sqlCommonUpdateDatabaseVersion(dbHandle *sql.DB, version int) error {
func sqlCommonUpdateDatabaseVersion(dbHandle sqlQuerier, version int) error {
q := getUpdateDBVersionQuery()
stmt, err := dbHandle.Prepare(q)
if err != nil {
@ -411,14 +752,139 @@ func sqlCommonUpdateDatabaseVersion(dbHandle *sql.DB, version int) error {
return err
}
func sqlCommonUpdateDatabaseVersionWithTX(tx *sql.Tx, version int) error {
q := getUpdateDBVersionQuery()
stmt, err := tx.Prepare(q)
func sqlCommonExecSQLAndUpdateDBVersion(dbHandle *sql.DB, sql []string, newVersion int) error {
tx, err := dbHandle.Begin()
if err != nil {
providerLog(logger.LevelWarn, "error preparing database query %#v: %v", q, err)
return err
}
for _, q := range sql {
if len(strings.TrimSpace(q)) == 0 {
continue
}
_, err = tx.Exec(q)
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
}
err = sqlCommonUpdateDatabaseVersion(tx, newVersion)
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
return tx.Commit()
}
func sqlCommonGetCompatVirtualFolders(dbHandle *sql.DB) ([]userCompactVFolders, error) {
users := []userCompactVFolders{}
q := getCompatVirtualFoldersQuery()
stmt, err := dbHandle.Prepare(q)
if err != nil {
providerLog(logger.LevelWarn, "error preparing database query %#v: %v", q, err)
return nil, err
}
defer stmt.Close()
_, err = stmt.Exec(version)
rows, err := stmt.Query()
if err != nil {
return nil, err
}
defer rows.Close()
for rows.Next() {
var user userCompactVFolders
var virtualFolders sql.NullString
err = rows.Scan(&user.ID, &user.Username, &virtualFolders)
if err != nil {
return nil, err
}
if virtualFolders.Valid {
var list []virtualFoldersCompact
err = json.Unmarshal([]byte(virtualFolders.String), &list)
if err == nil && len(list) > 0 {
user.VirtualFolders = list
users = append(users, user)
}
}
}
return users, rows.Err()
}
func sqlCommonRestoreCompatVirtualFolders(users []userCompactVFolders, dbHandle sqlQuerier) ([]string, error) {
foldersToScan := []string{}
for _, user := range users {
for _, vfolder := range user.VirtualFolders {
providerLog(logger.LevelInfo, "restoring virtual folder: %+v for user %#v", vfolder, user.Username)
// -1 means included in user quota, 0 means unlimited
quotaSize := int64(-1)
quotaFiles := -1
if vfolder.ExcludeFromQuota {
quotaFiles = 0
quotaSize = 0
}
b, err := sqlCommonAddOrGetFolder(vfolder.MappedPath, 0, 0, 0, dbHandle)
if err != nil {
providerLog(logger.LevelWarn, "error restoring virtual folder for user %#v: %v", user.Username, err)
return foldersToScan, err
}
u := User{
ID: user.ID,
Username: user.Username,
}
f := vfs.VirtualFolder{
BaseVirtualFolder: b,
VirtualPath: vfolder.VirtualPath,
QuotaSize: quotaSize,
QuotaFiles: quotaFiles,
}
err = sqlCommonAddFolderMapping(u, f, dbHandle)
if err != nil {
providerLog(logger.LevelWarn, "error adding virtual folder mapping for user %#v: %v", user.Username, err)
return foldersToScan, err
}
if !utils.IsStringInSlice(vfolder.MappedPath, foldersToScan) {
foldersToScan = append(foldersToScan, vfolder.MappedPath)
}
providerLog(logger.LevelInfo, "virtual folder: %+v for user %#v successfully restored", vfolder, user.Username)
}
}
return foldersToScan, nil
}
func sqlCommonUpdateDatabaseFrom3To4(sqlV4 string, dbHandle *sql.DB) error {
providerLog(logger.LevelInfo, "updating database version: 3 -> 4")
users, err := sqlCommonGetCompatVirtualFolders(dbHandle)
if err != nil {
return err
}
sql := strings.ReplaceAll(sqlV4, "{{users}}", sqlTableUsers)
sql = strings.ReplaceAll(sql, "{{folders}}", sqlTableFolders)
sql = strings.ReplaceAll(sql, "{{folders_mapping}}", sqlTableFoldersMapping)
tx, err := dbHandle.Begin()
if err != nil {
return err
}
for _, q := range strings.Split(sql, ";") {
if len(strings.TrimSpace(q)) == 0 {
continue
}
_, err = tx.Exec(q)
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
}
foldersToScan, err := sqlCommonRestoreCompatVirtualFolders(users, tx)
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
err = sqlCommonUpdateDatabaseVersion(tx, 4)
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
err = tx.Commit()
if err == nil {
go updateVFoldersQuotaAfterRestore(foldersToScan)
}
return err
}

View file

@ -13,6 +13,7 @@ import (
"github.com/drakkan/sftpgo/logger"
"github.com/drakkan/sftpgo/utils"
"github.com/drakkan/sftpgo/vfs"
)
const (
@ -23,9 +24,9 @@ NOT NULL UNIQUE, "password" varchar(255) NULL, "public_keys" text NULL, "home_di
"last_quota_update" bigint NOT NULL, "upload_bandwidth" integer NOT NULL, "download_bandwidth" integer NOT NULL,
"expiration_date" bigint NOT NULL, "last_login" bigint NOT NULL, "status" integer NOT NULL, "filters" text NULL,
"filesystem" text NULL);`
sqliteSchemaTableSQL = `CREATE TABLE "schema_version" ("id" integer NOT NULL PRIMARY KEY AUTOINCREMENT, "version" integer NOT NULL);`
sqliteUsersV2SQL = `ALTER TABLE "{{users}}" ADD COLUMN "virtual_folders" text NULL;`
sqliteUsersV3SQL = `CREATE TABLE "new__users" ("id" integer NOT NULL PRIMARY KEY AUTOINCREMENT, "username" varchar(255) NOT NULL UNIQUE,
sqliteSchemaTableSQL = `CREATE TABLE "{{schema_version}}" ("id" integer NOT NULL PRIMARY KEY AUTOINCREMENT, "version" integer NOT NULL);`
sqliteV2SQL = `ALTER TABLE "{{users}}" ADD COLUMN "virtual_folders" text NULL;`
sqliteV3SQL = `CREATE TABLE "new__users" ("id" integer NOT NULL PRIMARY KEY AUTOINCREMENT, "username" varchar(255) NOT NULL UNIQUE,
"password" text NULL, "public_keys" text NULL, "home_dir" varchar(255) NOT NULL, "uid" integer NOT NULL,
"gid" integer NOT NULL, "max_sessions" integer NOT NULL, "quota_size" bigint NOT NULL, "quota_files" integer NOT NULL,
"permissions" text NOT NULL, "used_quota_size" bigint NOT NULL, "used_quota_files" integer NOT NULL, "last_quota_update" bigint NOT NULL,
@ -39,6 +40,27 @@ INSERT INTO "new__users" ("id", "username", "public_keys", "home_dir", "uid", "g
"password" FROM "{{users}}";
DROP TABLE "{{users}}";
ALTER TABLE "new__users" RENAME TO "{{users}}";`
sqliteV4SQL = `CREATE TABLE "{{folders}}" ("id" integer NOT NULL PRIMARY KEY AUTOINCREMENT, "path" varchar(512) NOT NULL UNIQUE,
"used_quota_size" bigint NOT NULL, "used_quota_files" integer NOT NULL, "last_quota_update" bigint NOT NULL);
CREATE TABLE "{{folders_mapping}}" ("id" integer NOT NULL PRIMARY KEY AUTOINCREMENT, "virtual_path" varchar(512) NOT NULL,
"quota_size" bigint NOT NULL, "quota_files" integer NOT NULL, "folder_id" integer NOT NULL REFERENCES "{{folders}}" ("id")
ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED, "user_id" integer NOT NULL REFERENCES "{{users}}" ("id") ON DELETE CASCADE DEFERRABLE INITIALLY DEFERRED,
CONSTRAINT "unique_mapping" UNIQUE ("user_id", "folder_id"));
CREATE TABLE "new__users" ("id" integer NOT NULL PRIMARY KEY AUTOINCREMENT, "username" varchar(255) NOT NULL UNIQUE, "password" text NULL,
"public_keys" text NULL, "home_dir" varchar(512) NOT NULL, "uid" integer NOT NULL, "gid" integer NOT NULL, "max_sessions" integer NOT NULL,
"quota_size" bigint NOT NULL, "quota_files" integer NOT NULL, "permissions" text NOT NULL, "used_quota_size" bigint NOT NULL,
"used_quota_files" integer NOT NULL, "last_quota_update" bigint NOT NULL, "upload_bandwidth" integer NOT NULL, "download_bandwidth" integer NOT NULL,
"expiration_date" bigint NOT NULL, "last_login" bigint NOT NULL, "status" integer NOT NULL, "filters" text NULL, "filesystem" text NULL);
INSERT INTO "new__users" ("id", "username", "password", "public_keys", "home_dir", "uid", "gid", "max_sessions", "quota_size", "quota_files",
"permissions", "used_quota_size", "used_quota_files", "last_quota_update", "upload_bandwidth", "download_bandwidth", "expiration_date",
"last_login", "status", "filters", "filesystem") SELECT "id", "username", "password", "public_keys", "home_dir", "uid", "gid", "max_sessions",
"quota_size", "quota_files", "permissions", "used_quota_size", "used_quota_files", "last_quota_update", "upload_bandwidth", "download_bandwidth",
"expiration_date", "last_login", "status", "filters", "filesystem" FROM "{{users}}";
DROP TABLE "{{users}}";
ALTER TABLE "new__users" RENAME TO "{{users}}";
CREATE INDEX "folders_mapping_folder_id_idx" ON "{{folders_mapping}}" ("folder_id");
CREATE INDEX "folders_mapping_user_id_idx" ON "{{folders_mapping}}" ("user_id");
`
)
// SQLiteProvider auth provider for SQLite database
@ -62,7 +84,7 @@ func initializeSQLiteProvider(basePath string) error {
if !filepath.IsAbs(dbPath) {
dbPath = filepath.Join(basePath, dbPath)
}
connectionString = fmt.Sprintf("file:%v?cache=shared", dbPath)
connectionString = fmt.Sprintf("file:%v?cache=shared&_foreign_keys=1", dbPath)
} else {
connectionString = config.ConnectionString
}
@ -98,14 +120,14 @@ func (p SQLiteProvider) updateQuota(username string, filesAdd int, sizeAdd int64
return sqlCommonUpdateQuota(username, filesAdd, sizeAdd, reset, p.dbHandle)
}
func (p SQLiteProvider) updateLastLogin(username string) error {
return sqlCommonUpdateLastLogin(username, p.dbHandle)
}
func (p SQLiteProvider) getUsedQuota(username string) (int, int64, error) {
return sqlCommonGetUsedQuota(username, p.dbHandle)
}
func (p SQLiteProvider) updateLastLogin(username string) error {
return sqlCommonUpdateLastLogin(username, p.dbHandle)
}
func (p SQLiteProvider) userExists(username string) (User, error) {
return sqlCommonCheckUserExists(username, p.dbHandle)
}
@ -130,6 +152,34 @@ func (p SQLiteProvider) getUsers(limit int, offset int, order string, username s
return sqlCommonGetUsers(limit, offset, order, username, p.dbHandle)
}
func (p SQLiteProvider) dumpFolders() ([]vfs.BaseVirtualFolder, error) {
return sqlCommonDumpFolders(p.dbHandle)
}
func (p SQLiteProvider) getFolders(limit, offset int, order, folderPath string) ([]vfs.BaseVirtualFolder, error) {
return sqlCommonGetFolders(limit, offset, order, folderPath, p.dbHandle)
}
func (p SQLiteProvider) getFolderByPath(mappedPath string) (vfs.BaseVirtualFolder, error) {
return sqlCommonCheckFolderExists(mappedPath, p.dbHandle)
}
func (p SQLiteProvider) addFolder(folder vfs.BaseVirtualFolder) error {
return sqlCommonAddFolder(folder, p.dbHandle)
}
func (p SQLiteProvider) deleteFolder(folder vfs.BaseVirtualFolder) error {
return sqlCommonDeleteFolder(folder, p.dbHandle)
}
func (p SQLiteProvider) updateFolderQuota(mappedPath string, filesAdd int, sizeAdd int64, reset bool) error {
return sqlCommonUpdateFolderQuota(mappedPath, filesAdd, sizeAdd, reset, p.dbHandle)
}
func (p SQLiteProvider) getUsedFolderQuota(mappedPath string) (int, int64, error) {
return sqlCommonGetFolderUsedQuota(mappedPath, p.dbHandle)
}
func (p SQLiteProvider) close() error {
return p.dbHandle.Close()
}
@ -140,10 +190,27 @@ func (p SQLiteProvider) reloadConfig() error {
// initializeDatabase creates the initial database structure
func (p SQLiteProvider) initializeDatabase() error {
sqlUsers := strings.Replace(sqliteUsersTableSQL, "{{users}}", config.UsersTable, 1)
sql := sqlUsers + " " + sqliteSchemaTableSQL + " " + initialDBVersionSQL
_, err := p.dbHandle.Exec(sql)
return err
sqlUsers := strings.Replace(sqliteUsersTableSQL, "{{users}}", sqlTableUsers, 1)
tx, err := p.dbHandle.Begin()
if err != nil {
return err
}
_, err = tx.Exec(sqlUsers)
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
_, err = tx.Exec(strings.Replace(sqliteSchemaTableSQL, "{{schema_version}}", sqlTableSchemaVersion, 1))
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
_, err = tx.Exec(strings.Replace(initialDBVersionSQL, "{{schema_version}}", sqlTableSchemaVersion, 1))
if err != nil {
sqlCommonRollbackTransaction(tx)
return err
}
return tx.Commit()
}
func (p SQLiteProvider) migrateDatabase() error {
@ -161,9 +228,19 @@ func (p SQLiteProvider) migrateDatabase() error {
if err != nil {
return err
}
return updateSQLiteDatabaseFrom2To3(p.dbHandle)
err = updateSQLiteDatabaseFrom2To3(p.dbHandle)
if err != nil {
return err
}
return updateSQLiteDatabaseFrom3To4(p.dbHandle)
case 2:
return updateSQLiteDatabaseFrom2To3(p.dbHandle)
err = updateSQLiteDatabaseFrom2To3(p.dbHandle)
if err != nil {
return err
}
return updateSQLiteDatabaseFrom3To4(p.dbHandle)
case 3:
return updateSQLiteDatabaseFrom3To4(p.dbHandle)
default:
return fmt.Errorf("Database version not handled: %v", dbVersion.Version)
}
@ -171,20 +248,16 @@ func (p SQLiteProvider) migrateDatabase() error {
func updateSQLiteDatabaseFrom1To2(dbHandle *sql.DB) error {
providerLog(logger.LevelInfo, "updating database version: 1 -> 2")
sql := strings.Replace(sqliteUsersV2SQL, "{{users}}", config.UsersTable, 1)
_, err := dbHandle.Exec(sql)
if err != nil {
return err
}
return sqlCommonUpdateDatabaseVersion(dbHandle, 2)
sql := strings.Replace(sqliteV2SQL, "{{users}}", sqlTableUsers, 1)
return sqlCommonExecSQLAndUpdateDBVersion(dbHandle, []string{sql}, 2)
}
func updateSQLiteDatabaseFrom2To3(dbHandle *sql.DB) error {
providerLog(logger.LevelInfo, "updating database version: 2 -> 3")
sql := strings.ReplaceAll(sqliteUsersV3SQL, "{{users}}", config.UsersTable)
_, err := dbHandle.Exec(sql)
if err != nil {
return err
}
return sqlCommonUpdateDatabaseVersion(dbHandle, 3)
sql := strings.ReplaceAll(sqliteV3SQL, "{{users}}", sqlTableUsers)
return sqlCommonExecSQLAndUpdateDBVersion(dbHandle, []string{sql}, 3)
}
func updateSQLiteDatabaseFrom3To4(dbHandle *sql.DB) error {
return sqlCommonUpdateDatabaseFrom3To4(sqliteV4SQL, dbHandle)
}

View file

@ -1,11 +1,17 @@
package dataprovider
import "fmt"
import (
"fmt"
"strconv"
"strings"
"github.com/drakkan/sftpgo/vfs"
)
const (
selectUserFields = "id,username,password,public_keys,home_dir,uid,gid,max_sessions,quota_size,quota_files,permissions,used_quota_size," +
"used_quota_files,last_quota_update,upload_bandwidth,download_bandwidth,expiration_date,last_login,status,filters,filesystem," +
"virtual_folders"
"used_quota_files,last_quota_update,upload_bandwidth,download_bandwidth,expiration_date,last_login,status,filters,filesystem"
selectFolderFields = "id,path,used_quota_size,used_quota_files,last_quota_update"
)
func getSQLPlaceholders() []string {
@ -21,71 +27,160 @@ func getSQLPlaceholders() []string {
}
func getUserByUsernameQuery() string {
return fmt.Sprintf(`SELECT %v FROM %v WHERE username = %v`, selectUserFields, config.UsersTable, sqlPlaceholders[0])
return fmt.Sprintf(`SELECT %v FROM %v WHERE username = %v`, selectUserFields, sqlTableUsers, sqlPlaceholders[0])
}
func getUserByIDQuery() string {
return fmt.Sprintf(`SELECT %v FROM %v WHERE id = %v`, selectUserFields, config.UsersTable, sqlPlaceholders[0])
return fmt.Sprintf(`SELECT %v FROM %v WHERE id = %v`, selectUserFields, sqlTableUsers, sqlPlaceholders[0])
}
func getUsersQuery(order string, username string) string {
if len(username) > 0 {
return fmt.Sprintf(`SELECT %v FROM %v WHERE username = %v ORDER BY username %v LIMIT %v OFFSET %v`,
selectUserFields, config.UsersTable, sqlPlaceholders[0], order, sqlPlaceholders[1], sqlPlaceholders[2])
selectUserFields, sqlTableUsers, sqlPlaceholders[0], order, sqlPlaceholders[1], sqlPlaceholders[2])
}
return fmt.Sprintf(`SELECT %v FROM %v ORDER BY username %v LIMIT %v OFFSET %v`, selectUserFields, config.UsersTable,
return fmt.Sprintf(`SELECT %v FROM %v ORDER BY username %v LIMIT %v OFFSET %v`, selectUserFields, sqlTableUsers,
order, sqlPlaceholders[0], sqlPlaceholders[1])
}
func getDumpUsersQuery() string {
return fmt.Sprintf(`SELECT %v FROM %v`, selectUserFields, config.UsersTable)
return fmt.Sprintf(`SELECT %v FROM %v`, selectUserFields, sqlTableUsers)
}
func getDumpFoldersQuery() string {
return fmt.Sprintf(`SELECT %v FROM %v`, selectFolderFields, sqlTableFolders)
}
func getUpdateQuotaQuery(reset bool) string {
if reset {
return fmt.Sprintf(`UPDATE %v SET used_quota_size = %v,used_quota_files = %v,last_quota_update = %v
WHERE username = %v`, config.UsersTable, sqlPlaceholders[0], sqlPlaceholders[1], sqlPlaceholders[2], sqlPlaceholders[3])
WHERE username = %v`, sqlTableUsers, sqlPlaceholders[0], sqlPlaceholders[1], sqlPlaceholders[2], sqlPlaceholders[3])
}
return fmt.Sprintf(`UPDATE %v SET used_quota_size = used_quota_size + %v,used_quota_files = used_quota_files + %v,last_quota_update = %v
WHERE username = %v`, config.UsersTable, sqlPlaceholders[0], sqlPlaceholders[1], sqlPlaceholders[2], sqlPlaceholders[3])
WHERE username = %v`, sqlTableUsers, sqlPlaceholders[0], sqlPlaceholders[1], sqlPlaceholders[2], sqlPlaceholders[3])
}
func getUpdateLastLoginQuery() string {
return fmt.Sprintf(`UPDATE %v SET last_login = %v WHERE username = %v`, config.UsersTable, sqlPlaceholders[0], sqlPlaceholders[1])
return fmt.Sprintf(`UPDATE %v SET last_login = %v WHERE username = %v`, sqlTableUsers, sqlPlaceholders[0], sqlPlaceholders[1])
}
func getQuotaQuery() string {
return fmt.Sprintf(`SELECT used_quota_size,used_quota_files FROM %v WHERE username = %v`, config.UsersTable,
return fmt.Sprintf(`SELECT used_quota_size,used_quota_files FROM %v WHERE username = %v`, sqlTableUsers,
sqlPlaceholders[0])
}
func getAddUserQuery() string {
return fmt.Sprintf(`INSERT INTO %v (username,password,public_keys,home_dir,uid,gid,max_sessions,quota_size,quota_files,permissions,
used_quota_size,used_quota_files,last_quota_update,upload_bandwidth,download_bandwidth,status,last_login,expiration_date,filters,
filesystem,virtual_folders)
VALUES (%v,%v,%v,%v,%v,%v,%v,%v,%v,%v,0,0,0,%v,%v,%v,0,%v,%v,%v,%v)`, config.UsersTable, sqlPlaceholders[0], sqlPlaceholders[1],
filesystem)
VALUES (%v,%v,%v,%v,%v,%v,%v,%v,%v,%v,0,0,0,%v,%v,%v,0,%v,%v,%v)`, sqlTableUsers, sqlPlaceholders[0], sqlPlaceholders[1],
sqlPlaceholders[2], sqlPlaceholders[3], sqlPlaceholders[4], sqlPlaceholders[5], sqlPlaceholders[6], sqlPlaceholders[7],
sqlPlaceholders[8], sqlPlaceholders[9], sqlPlaceholders[10], sqlPlaceholders[11], sqlPlaceholders[12], sqlPlaceholders[13],
sqlPlaceholders[14], sqlPlaceholders[15], sqlPlaceholders[16])
sqlPlaceholders[14], sqlPlaceholders[15])
}
func getUpdateUserQuery() string {
return fmt.Sprintf(`UPDATE %v SET password=%v,public_keys=%v,home_dir=%v,uid=%v,gid=%v,max_sessions=%v,quota_size=%v,
quota_files=%v,permissions=%v,upload_bandwidth=%v,download_bandwidth=%v,status=%v,expiration_date=%v,filters=%v,filesystem=%v,
virtual_folders=%v WHERE id = %v`, config.UsersTable, sqlPlaceholders[0], sqlPlaceholders[1], sqlPlaceholders[2], sqlPlaceholders[3],
quota_files=%v,permissions=%v,upload_bandwidth=%v,download_bandwidth=%v,status=%v,expiration_date=%v,filters=%v,filesystem=%v
WHERE id = %v`, sqlTableUsers, sqlPlaceholders[0], sqlPlaceholders[1], sqlPlaceholders[2], sqlPlaceholders[3],
sqlPlaceholders[4], sqlPlaceholders[5], sqlPlaceholders[6], sqlPlaceholders[7], sqlPlaceholders[8], sqlPlaceholders[9],
sqlPlaceholders[10], sqlPlaceholders[11], sqlPlaceholders[12], sqlPlaceholders[13], sqlPlaceholders[14], sqlPlaceholders[15],
sqlPlaceholders[16])
sqlPlaceholders[10], sqlPlaceholders[11], sqlPlaceholders[12], sqlPlaceholders[13], sqlPlaceholders[14], sqlPlaceholders[15])
}
func getDeleteUserQuery() string {
return fmt.Sprintf(`DELETE FROM %v WHERE id = %v`, config.UsersTable, sqlPlaceholders[0])
return fmt.Sprintf(`DELETE FROM %v WHERE id = %v`, sqlTableUsers, sqlPlaceholders[0])
}
func getFolderByPathQuery() string {
return fmt.Sprintf(`SELECT %v FROM %v WHERE path = %v`, selectFolderFields, sqlTableFolders, sqlPlaceholders[0])
}
func getAddFolderQuery() string {
return fmt.Sprintf(`INSERT INTO %v (path,used_quota_size,used_quota_files,last_quota_update) VALUES (%v,%v,%v,%v)`,
sqlTableFolders, sqlPlaceholders[0], sqlPlaceholders[1], sqlPlaceholders[2], sqlPlaceholders[3])
}
func getDeleteFolderQuery() string {
return fmt.Sprintf(`DELETE FROM %v WHERE id = %v`, sqlTableFolders, sqlPlaceholders[0])
}
func getClearFolderMappingQuery() string {
return fmt.Sprintf(`DELETE FROM %v WHERE user_id = (SELECT id FROM %v WHERE username = %v)`, sqlTableFoldersMapping,
sqlTableUsers, sqlPlaceholders[0])
}
func getAddFolderMappingQuery() string {
return fmt.Sprintf(`INSERT INTO %v (virtual_path,quota_size,quota_files,folder_id,user_id)
VALUES (%v,%v,%v,%v,(SELECT id FROM %v WHERE username = %v))`, sqlTableFoldersMapping, sqlPlaceholders[0],
sqlPlaceholders[1], sqlPlaceholders[2], sqlPlaceholders[3], sqlTableUsers, sqlPlaceholders[4])
}
func getFoldersQuery(order, folderPath string) string {
if len(folderPath) > 0 {
return fmt.Sprintf(`SELECT %v FROM %v WHERE path = %v ORDER BY path %v LIMIT %v OFFSET %v`,
selectFolderFields, sqlTableFolders, sqlPlaceholders[0], order, sqlPlaceholders[1], sqlPlaceholders[2])
}
return fmt.Sprintf(`SELECT %v FROM %v ORDER BY path %v LIMIT %v OFFSET %v`, selectFolderFields, sqlTableFolders,
order, sqlPlaceholders[0], sqlPlaceholders[1])
}
func getUpdateFolderQuotaQuery(reset bool) string {
if reset {
return fmt.Sprintf(`UPDATE %v SET used_quota_size = %v,used_quota_files = %v,last_quota_update = %v
WHERE path = %v`, sqlTableFolders, sqlPlaceholders[0], sqlPlaceholders[1], sqlPlaceholders[2], sqlPlaceholders[3])
}
return fmt.Sprintf(`UPDATE %v SET used_quota_size = used_quota_size + %v,used_quota_files = used_quota_files + %v,last_quota_update = %v
WHERE path = %v`, sqlTableFolders, sqlPlaceholders[0], sqlPlaceholders[1], sqlPlaceholders[2], sqlPlaceholders[3])
}
func getQuotaFolderQuery() string {
return fmt.Sprintf(`SELECT used_quota_size,used_quota_files FROM %v WHERE path = %v`, sqlTableFolders,
sqlPlaceholders[0])
}
func getRelatedFoldersForUsersQuery(users []User) string {
var sb strings.Builder
for _, u := range users {
if sb.Len() == 0 {
sb.WriteString("(")
} else {
sb.WriteString(",")
}
sb.WriteString(strconv.FormatInt(u.ID, 10))
}
if sb.Len() > 0 {
sb.WriteString(")")
}
return fmt.Sprintf(`SELECT f.id,f.path,f.used_quota_size,f.used_quota_files,f.last_quota_update,fm.virtual_path,fm.quota_size,fm.quota_files,fm.user_id
FROM %v f INNER JOIN %v fm ON f.id = fm.folder_id WHERE fm.user_id IN %v ORDER BY fm.user_id`, sqlTableFolders,
sqlTableFoldersMapping, sb.String())
}
func getRelatedUsersForFoldersQuery(folders []vfs.BaseVirtualFolder) string {
var sb strings.Builder
for _, f := range folders {
if sb.Len() == 0 {
sb.WriteString("(")
} else {
sb.WriteString(",")
}
sb.WriteString(strconv.FormatInt(f.ID, 10))
}
if sb.Len() > 0 {
sb.WriteString(")")
}
return fmt.Sprintf(`SELECT fm.folder_id,u.username FROM %v fm INNER JOIN %v u ON fm.user_id = u.id
WHERE fm.folder_id IN %v ORDER BY fm.folder_id`, sqlTableFoldersMapping, sqlTableUsers, sb.String())
}
func getDatabaseVersionQuery() string {
return "SELECT version from schema_version LIMIT 1"
return fmt.Sprintf("SELECT version from %v LIMIT 1", sqlTableSchemaVersion)
}
func getUpdateDBVersionQuery() string {
return fmt.Sprintf(`UPDATE schema_version SET version=%v`, sqlPlaceholders[0])
return fmt.Sprintf(`UPDATE %v SET version=%v`, sqlTableSchemaVersion, sqlPlaceholders[0])
}
func getCompatVirtualFoldersQuery() string {
return fmt.Sprintf(`SELECT id,username,virtual_folders FROM %v`, sqlTableUsers)
}

View file

@ -2,6 +2,7 @@ package dataprovider
import (
"encoding/json"
"errors"
"fmt"
"net"
"os"
@ -54,6 +55,10 @@ const (
SSHLoginMethodKeyAndKeyboardInt = "publickey+keyboard-interactive"
)
var (
errNoMatchingVirtualFolder = errors.New("no matching virtual folder found")
)
// ExtensionsFilter defines filters based on file extensions.
// These restrictions do not apply to files listing for performance reasons, so
// a denied file cannot be downloaded/overwritten/renamed but will still be
@ -121,7 +126,8 @@ type User struct {
PublicKeys []string `json:"public_keys,omitempty"`
// The user cannot upload or download files outside this directory. Must be an absolute path
HomeDir string `json:"home_dir"`
// Mapping between virtual paths and filesystem paths outside the home directory. Supported for local filesystem only
// Mapping between virtual paths and filesystem paths outside the home directory.
// Supported for local filesystem only
VirtualFolders []vfs.VirtualFolder `json:"virtual_folders,omitempty"`
// If sftpgo runs as root system user then the created files and directories will be assigned to this system UID
UID int `json:"uid"`
@ -191,20 +197,22 @@ func (u *User) GetPermissionsForPath(p string) []string {
return permissions
}
// IsFileExcludedFromQuota returns true if the file must be excluded from quota usage
func (u *User) IsFileExcludedFromQuota(sftpPath string) bool {
// GetVirtualFolderForPath returns the virtual folder containing the specified sftp path.
// If the path is not inside a virtual folder an error is returned
func (u *User) GetVirtualFolderForPath(sftpPath string) (vfs.VirtualFolder, error) {
var folder vfs.VirtualFolder
if len(u.VirtualFolders) == 0 || u.FsConfig.Provider != 0 {
return false
return folder, errNoMatchingVirtualFolder
}
dirsForPath := utils.GetDirsForSFTPPath(path.Dir(sftpPath))
for _, val := range dirsForPath {
for _, v := range u.VirtualFolders {
if v.VirtualPath == val {
return v.ExcludeFromQuota
return v, nil
}
}
}
return false
return folder, errNoMatchingVirtualFolder
}
// AddVirtualDirs adds virtual folders, if defined, to the given files list
@ -241,6 +249,19 @@ func (u *User) IsVirtualFolder(sftpPath string) bool {
return false
}
// HasVirtualFoldersInside return true if there are virtual folders inside the
// specified SFTP path. We assume that path are cleaned
func (u *User) HasVirtualFoldersInside(sftpPath string) bool {
for _, v := range u.VirtualFolders {
if len(v.VirtualPath) > len(sftpPath) {
if strings.HasPrefix(v.VirtualPath, sftpPath+"/") {
return true
}
}
}
return false
}
// HasPerm returns true if the user has the given permission or any permission
func (u *User) HasPerm(permission, path string) bool {
perms := u.GetPermissionsForPath(path)
@ -264,6 +285,14 @@ func (u *User) HasPerms(permissions []string, path string) bool {
return true
}
// HasNoQuotaRestrictions returns true if no quota restrictions need to be applyed
func (u *User) HasNoQuotaRestrictions(checkFiles bool) bool {
if u.QuotaSize == 0 && (!checkFiles || u.QuotaFiles == 0) {
return true
}
return false
}
// IsLoginMethodAllowed returns true if the specified login method is allowed
func (u *User) IsLoginMethodAllowed(loginMethod string, partialSuccessMethods []string) bool {
if len(u.Filters.DeniedLoginMethods) == 0 {
@ -421,11 +450,6 @@ func (u *User) GetFsConfigAsJSON() ([]byte, error) {
return json.Marshal(u.FsConfig)
}
// GetVirtualFoldersAsJSON returns the virtual folders as json byte array
func (u *User) GetVirtualFoldersAsJSON() ([]byte, error) {
return json.Marshal(u.VirtualFolders)
}
// GetUID returns a validate uid, suitable for use with os.Chown
func (u *User) GetUID() int {
if u.UID <= 0 || u.UID > 65535 {

View file

@ -15,7 +15,7 @@ sudo groupadd -g 1003 sftpgrp && \
# Get and build SFTPGo image.
# Add --build-arg TAG=LATEST to build the latest tag or e.g. TAG=0.9.6 for a specific tag/commit.
# Add --build-arg FEATURES=<build features comma separated> to specify the feature to build.
# Add --build-arg FEATURES=<build features comma separated> to specify the features to build.
git clone https://github.com/drakkan/sftpgo.git && \
cd sftpgo && \
sudo docker build -t sftpgo docker/sftpgo/alpine/

View file

@ -8,7 +8,7 @@ For each account, the following properties can be configured:
- `status` 1 means "active", 0 "inactive". An inactive account cannot login.
- `expiration_date` expiration date as unix timestamp in milliseconds. An expired account cannot login. 0 means no expiration.
- `home_dir` the user cannot upload or download files outside this directory. Must be an absolute path. A local home directory is required for Cloud Storage Backends too: in this case it will store temporary files.
- `virtual_folders` list of mappings between virtual SFTP/SCP paths and local filesystem paths outside the user home directory. The specified paths must be absolute and the virtual path cannot be "/", it must be a sub directory. The parent directory for the specified virtual path must exist. SFTPGo will try to automatically create any missing parent directory for the configured virtual folders at user login. For each mapping you can configure if the folder will be included or not in user quota limit.
- `virtual_folders` list of mappings between virtual SFTP/SCP paths and local filesystem paths outside the user home directory. More information can be found [here](./virtual-folders.md)
- `uid`, `gid`. If SFTPGo runs as root system user then the created files and directories will be assigned to this system uid/gid. Ignored on windows or if SFTPGo runs as non root user: in this case files and directories for all SFTP users will be owned by the system user that runs SFTPGo.
- `max_sessions` maximum concurrent sessions. 0 means unlimited.
- `quota_size` maximum size allowed as bytes. 0 means unlimited.
@ -47,14 +47,14 @@ For each account, the following properties can be configured:
- `s3_access_secret`, if provided it is stored encrypted (AES-256-GCM). You can leave access key and access secret blank to use credentials from environment
- `s3_endpoint`, specifies a S3 endpoint (server) different from AWS. It is not required if you are connecting to AWS
- `s3_storage_class`, leave blank to use the default or specify a valid AWS [storage class](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html)
- `s3_key_prefix`, allows to restrict access to the virtual folder identified by this prefix and its contents
- `s3_key_prefix`, allows to restrict access to the folder identified by this prefix and its contents
- `s3_upload_part_size`, the buffer size for multipart uploads (MB). Zero means the default (5 MB). Minimum is 5
- `s3_upload_concurrency` how many parts are uploaded in parallel
- `gcs_bucket`, required for GCS filesystem
- `gcs_credentials`, Google Cloud Storage JSON credentials base64 encoded
- `gcs_automatic_credentials`, integer. Set to 1 to use Application Default Credentials strategy or set to 0 to use explicit credentials via `gcs_credentials`
- `gcs_storage_class`
- `gcs_key_prefix`, allows to restrict access to the virtual folder identified by this prefix and its contents
- `gcs_key_prefix`, allows to restrict access to the folder identified by this prefix and its contents
These properties are stored inside the data provider.

View file

@ -84,12 +84,12 @@ The configuration file contains the following sections:
- `password`, string. Database password. Leave empty for drivers `sqlite`, `bolt` and `memory`
- `sslmode`, integer. Used for drivers `mysql` and `postgresql`. 0 disable SSL/TLS connections, 1 require ssl, 2 set ssl mode to `verify-ca` for driver `postgresql` and `skip-verify` for driver `mysql`, 3 set ssl mode to `verify-full` for driver `postgresql` and `preferred` for driver `mysql`
- `connectionstring`, string. Provide a custom database connection string. If not empty, this connection string will be used instead of building one using the previous parameters. Leave empty for drivers `bolt` and `memory`
- `users_table`, string. Database table for SFTP users
- `sql_tables_prefix`, string. Prefix for SQL tables
- `manage_users`, integer. Set to 0 to disable users management, 1 to enable
- `track_quota`, integer. Set the preferred mode to track users quota between the following choices:
- 0, disable quota tracking. REST API to scan user dir and update quota will do nothing
- 0, disable quota tracking. REST API to scan users home directories/virtual folders and update quota will do nothing
- 1, quota is updated each time a user uploads or deletes a file, even if the user has no quota restrictions
- 2, quota is updated each time a user uploads or deletes a file, but only for users with quota restrictions. With this configuration, the "quota scan" REST API can still be used to periodically update space usage for users without quota restrictions
- 2, quota is updated each time a user uploads or deletes a file, but only for users with quota restrictions and for virtual folders. With this configuration, the `quota scan` and `folder_quota_scan` REST API can still be used to periodically update space usage for users without quota restrictions and for folders
- `pool_size`, integer. Sets the maximum number of open connections for `mysql` and `postgresql` driver. Default 0 (unlimited)
- `users_base_dir`, string. Users default base directory. If no home dir is defined while adding a new user, and this value is a valid absolute path, then the user home dir will be automatically defined as the path obtained joining the base dir and the username
- `actions`, struct. It contains the command to execute and/or the HTTP URL to notify and the trigger conditions. See the "Custom Actions" paragraph for more details

View file

@ -2,7 +2,7 @@
To connect SFTPGo to Google Cloud Storage you can use use the Application Default Credentials (ADC) strategy to try to find your application's credentials automatically or you can explicitly provide a JSON credentials file that you can obtain from the Google Cloud Console. Take a look [here](https://cloud.google.com/docs/authentication/production#providing_credentials_to_your_application) for details.
Specifying a different `key_prefix`, you can assign different virtual folders of the same bucket to different users. This is similar to a chroot directory for local filesystem. Each SFTP/SCP user can only access the assigned virtual folder and its contents. The virtual folder identified by `key_prefix` does not need to be pre-created.
Specifying a different `key_prefix`, you can assign different "folders" of the same bucket to different users. This is similar to a chroot directory for local filesystem. Each SFTP/SCP user can only access the assigned folder and its contents. The folder identified by `key_prefix` does not need to be pre-created.
You can optionally specify a [storage class](https://cloud.google.com/storage/docs/storage-classes) too. Leave it blank to use the default storage class.

View file

@ -11,7 +11,7 @@ So, you need to provide access keys to activate option 1, or leave them blank to
Most S3 backends require HTTPS connections so if you are running SFTPGo as docker image please be sure to uncomment the line that install `ca-certificates`, inside your `Dockerfile`, to be able to properly verify certificate authorities.
Specifying a different `key_prefix`, you can assign different virtual folders of the same bucket to different users. This is similar to a chroot directory for local filesystem. Each SFTP/SCP user can only access the assigned virtual folder and its contents. The virtual folder identified by `key_prefix` does not need to be pre-created.
Specifying a different `key_prefix`, you can assign different "folders" of the same bucket to different users. This is similar to a chroot directory for local filesystem. Each SFTP/SCP user can only access the assigned folder and its contents. The folder identified by `key_prefix` does not need to be pre-created.
SFTPGo uses multipart uploads and parallel downloads for storing and retrieving files from S3.

View file

@ -140,7 +140,7 @@ Output:
Command:
```
python sftpgo_api_cli.py update-user 9576 test_username --password "test_pwd" --home-dir="/tmp/test_home_dir" --uid 0 --gid 33 --max-sessions 3 --quota-size 0 --quota-files 4 --permissions "*" --subdirs-permissions "/dir1::list,download,create_symlinks" --upload-bandwidth 90 --download-bandwidth 80 --status 1 --expiration-date "" --allowed-ip "" --denied-ip "192.168.1.0/24" --denied-login-methods "" --fs local --virtual-folders "/vdir1::/tmp/mapped1" "/vdir2::/tmp/mapped2::1" --allowed-extensions "" --denied-extensions ""
python sftpgo_api_cli.py update-user 9576 test_username --password "test_pwd" --home-dir="/tmp/test_home_dir" --uid 0 --gid 33 --max-sessions 3 --quota-size 0 --quota-files 4 --permissions "*" --subdirs-permissions "/dir1::list,download,create_symlinks" --upload-bandwidth 90 --download-bandwidth 80 --status 1 --expiration-date "" --allowed-ip "" --denied-ip "192.168.1.0/24" --denied-login-methods "" --fs local --virtual-folders "/vdir1::/tmp/mapped1::-1::-1" "/vdir2::/tmp/mapped2::100::104857600" --allowed-extensions "" --denied-extensions ""
```
Output:
@ -203,13 +203,23 @@ Output:
"username": "test_username",
"virtual_folders": [
{
"exclude_from_quota": false,
"id": 1,
"last_quota_update": 0,
"mapped_path": "/tmp/mapped1",
"quota_files": -1,
"quota_size": -1,
"used_quota_files": 0,
"used_quota_size": 0,
"virtual_path": "/vdir1"
},
{
"exclude_from_quota": true,
"id": 2,
"last_quota_update": 0,
"mapped_path": "/tmp/mapped2",
"quota_files": 100,
"quota_size": 104857600,
"used_quota_files": 0,
"used_quota_size": 0,
"virtual_path": "/vdir2"
}
]
@ -315,6 +325,49 @@ Output:
]
```
### Get folders
Command:
```
python sftpgo_api_cli.py get-folders --limit 1 --offset 0 --folder-path /tmp/mapped1 --order DESC
```
Output:
```json
[
{
"id": 1,
"last_quota_update": 1591563422870,
"mapped_path": "/tmp/mapped1",
"used_quota_files": 1,
"used_quota_size": 13313790,
"users": [
"test_username"
]
}
]
```
### Add folder
```
python sftpgo_api_cli.py add-folder /tmp/mapped_folder
```
Output:
```json
{
"id": 4,
"last_quota_update": 0,
"mapped_path": "/tmp/mapped_folder",
"used_quota_files": 0,
"used_quota_size": 0
}
```
### Close connection
Command:
@ -359,6 +412,32 @@ Output:
}
```
### Get folder quota scans
Command:
```
python sftpgo_api_cli.py get-folders-quota-scans
```
### Start folder quota scan
Command:
```
python sftpgo_api_cli.py start-folder-quota-scan /tmp/mapped_folder
```
Output:
```json
{
"status": 201,
"message": "Scan started",
"error": ""
}
```
### Delete user
Command:
@ -377,6 +456,22 @@ Output:
}
```
### Delete folder
```
python sftpgo_api_cli.py delete-folder /tmp/mapped_folder
```
Output:
```json
{
"error": "",
"message": "Folder deleted",
"status": 200
}
```
### Get version
Command:

View file

@ -32,7 +32,9 @@ class SFTPGoApiRequests:
def __init__(self, debug, baseUrl, authType, authUser, authPassword, secure, no_color):
self.userPath = urlparse.urljoin(baseUrl, '/api/v1/user')
self.folderPath = urlparse.urljoin(baseUrl, '/api/v1/folder')
self.quotaScanPath = urlparse.urljoin(baseUrl, '/api/v1/quota_scan')
self.folderQuotaScanPath = urlparse.urljoin(baseUrl, '/api/v1/folder_quota_scan')
self.activeConnectionsPath = urlparse.urljoin(baseUrl, '/api/v1/connection')
self.versionPath = urlparse.urljoin(baseUrl, '/api/v1/version')
self.providerStatusPath = urlparse.urljoin(baseUrl, '/api/v1/providerstatus')
@ -110,19 +112,25 @@ class SFTPGoApiRequests:
if '::' in f:
vpath = ''
mapped_path = ''
exclude_from_quota = False
quota_files = 0
quota_size = 0
values = f.split('::')
if len(values) > 1:
vpath = values[0]
mapped_path = values[1]
if len(values) > 2:
try:
exclude_from_quota = int(values[2]) > 0
quota_files = int(values[2])
except:
pass
if len(values) > 3:
try:
quota_size = int(values[3])
except:
pass
if vpath and mapped_path:
result.append({"virtual_path":vpath, "mapped_path":mapped_path,
"exclude_from_quota":exclude_from_quota})
"quota_files":quota_files, "quota_size":quota_size})
return result
def buildPermissions(self, root_perms, subdirs_perms):
@ -293,6 +301,29 @@ class SFTPGoApiRequests:
r = requests.post(self.quotaScanPath, json=u, auth=self.auth, verify=self.verify)
self.printResponse(r)
def getFoldersQuotaScans(self):
r = requests.get(self.folderQuotaScanPath, auth=self.auth, verify=self.verify)
self.printResponse(r)
def startFolderQuotaScan(self, mapped_path):
f = {"mapped_path":mapped_path}
r = requests.post(self.folderQuotaScanPath, json=f, auth=self.auth, verify=self.verify)
self.printResponse(r)
def addFolder(self, mapped_path):
f = {"mapped_path":mapped_path}
r = requests.post(self.folderPath, json=f, auth=self.auth, verify=self.verify)
self.printResponse(r)
def deleteFolder(self, mapped_path):
r = requests.delete(self.folderPath, params={'folder_path':mapped_path}, auth=self.auth, verify=self.verify)
self.printResponse(r)
def getFolders(self, limit=100, offset=0, order='ASC', mapped_path=''):
r = requests.get(self.folderPath, params={'limit':limit, 'offset':offset, 'order':order,
'folder_path':mapped_path}, auth=self.auth, verify=self.verify)
self.printResponse(r)
def getVersion(self):
r = requests.get(self.versionPath, auth=self.auth, verify=self.verify)
self.printResponse(r)
@ -516,8 +547,8 @@ def addCommonUserArguments(parser):
parser.add_argument('--subdirs-permissions', type=str, nargs='*', default=[], help='Permissions for subdirs. '
+'For example: "/somedir::list,download" "/otherdir/subdir::*" Default: %(default)s')
parser.add_argument('--virtual-folders', type=str, nargs='*', default=[], help='Virtual folder mapping. For example: '
+'"/vpath::/home/adir" "/vpath::C:\adir::1". If the optional third argument is > 0 the virtual '
+'folder will be excluded from user quota. Ignored for non local filesystems. Default: %(default)s')
+'"/vpath::/home/adir" "/vpath::C:\adir::[quota_file]::[quota_size]". Quota parameters -1 means '
+'included inside user quota, 0 means unlimited. Ignored for non local filesystems. Default: %(default)s')
parser.add_argument('-U', '--upload-bandwidth', type=int, default=0,
help='Maximum upload bandwidth as KB/s, 0 means unlimited. Default: %(default)s')
parser.add_argument('-D', '--download-bandwidth', type=int, default=0,
@ -615,10 +646,29 @@ if __name__ == '__main__':
parserCloseConnection = subparsers.add_parser('close-connection', help='Terminate an active SFTP/SCP connection')
parserCloseConnection.add_argument('connectionID', type=str)
parserGetQuotaScans = subparsers.add_parser('get-quota-scans', help='Get the active quota scans')
parserGetQuotaScans = subparsers.add_parser('get-quota-scans', help='Get the active quota scans for users home directories')
parserStartQuotaScans = subparsers.add_parser('start-quota-scan', help='Start a new quota scan')
addCommonUserArguments(parserStartQuotaScans)
parserStartQuotaScan = subparsers.add_parser('start-quota-scan', help='Start a new user quota scan')
addCommonUserArguments(parserStartQuotaScan)
parserGetFolderQuotaScans = subparsers.add_parser('get-folders-quota-scans', help='Get the active quota scans for folders')
parserStartFolderQuotaScan = subparsers.add_parser('start-folder-quota-scan', help='Start a new folder quota scan')
parserStartFolderQuotaScan.add_argument('folder_path', type=str)
parserGetFolders = subparsers.add_parser('get-folders', help='Returns an array with one or more folders')
parserGetFolders.add_argument('-L', '--limit', type=int, default=100, choices=range(1, 501),
help='Maximum allowed value is 500. Default: %(default)s', metavar='[1...500]')
parserGetFolders.add_argument('-O', '--offset', type=int, default=0, help='Default: %(default)s')
parserGetFolders.add_argument('-P', '--folder-path', type=str, default='', help='Default: %(default)s')
parserGetFolders.add_argument('-S', '--order', type=str, choices=['ASC', 'DESC'], default='ASC',
help='default: %(default)s')
parserAddFolder = subparsers.add_parser('add-folder', help='Add a new folder')
parserAddFolder.add_argument('folder_path', type=str)
parserDeleteFolder = subparsers.add_parser('delete-folder', help='Delete an existing folder')
parserDeleteFolder.add_argument('folder_path', type=str)
parserGetVersion = subparsers.add_parser('get-version', help='Get version details')
@ -697,6 +747,16 @@ if __name__ == '__main__':
api.getQuotaScans()
elif args.command == 'start-quota-scan':
api.startQuotaScan(args.username)
elif args.command == 'get-folders':
api.getFolders(args.limit, args.offset, args.order, args.folder_path)
elif args.command == 'add-folder':
api.addFolder(args.folder_path)
elif args.command == 'delete-folder':
api.deleteFolder(args.folder_path)
elif args.command == 'get-folders-quota-scans':
api.getFoldersQuotaScans()
elif args.command == 'start-folder-quota-scan':
api.startFolderQuotaScan(args.folder_path)
elif args.command == 'get-version':
api.getVersion()
elif args.command == 'get-provider-status':

104
httpd/api_folder.go Normal file
View file

@ -0,0 +1,104 @@
package httpd
import (
"errors"
"net/http"
"strconv"
"github.com/go-chi/render"
"github.com/drakkan/sftpgo/dataprovider"
"github.com/drakkan/sftpgo/vfs"
)
func getFolders(w http.ResponseWriter, r *http.Request) {
var err error
limit := 100
offset := 0
order := dataprovider.OrderASC
folderPath := ""
if _, ok := r.URL.Query()["limit"]; ok {
limit, err = strconv.Atoi(r.URL.Query().Get("limit"))
if err != nil {
err = errors.New("Invalid limit")
sendAPIResponse(w, r, err, "", http.StatusBadRequest)
return
}
if limit > 500 {
limit = 500
}
}
if _, ok := r.URL.Query()["offset"]; ok {
offset, err = strconv.Atoi(r.URL.Query().Get("offset"))
if err != nil {
err = errors.New("Invalid offset")
sendAPIResponse(w, r, err, "", http.StatusBadRequest)
return
}
}
if _, ok := r.URL.Query()["order"]; ok {
order = r.URL.Query().Get("order")
if order != dataprovider.OrderASC && order != dataprovider.OrderDESC {
err = errors.New("Invalid order")
sendAPIResponse(w, r, err, "", http.StatusBadRequest)
return
}
}
if _, ok := r.URL.Query()["folder_path"]; ok {
folderPath = r.URL.Query().Get("folder_path")
}
folders, err := dataprovider.GetFolders(dataProvider, limit, offset, order, folderPath)
if err == nil {
render.JSON(w, r, folders)
} else {
sendAPIResponse(w, r, err, "", http.StatusInternalServerError)
}
}
func addFolder(w http.ResponseWriter, r *http.Request) {
r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
var folder vfs.BaseVirtualFolder
err := render.DecodeJSON(r.Body, &folder)
if err != nil {
sendAPIResponse(w, r, err, "", http.StatusBadRequest)
return
}
err = dataprovider.AddFolder(dataProvider, folder)
if err == nil {
folder, err = dataprovider.GetFolderByPath(dataProvider, folder.MappedPath)
if err == nil {
render.JSON(w, r, folder)
} else {
sendAPIResponse(w, r, err, "", http.StatusInternalServerError)
}
} else {
sendAPIResponse(w, r, err, "", getRespStatus(err))
}
}
func deleteFolderByPath(w http.ResponseWriter, r *http.Request) {
var folderPath string
if _, ok := r.URL.Query()["folder_path"]; ok {
folderPath = r.URL.Query().Get("folder_path")
}
if len(folderPath) == 0 {
err := errors.New("a non-empty folder path is required")
sendAPIResponse(w, r, err, "", http.StatusBadRequest)
return
}
folder, err := dataprovider.GetFolderByPath(dataProvider, folderPath)
if _, ok := err.(*dataprovider.RecordNotFoundError); ok {
sendAPIResponse(w, r, err, "", http.StatusNotFound)
return
} else if err != nil {
sendAPIResponse(w, r, err, "", http.StatusInternalServerError)
return
}
err = dataprovider.DeleteFolder(dataProvider, folder)
if err != nil {
sendAPIResponse(w, r, err, "", http.StatusInternalServerError)
} else {
sendAPIResponse(w, r, err, "Folder deleted", http.StatusOK)
}
}

View file

@ -14,6 +14,7 @@ import (
"github.com/drakkan/sftpgo/dataprovider"
"github.com/drakkan/sftpgo/logger"
"github.com/drakkan/sftpgo/sftpd"
"github.com/drakkan/sftpgo/vfs"
)
func dumpData(w http.ResponseWriter, r *http.Request) {
@ -45,7 +46,7 @@ func dumpData(w http.ResponseWriter, r *http.Request) {
}
logger.Debug(logSender, "", "dumping data to: %#v", outputFile)
users, err := dataprovider.DumpUsers(dataProvider)
backup, err := dataprovider.DumpData(dataProvider)
if err != nil {
logger.Warn(logSender, "", "dumping data error: %v, output file: %#v", err, outputFile)
sendAPIResponse(w, r, err, "", getRespStatus(err))
@ -53,13 +54,9 @@ func dumpData(w http.ResponseWriter, r *http.Request) {
}
var dump []byte
if indent == "1" {
dump, err = json.MarshalIndent(dataprovider.BackupData{
Users: users,
}, "", " ")
dump, err = json.MarshalIndent(backup, "", " ")
} else {
dump, err = json.Marshal(dataprovider.BackupData{
Users: users,
})
dump, err = json.Marshal(backup)
}
if err == nil {
err = ioutil.WriteFile(outputFile, dump, 0600)
@ -106,39 +103,16 @@ func loadData(w http.ResponseWriter, r *http.Request) {
return
}
for _, user := range dump.Users {
u, err := dataprovider.UserExists(dataProvider, user.Username)
if err == nil {
if mode == 1 {
logger.Debug(logSender, "", "loaddata mode 1, existing user %#v not updated", u.Username)
continue
}
user.ID = u.ID
user.LastLogin = u.LastLogin
user.UsedQuotaSize = u.UsedQuotaSize
user.UsedQuotaFiles = u.UsedQuotaFiles
err = dataprovider.UpdateUser(dataProvider, user)
user.Password = "[redacted]"
logger.Debug(logSender, "", "restoring existing user: %+v, dump file: %#v, error: %v", user, inputFile, err)
} else {
user.LastLogin = 0
user.UsedQuotaSize = 0
user.UsedQuotaFiles = 0
err = dataprovider.AddUser(dataProvider, user)
user.Password = "[redacted]"
logger.Debug(logSender, "", "adding new user: %+v, dump file: %#v, error: %v", user, inputFile, err)
}
if err != nil {
sendAPIResponse(w, r, err, "", getRespStatus(err))
return
}
if scanQuota == 1 || (scanQuota == 2 && user.HasQuotaRestrictions()) {
if sftpd.AddQuotaScan(user.Username) {
logger.Debug(logSender, "", "starting quota scan for restored user: %#v", user.Username)
go doQuotaScan(user) //nolint:errcheck
}
}
if err = restoreFolders(dump.Folders, inputFile, scanQuota); err != nil {
sendAPIResponse(w, r, err, "", getRespStatus(err))
return
}
if err = restoreUsers(dump.Users, inputFile, mode, scanQuota); err != nil {
sendAPIResponse(w, r, err, "", getRespStatus(err))
return
}
logger.Debug(logSender, "", "backup restored, users: %v", len(dump.Users))
sendAPIResponse(w, r, err, "Data restored", http.StatusOK)
}
@ -165,3 +139,56 @@ func getLoaddataOptions(r *http.Request) (string, int, int, error) {
}
return inputFile, scanQuota, restoreMode, err
}
func restoreFolders(folders []vfs.BaseVirtualFolder, inputFile string, scanQuota int) error {
for _, folder := range folders {
_, err := dataprovider.GetFolderByPath(dataProvider, folder.MappedPath)
if err == nil {
logger.Debug(logSender, "", "folder %#v already exists, restore not needed", folder.MappedPath)
continue
}
folder.Users = nil
err = dataprovider.AddFolder(dataProvider, folder)
logger.Debug(logSender, "", "adding new folder: %+v, dump file: %#v, error: %v", folder, inputFile, err)
if err != nil {
return err
}
if scanQuota >= 1 {
if sftpd.AddVFolderQuotaScan(folder.MappedPath) {
logger.Debug(logSender, "", "starting quota scan for restored folder: %#v", folder.MappedPath)
go doFolderQuotaScan(folder) //nolint:errcheck
}
}
}
return nil
}
func restoreUsers(users []dataprovider.User, inputFile string, mode, scanQuota int) error {
for _, user := range users {
u, err := dataprovider.UserExists(dataProvider, user.Username)
if err == nil {
if mode == 1 {
logger.Debug(logSender, "", "loaddata mode 1, existing user %#v not updated", u.Username)
continue
}
user.ID = u.ID
err = dataprovider.UpdateUser(dataProvider, user)
user.Password = "[redacted]"
logger.Debug(logSender, "", "restoring existing user: %+v, dump file: %#v, error: %v", user, inputFile, err)
} else {
err = dataprovider.AddUser(dataProvider, user)
user.Password = "[redacted]"
logger.Debug(logSender, "", "adding new user: %+v, dump file: %#v, error: %v", user, inputFile, err)
}
if err != nil {
return err
}
if scanQuota == 1 || (scanQuota == 2 && user.HasQuotaRestrictions()) {
if sftpd.AddQuotaScan(user.Username) {
logger.Debug(logSender, "", "starting quota scan for restored user: %#v", user.Username)
go doQuotaScan(user) //nolint:errcheck
}
}
}
return nil
}

View file

@ -8,12 +8,17 @@ import (
"github.com/drakkan/sftpgo/dataprovider"
"github.com/drakkan/sftpgo/logger"
"github.com/drakkan/sftpgo/sftpd"
"github.com/drakkan/sftpgo/vfs"
)
func getQuotaScans(w http.ResponseWriter, r *http.Request) {
render.JSON(w, r, sftpd.GetQuotaScans())
}
func getVFolderQuotaScans(w http.ResponseWriter, r *http.Request) {
render.JSON(w, r, sftpd.GetVFoldersQuotaScans())
}
func startQuotaScan(w http.ResponseWriter, r *http.Request) {
r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
var u dataprovider.User
@ -27,6 +32,10 @@ func startQuotaScan(w http.ResponseWriter, r *http.Request) {
sendAPIResponse(w, r, err, "", http.StatusNotFound)
return
}
if dataprovider.GetQuotaTracking() == 0 {
sendAPIResponse(w, r, nil, "Quota tracking is disabled!", http.StatusForbidden)
return
}
if sftpd.AddQuotaScan(user.Username) {
go doQuotaScan(user) //nolint:errcheck
sendAPIResponse(w, r, err, "Scan started", http.StatusCreated)
@ -35,6 +44,31 @@ func startQuotaScan(w http.ResponseWriter, r *http.Request) {
}
}
func startVFolderQuotaScan(w http.ResponseWriter, r *http.Request) {
r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
var f vfs.BaseVirtualFolder
err := render.DecodeJSON(r.Body, &f)
if err != nil {
sendAPIResponse(w, r, err, "", http.StatusBadRequest)
return
}
folder, err := dataprovider.GetFolderByPath(dataProvider, f.MappedPath)
if err != nil {
sendAPIResponse(w, r, err, "", http.StatusNotFound)
return
}
if dataprovider.GetQuotaTracking() == 0 {
sendAPIResponse(w, r, nil, "Quota tracking is disabled!", http.StatusForbidden)
return
}
if sftpd.AddVFolderQuotaScan(folder.MappedPath) {
go doFolderQuotaScan(folder) //nolint:errcheck
sendAPIResponse(w, r, err, "Scan started", http.StatusCreated)
} else {
sendAPIResponse(w, r, err, "Another scan is already in progress", http.StatusConflict)
}
}
func doQuotaScan(user dataprovider.User) error {
defer sftpd.RemoveQuotaScan(user.Username) //nolint:errcheck
fs, err := user.GetFilesystem("")
@ -45,9 +79,22 @@ func doQuotaScan(user dataprovider.User) error {
numFiles, size, err := fs.ScanRootDirContents()
if err != nil {
logger.Warn(logSender, "", "error scanning user home dir %#v: %v", user.Username, err)
} else {
err = dataprovider.UpdateUserQuota(dataProvider, user, numFiles, size, true)
logger.Debug(logSender, "", "user home dir scanned, user: %#v, error: %v", user.Username, err)
return err
}
err = dataprovider.UpdateUserQuota(dataProvider, user, numFiles, size, true)
logger.Debug(logSender, "", "user home dir scanned, user: %#v, error: %v", user.Username, err)
return err
}
func doFolderQuotaScan(folder vfs.BaseVirtualFolder) error {
defer sftpd.RemoveVFolderQuotaScan(folder.MappedPath) //nolint:errcheck
fs := vfs.NewOsFs("", "", nil).(vfs.OsFs)
numFiles, size, err := fs.GetDirSize(folder.MappedPath)
if err != nil {
logger.Warn(logSender, "", "error scanning folder %#v: %v", folder.MappedPath, err)
return err
}
err = dataprovider.UpdateVirtualFolderQuota(dataProvider, folder, numFiles, size, true)
logger.Debug(logSender, "", "virtual folder %#v scanned, error: %v", folder.MappedPath, err)
return err
}

View file

@ -15,7 +15,7 @@ import (
func getUsers(w http.ResponseWriter, r *http.Request) {
limit := 100
offset := 0
order := "ASC"
order := dataprovider.OrderASC
username := ""
var err error
if _, ok := r.URL.Query()["limit"]; ok {
@ -39,7 +39,7 @@ func getUsers(w http.ResponseWriter, r *http.Request) {
}
if _, ok := r.URL.Query()["order"]; ok {
order = r.URL.Query().Get("order")
if order != "ASC" && order != "DESC" {
if order != dataprovider.OrderASC && order != dataprovider.OrderDESC {
err = errors.New("Invalid order")
sendAPIResponse(w, r, err, "", http.StatusBadRequest)
return

View file

@ -22,6 +22,7 @@ import (
"github.com/drakkan/sftpgo/httpclient"
"github.com/drakkan/sftpgo/sftpd"
"github.com/drakkan/sftpgo/utils"
"github.com/drakkan/sftpgo/vfs"
)
var (
@ -90,10 +91,7 @@ func getRespStatus(err error) int {
func AddUser(user dataprovider.User, expectedStatusCode int) (dataprovider.User, []byte, error) {
var newUser dataprovider.User
var body []byte
userAsJSON, err := json.Marshal(user)
if err != nil {
return newUser, body, err
}
userAsJSON, _ := json.Marshal(user)
resp, err := sendHTTPRequest(http.MethodPost, buildURLRelativeToBase(userPath), bytes.NewBuffer(userAsJSON),
"application/json")
if err != nil {
@ -120,10 +118,7 @@ func AddUser(user dataprovider.User, expectedStatusCode int) (dataprovider.User,
func UpdateUser(user dataprovider.User, expectedStatusCode int) (dataprovider.User, []byte, error) {
var newUser dataprovider.User
var body []byte
userAsJSON, err := json.Marshal(user)
if err != nil {
return user, body, err
}
userAsJSON, _ := json.Marshal(user)
resp, err := sendHTTPRequest(http.MethodPut, buildURLRelativeToBase(userPath, strconv.FormatInt(user.ID, 10)),
bytes.NewBuffer(userAsJSON), "application/json")
if err != nil {
@ -174,28 +169,22 @@ func GetUserByID(userID int64, expectedStatusCode int) (dataprovider.User, []byt
return user, body, err
}
// GetUsers allows to get a list of users and checks the received HTTP Status code against expectedStatusCode.
// GetUsers returns a list of users and checks the received HTTP Status code against expectedStatusCode.
// The number of results can be limited specifying a limit.
// Some results can be skipped specifying an offset.
// The results can be filtered specifying a username, the username filter is an exact match
func GetUsers(limit int64, offset int64, username string, expectedStatusCode int) ([]dataprovider.User, []byte, error) {
func GetUsers(limit, offset int64, username string, expectedStatusCode int) ([]dataprovider.User, []byte, error) {
var users []dataprovider.User
var body []byte
url, err := url.Parse(buildURLRelativeToBase(userPath))
url, err := addLimitAndOffsetQueryParams(buildURLRelativeToBase(userPath), limit, offset)
if err != nil {
return users, body, err
}
q := url.Query()
if limit > 0 {
q.Add("limit", strconv.FormatInt(limit, 10))
}
if offset > 0 {
q.Add("offset", strconv.FormatInt(offset, 10))
}
if len(username) > 0 {
q := url.Query()
q.Add("username", username)
url.RawQuery = q.Encode()
}
url.RawQuery = q.Encode()
resp, err := sendHTTPRequest(http.MethodGet, url.String(), nil, "")
if err != nil {
return users, body, err
@ -210,7 +199,7 @@ func GetUsers(limit int64, offset int64, username string, expectedStatusCode int
return users, body, err
}
// GetQuotaScans gets active quota scans and checks the received HTTP Status code against expectedStatusCode.
// GetQuotaScans gets active quota scans for users and checks the received HTTP Status code against expectedStatusCode.
func GetQuotaScans(expectedStatusCode int) ([]sftpd.ActiveQuotaScan, []byte, error) {
var quotaScans []sftpd.ActiveQuotaScan
var body []byte
@ -231,10 +220,7 @@ func GetQuotaScans(expectedStatusCode int) ([]sftpd.ActiveQuotaScan, []byte, err
// StartQuotaScan start a new quota scan for the given user and checks the received HTTP Status code against expectedStatusCode.
func StartQuotaScan(user dataprovider.User, expectedStatusCode int) ([]byte, error) {
var body []byte
userAsJSON, err := json.Marshal(user)
if err != nil {
return body, err
}
userAsJSON, _ := json.Marshal(user)
resp, err := sendHTTPRequest(http.MethodPost, buildURLRelativeToBase(quotaScanPath), bytes.NewBuffer(userAsJSON), "")
if err != nil {
return body, err
@ -275,6 +261,114 @@ func CloseConnection(connectionID string, expectedStatusCode int) ([]byte, error
return body, err
}
// AddFolder adds a new folder and checks the received HTTP Status code against expectedStatusCode
func AddFolder(folder vfs.BaseVirtualFolder, expectedStatusCode int) (vfs.BaseVirtualFolder, []byte, error) {
var newFolder vfs.BaseVirtualFolder
var body []byte
folderAsJSON, _ := json.Marshal(folder)
resp, err := sendHTTPRequest(http.MethodPost, buildURLRelativeToBase(folderPath), bytes.NewBuffer(folderAsJSON),
"application/json")
if err != nil {
return newFolder, body, err
}
defer resp.Body.Close()
err = checkResponse(resp.StatusCode, expectedStatusCode)
if expectedStatusCode != http.StatusOK {
body, _ = getResponseBody(resp)
return newFolder, body, err
}
if err == nil {
err = render.DecodeJSON(resp.Body, &newFolder)
} else {
body, _ = getResponseBody(resp)
}
if err == nil {
err = checkFolder(&folder, &newFolder)
}
return newFolder, body, err
}
// RemoveFolder removes an existing user and checks the received HTTP Status code against expectedStatusCode.
func RemoveFolder(folder vfs.BaseVirtualFolder, expectedStatusCode int) ([]byte, error) {
var body []byte
baseURL := buildURLRelativeToBase(folderPath)
url, err := url.Parse(baseURL)
if err != nil {
return body, err
}
q := url.Query()
q.Add("folder_path", folder.MappedPath)
url.RawQuery = q.Encode()
resp, err := sendHTTPRequest(http.MethodDelete, url.String(), nil, "")
if err != nil {
return body, err
}
defer resp.Body.Close()
body, _ = getResponseBody(resp)
return body, checkResponse(resp.StatusCode, expectedStatusCode)
}
// GetFolders returns a list of folders and checks the received HTTP Status code against expectedStatusCode.
// The number of results can be limited specifying a limit.
// Some results can be skipped specifying an offset.
// The results can be filtered specifying a folder path, the folder path filter is an exact match
func GetFolders(limit int64, offset int64, mappedPath string, expectedStatusCode int) ([]vfs.BaseVirtualFolder, []byte, error) {
var folders []vfs.BaseVirtualFolder
var body []byte
url, err := addLimitAndOffsetQueryParams(buildURLRelativeToBase(folderPath), limit, offset)
if err != nil {
return folders, body, err
}
if len(mappedPath) > 0 {
q := url.Query()
q.Add("folder_path", mappedPath)
url.RawQuery = q.Encode()
}
resp, err := sendHTTPRequest(http.MethodGet, url.String(), nil, "")
if err != nil {
return folders, body, err
}
defer resp.Body.Close()
err = checkResponse(resp.StatusCode, expectedStatusCode)
if err == nil && expectedStatusCode == http.StatusOK {
err = render.DecodeJSON(resp.Body, &folders)
} else {
body, _ = getResponseBody(resp)
}
return folders, body, err
}
// GetFoldersQuotaScans gets active quota scans for folders and checks the received HTTP Status code against expectedStatusCode.
func GetFoldersQuotaScans(expectedStatusCode int) ([]sftpd.ActiveVirtualFolderQuotaScan, []byte, error) {
var quotaScans []sftpd.ActiveVirtualFolderQuotaScan
var body []byte
resp, err := sendHTTPRequest(http.MethodGet, buildURLRelativeToBase(quotaScanVFolderPath), nil, "")
if err != nil {
return quotaScans, body, err
}
defer resp.Body.Close()
err = checkResponse(resp.StatusCode, expectedStatusCode)
if err == nil && expectedStatusCode == http.StatusOK {
err = render.DecodeJSON(resp.Body, &quotaScans)
} else {
body, _ = getResponseBody(resp)
}
return quotaScans, body, err
}
// StartFolderQuotaScan start a new quota scan for the given folder and checks the received HTTP Status code against expectedStatusCode.
func StartFolderQuotaScan(folder vfs.BaseVirtualFolder, expectedStatusCode int) ([]byte, error) {
var body []byte
folderAsJSON, _ := json.Marshal(folder)
resp, err := sendHTTPRequest(http.MethodPost, buildURLRelativeToBase(quotaScanVFolderPath), bytes.NewBuffer(folderAsJSON), "")
if err != nil {
return body, err
}
defer resp.Body.Close()
body, _ = getResponseBody(resp)
return body, checkResponse(resp.StatusCode, expectedStatusCode)
}
// GetVersion returns version details
func GetVersion(expectedStatusCode int) (utils.VersionInfo, []byte, error) {
var version utils.VersionInfo
@ -384,6 +478,39 @@ func getResponseBody(resp *http.Response) ([]byte, error) {
return ioutil.ReadAll(resp.Body)
}
func checkFolder(expected *vfs.BaseVirtualFolder, actual *vfs.BaseVirtualFolder) error {
if expected.ID <= 0 {
if actual.ID <= 0 {
return errors.New("actual folder ID must be > 0")
}
} else {
if actual.ID != expected.ID {
return errors.New("folder ID mismatch")
}
}
if expected.MappedPath != actual.MappedPath {
return errors.New("mapped path mismatch")
}
if expected.LastQuotaUpdate != actual.LastQuotaUpdate {
return errors.New("last quota update mismatch")
}
if expected.UsedQuotaSize != actual.UsedQuotaSize {
return errors.New("used quota size mismatch")
}
if expected.UsedQuotaFiles != actual.UsedQuotaFiles {
return errors.New("used quota files mismatch")
}
if len(expected.Users) != len(actual.Users) {
return errors.New("folder users mismatch")
}
for _, u := range actual.Users {
if !utils.IsStringInSlice(u, expected.Users) {
return errors.New("folder users mismatch")
}
}
return nil
}
func checkUser(expected *dataprovider.User, actual *dataprovider.User) error {
if len(actual.Password) > 0 {
return errors.New("User password must not be visible")
@ -634,3 +761,19 @@ func compareEqualsUserFields(expected *dataprovider.User, actual *dataprovider.U
}
return nil
}
func addLimitAndOffsetQueryParams(rawurl string, limit, offset int64) (*url.URL, error) {
url, err := url.Parse(rawurl)
if err != nil {
return nil, err
}
q := url.Query()
if limit > 0 {
q.Add("limit", strconv.FormatInt(limit, 10))
}
if offset > 0 {
q.Add("offset", strconv.FormatInt(offset, 10))
}
url.RawQuery = q.Encode()
return url, err
}

View file

@ -25,8 +25,10 @@ const (
apiPrefix = "/api/v1"
activeConnectionsPath = "/api/v1/connection"
quotaScanPath = "/api/v1/quota_scan"
quotaScanVFolderPath = "/api/v1/folder_quota_scan"
userPath = "/api/v1/user"
versionPath = "/api/v1/version"
folderPath = "/api/v1/folder"
providerStatusPath = "/api/v1/providerstatus"
dumpDataPath = "/api/v1/dumpdata"
loadDataPath = "/api/v1/loaddata"
@ -36,6 +38,8 @@ const (
webUsersPath = "/web/users"
webUserPath = "/web/user"
webConnectionsPath = "/web/connections"
webFoldersPath = "/web/folders"
webFolderPath = "/web/folder"
webStaticFilesPath = "/static"
maxRestoreSize = 10485760 // 10 MB
maxRequestSize = 1048576 // 1MB

File diff suppressed because it is too large Load diff

View file

@ -45,6 +45,43 @@ func TestCheckResponse(t *testing.T) {
assert.NoError(t, err)
}
func TestCheckFolder(t *testing.T) {
expected := &vfs.BaseVirtualFolder{}
actual := &vfs.BaseVirtualFolder{}
err := checkFolder(expected, actual)
assert.Error(t, err)
expected.ID = 1
actual.ID = 2
err = checkFolder(expected, actual)
assert.Error(t, err)
expected.ID = 2
actual.ID = 2
expected.MappedPath = "path"
err = checkFolder(expected, actual)
assert.Error(t, err)
expected.MappedPath = ""
expected.LastQuotaUpdate = 1
err = checkFolder(expected, actual)
assert.Error(t, err)
expected.LastQuotaUpdate = 0
expected.UsedQuotaFiles = 1
err = checkFolder(expected, actual)
assert.Error(t, err)
expected.UsedQuotaFiles = 0
expected.UsedQuotaSize = 1
err = checkFolder(expected, actual)
assert.Error(t, err)
expected.UsedQuotaSize = 0
expected.Users = append(expected.Users, "user1")
err = checkFolder(expected, actual)
assert.Error(t, err)
actual.Users = append(actual.Users, "user2")
err = checkFolder(expected, actual)
assert.Error(t, err)
expected.Users = nil
actual.Users = nil
}
func TestCheckUser(t *testing.T) {
expected := &dataprovider.User{}
actual := &dataprovider.User{}
@ -84,14 +121,18 @@ func TestCheckUser(t *testing.T) {
assert.Error(t, err)
actual.FsConfig.Provider = 0
expected.VirtualFolders = append(expected.VirtualFolders, vfs.VirtualFolder{
BaseVirtualFolder: vfs.BaseVirtualFolder{
MappedPath: os.TempDir(),
},
VirtualPath: "/vdir",
MappedPath: os.TempDir(),
})
err = checkUser(expected, actual)
assert.Error(t, err)
actual.VirtualFolders = append(actual.VirtualFolders, vfs.VirtualFolder{
BaseVirtualFolder: vfs.BaseVirtualFolder{
MappedPath: os.TempDir(),
},
VirtualPath: "/vdir1",
MappedPath: os.TempDir(),
})
err = checkUser(expected, actual)
assert.Error(t, err)
@ -321,8 +362,12 @@ func TestApiCallsWithBadURL(t *testing.T) {
assert.Error(t, err)
_, err = RemoveUser(u, http.StatusNotFound)
assert.Error(t, err)
_, err = RemoveFolder(vfs.BaseVirtualFolder{}, http.StatusNotFound)
assert.Error(t, err)
_, _, err = GetUsers(1, 0, "", http.StatusBadRequest)
assert.Error(t, err)
_, _, err = GetFolders(1, 0, "", http.StatusBadRequest)
assert.Error(t, err)
_, err = CloseConnection("non_existent_id", http.StatusNotFound)
assert.Error(t, err)
_, _, err = Dumpdata("backup.json", "", http.StatusBadRequest)
@ -352,6 +397,19 @@ func TestApiCallToNotListeningServer(t *testing.T) {
assert.Error(t, err)
_, err = StartQuotaScan(u, http.StatusNotFound)
assert.Error(t, err)
folder := vfs.BaseVirtualFolder{
MappedPath: os.TempDir(),
}
_, err = StartFolderQuotaScan(folder, http.StatusNotFound)
assert.Error(t, err)
_, _, err = AddFolder(folder, http.StatusOK)
assert.Error(t, err)
_, err = RemoveFolder(folder, http.StatusOK)
assert.Error(t, err)
_, _, err = GetFolders(0, 0, "", http.StatusOK)
assert.Error(t, err)
_, _, err = GetFoldersQuotaScans(http.StatusOK)
assert.Error(t, err)
_, _, err = GetConnections(http.StatusOK)
assert.Error(t, err)
_, err = CloseConnection("non_existent_id", http.StatusNotFound)

View file

@ -74,11 +74,16 @@ func initializeRouter(staticFilesPath string, profiler bool) {
router.Delete(activeConnectionsPath+"/{connectionID}", handleCloseConnection)
router.Get(quotaScanPath, getQuotaScans)
router.Post(quotaScanPath, startQuotaScan)
router.Get(quotaScanVFolderPath, getVFolderQuotaScans)
router.Post(quotaScanVFolderPath, startVFolderQuotaScan)
router.Get(userPath, getUsers)
router.Post(userPath, addUser)
router.Get(userPath+"/{userID}", getUserByID)
router.Put(userPath+"/{userID}", updateUser)
router.Delete(userPath+"/{userID}", deleteUser)
router.Get(folderPath, getFolders)
router.Post(folderPath, addFolder)
router.Delete(folderPath, deleteFolderByPath)
router.Get(dumpDataPath, dumpData)
router.Get(loadDataPath, loadData)
router.Get(webUsersPath, handleGetWebUsers)
@ -87,6 +92,9 @@ func initializeRouter(staticFilesPath string, profiler bool) {
router.Post(webUserPath, handleWebAddUserPost)
router.Post(webUserPath+"/{userID}", handleWebUpdateUserPost)
router.Get(webConnectionsPath, handleWebGetConnections)
router.Get(webFoldersPath, handleWebGetFolders)
router.Get(webFolderPath, handleWebAddFolderGet)
router.Post(webFolderPath, handleWebAddFolderPost)
})
router.Group(func(router chi.Router) {

View file

@ -2,7 +2,7 @@ openapi: 3.0.1
info:
title: SFTPGo
description: 'SFTPGo REST API'
version: 1.8.6
version: 1.9.0
servers:
- url: /api/v1
@ -224,7 +224,7 @@ paths:
get:
tags:
- quota
summary: Get the active quota scans
summary: Get the active quota scans for users home directories
operationId: get_quota_scans
responses:
200:
@ -268,8 +268,8 @@ paths:
post:
tags:
- quota
summary: start a new quota scan
description: A quota scan update the number of files and their total size for the given user
summary: start a new user quota scan
description: A quota scan update the number of files and their total size for the specified user
operationId: start_quota_scan
requestBody:
required: true
@ -348,6 +348,354 @@ paths:
status: 500
message: ""
error: "Error description if any"
/folder_quota_scan:
get:
tags:
- quota
summary: Get the active quota scans for folders
operationId: get_folders_quota_scans
responses:
200:
description: successful operation
content:
application/json:
schema:
type: array
items:
$ref : '#/components/schemas/FolderQuotaScan'
401:
description: Unauthorized
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 401
message: ""
error: "Error description if any"
403:
description: Forbidden
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 403
message: ""
error: "Error description if any"
500:
description: Internal Server Error
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 500
message: ""
error: "Error description if any"
post:
tags:
- quota
summary: start a new folder quota scan
description: A quota scan update the number of files and their total size for the specified folder
operationId: start_folder_quota_scan
requestBody:
required: true
content:
application/json:
schema:
$ref : '#/components/schemas/BaseVirtualFolder'
responses:
201:
description: successful operation
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 201
message: "Scan started"
error: ""
400:
description: Bad request
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 400
message: ""
error: "Error description if any"
401:
description: Unauthorized
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 401
message: ""
error: "Error description if any"
403:
description: Forbidden
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 403
message: ""
error: "Error description if any"
404:
description: Not Found
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 404
message: ""
error: "Error description if any"
409:
description: Another scan is already in progress for this user
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 409
message: "Another scan is already in progress"
error: "Error description if any"
500:
description: Internal Server Error
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 500
message: ""
error: "Error description if any"
/folder:
get:
tags:
- folders
summary: Returns an array with one or more folders
operationId: get_folders
parameters:
- in: query
name: offset
schema:
type: integer
minimum: 0
default: 0
required: false
- in: query
name: limit
schema:
type: integer
minimum: 1
maximum: 500
default: 100
required: false
description: The maximum number of items to return. Max value is 500, default is 100
- in: query
name: order
required: false
description: Ordering folders by path. Default ASC
schema:
type: string
enum:
- ASC
- DESC
example: ASC
- in: query
name: folder_path
required: false
description: Filter by folder path, extact match case sensitive
schema:
type: string
responses:
200:
description: successful operation
content:
application/json:
schema:
type: array
items:
$ref : '#/components/schemas/BaseVirtualFolder'
400:
description: Bad request
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 400
message: ""
error: "Error description if any"
401:
description: Unauthorized
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 401
message: ""
error: "Error description if any"
403:
description: Forbidden
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 403
message: ""
error: "Error description if any"
500:
description: Internal Server Error
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 500
message: ""
error: "Error description if any"
post:
tags:
- folders
summary: Adds a new folder
operationId: add_folder
description: a new folder with the specified mapped_path will be added. To update the used quota parameters a quota scan is needed
requestBody:
required: true
content:
application/json:
schema:
$ref : '#/components/schemas/BaseVirtualFolder'
responses:
200:
description: successful operation
content:
application/json:
schema:
$ref : '#/components/schemas/BaseVirtualFolder'
400:
description: Bad request
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 400
message: ""
error: "Error description if any"
401:
description: Unauthorized
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 401
message: ""
error: "Error description if any"
403:
description: Forbidden
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 403
message: ""
error: "Error description if any"
500:
description: Internal Server Error
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 500
message: ""
error: "Error description if any"
delete:
tags:
- folders
summary: Delete an existing folder
operationId: delete_folder
parameters:
- name: folder_path
in: query
description: path to the folder to delete
required: true
schema:
type: string
responses:
200:
description: successful operation
content:
application/json:
schema:
$ref : '#/components/schemas/ApiResponse'
example:
status: 200
message: "Folder deleted"
error: ""
400:
description: Bad request
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 400
message: ""
error: "Error description if any"
401:
description: Unauthorized
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 401
message: ""
error: "Error description if any"
403:
description: Forbidden
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 403
message: ""
error: "Error description if any"
404:
description: Not Found
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 404
message: ""
error: "Error description if any"
500:
description: Internal Server Error
content:
application/json:
schema:
$ref: '#/components/schemas/ApiResponse'
example:
status: 500
message: ""
error: "Error description if any"
/user:
get:
tags:
@ -375,7 +723,7 @@ paths:
- in: query
name: order
required: false
description: Ordering users by username
description: Ordering users by username. Default ASC
schema:
type: string
enum:
@ -802,7 +1150,7 @@ paths:
tags:
- maintenance
summary: Restore SFTPGo data from a JSON backup
description: Users will be restored one by one and the restore is stopped if a user cannot be added or updated, so it could happen a partial restore
description: Users and folders will be restored one by one and the restore is stopped if a user/folder cannot be added or updated, so it could happen a partial restore
operationId: loaddata
parameters:
- in: query
@ -821,7 +1169,7 @@ paths:
- 2
description: >
Quota scan:
* `0` no quota scan is done, the imported user will have used_quota_size and used_quota_file = 0. This is the default
* `0` no quota scan is done, the imported users will have used_quota_size and used_quota_files = 0 or the existing values if they already exists. This is the default
* `1` scan quota
* `2` scan quota if the user has quota restrictions
required: false
@ -1070,20 +1418,52 @@ components:
gcsconfig:
$ref: '#/components/schemas/GCSConfig'
description: Storage filesystem details
VirtualFolder:
BaseVirtualFolder:
type: object
properties:
virtual_path:
type: string
id:
type: integer
format: int32
minimum: 1
mapped_path:
type: string
exclude_from_quota:
type: boolean
description: absolute filesystem path to use as virtual folder. This field is unique
used_quota_size:
type: integer
format: int64
used_quota_files:
type: integer
format: int32
last_quota_update:
type: integer
format: int64
description: Last quota update as unix timestamp in milliseconds
users:
type: array
nullable: true
description: This folder will be excluded from user quota
items:
type: string
description: list of usernames associated with this virtual folder
required:
- virtual_path
- mapped_path
description: defines the path for the virtual folder and the used quota limits. The same folder can be shared among multiple users and each user can have different quota limits or a different virtual path.
VirtualFolder:
allOf:
- $ref: '#/components/schemas/BaseVirtualFolder'
- type: object
properties:
virtual_path:
type: string
quota_size:
type: integer
format: int64
description: Quota as size in bytes. 0 menas unlimited, -1 means included in user quota. Please note that quota is updated if files are added/removed via SFTP/SCP otherwise a quota scan is needed
quota_files:
type: integer
format: int32
description: Quota as number of files. 0 menas unlimited, , -1 means included in user quota. Please note that quota is updated if files are added/removed via SFTP/SCP otherwise a quota scan is needed
required:
- virtual_path
description: A virtual folder is a mapping between a SFTP/SCP virtual path and a filesystem path outside the user home directory. The specified paths must be absolute and the virtual path cannot be "/", it must be a sub directory. The parent directory for the specified virtual path must exist. SFTPGo will try to automatically create any missing parent directory for the configured virtual folders at user login.
User:
type: object
@ -1103,6 +1483,7 @@ components:
* `1` user is enabled
username:
type: string
description: username is unique
expiration_date:
type: integer
format: int64
@ -1125,7 +1506,7 @@ components:
items:
$ref: '#/components/schemas/VirtualFolder'
nullable: true
description: mapping between virtual SFTP/SCP paths and filesystem paths outside the user home directory. Supported for local filesystem only
description: mapping between virtual SFTP/SCP paths and filesystem paths outside the user home directory. Supported for local filesystem only. If one or more of the specified folders are not inside the dataprovider they will be automatically created. You have to create the folder on the filesystem yourself
uid:
type: integer
format: int32
@ -1159,7 +1540,7 @@ components:
used_quota_size:
type: integer
format: int64
used_quota_file:
used_quota_files:
type: integer
format: int32
last_quota_update:
@ -1251,6 +1632,16 @@ components:
type: integer
format: int64
description: scan start time as unix timestamp in milliseconds
FolderQuotaScan:
type: object
properties:
mapped_path:
type: string
description: path with an active scan
start_time:
type: integer
format: int64
description: scan start time as unix timestamp in milliseconds
ApiResponse:
type: object
properties:
@ -1258,7 +1649,7 @@ components:
type: integer
format: int32
minimum: 200
maximum: 500
maximum: 509
example: 200
description: HTTP Status code, for example 200 OK, 400 Bad request and so on
message:

View file

@ -22,20 +22,23 @@ import (
)
const (
templateBase = "base.html"
templateUsers = "users.html"
templateUser = "user.html"
templateConnections = "connections.html"
templateMessage = "message.html"
pageUsersTitle = "Users"
pageConnectionsTitle = "Connections"
page400Title = "Bad request"
page404Title = "Not found"
page404Body = "The page you are looking for does not exist."
page500Title = "Internal Server Error"
page500Body = "The server is unable to fulfill your request."
defaultUsersQueryLimit = 500
webDateTimeFormat = "2006-01-02 15:04:05" // YYYY-MM-DD HH:MM:SS
templateBase = "base.html"
templateUsers = "users.html"
templateUser = "user.html"
templateConnections = "connections.html"
templateFolders = "folders.html"
templateFolder = "folder.html"
templateMessage = "message.html"
pageUsersTitle = "Users"
pageConnectionsTitle = "Connections"
pageFoldersTitle = "Folders"
page400Title = "Bad request"
page404Title = "Not found"
page404Body = "The page you are looking for does not exist."
page500Title = "Internal Server Error"
page500Body = "The server is unable to fulfill your request."
defaultQueryLimit = 500
webDateTimeFormat = "2006-01-02 15:04:05" // YYYY-MM-DD HH:MM:SS
)
var (
@ -43,17 +46,22 @@ var (
)
type basePage struct {
Title string
CurrentURL string
UsersURL string
UserURL string
APIUserURL string
APIConnectionsURL string
APIQuotaScanURL string
ConnectionsURL string
UsersTitle string
ConnectionsTitle string
Version string
Title string
CurrentURL string
UsersURL string
UserURL string
APIUserURL string
APIConnectionsURL string
APIQuotaScanURL string
ConnectionsURL string
FoldersURL string
FolderURL string
APIFoldersURL string
APIFolderQuotaScanURL string
UsersTitle string
ConnectionsTitle string
FoldersTitle string
Version string
}
type usersPage struct {
@ -61,6 +69,11 @@ type usersPage struct {
Users []dataprovider.User
}
type foldersPage struct {
basePage
Folders []vfs.BaseVirtualFolder
}
type connectionsPage struct {
basePage
Connections []sftpd.ConnectionStatus
@ -77,6 +90,12 @@ type userPage struct {
RootDirPerms []string
}
type folderPage struct {
basePage
Folder vfs.BaseVirtualFolder
Error string
}
type messagePage struct {
basePage
Error string
@ -100,31 +119,48 @@ func loadTemplates(templatesPath string) {
filepath.Join(templatesPath, templateBase),
filepath.Join(templatesPath, templateMessage),
}
foldersPath := []string{
filepath.Join(templatesPath, templateBase),
filepath.Join(templatesPath, templateFolders),
}
folderPath := []string{
filepath.Join(templatesPath, templateBase),
filepath.Join(templatesPath, templateFolder),
}
usersTmpl := utils.LoadTemplate(template.ParseFiles(usersPaths...))
userTmpl := utils.LoadTemplate(template.ParseFiles(userPaths...))
connectionsTmpl := utils.LoadTemplate(template.ParseFiles(connectionsPaths...))
messageTmpl := utils.LoadTemplate(template.ParseFiles(messagePath...))
foldersTmpl := utils.LoadTemplate(template.ParseFiles(foldersPath...))
folderTmpl := utils.LoadTemplate(template.ParseFiles(folderPath...))
templates[templateUsers] = usersTmpl
templates[templateUser] = userTmpl
templates[templateConnections] = connectionsTmpl
templates[templateMessage] = messageTmpl
templates[templateFolders] = foldersTmpl
templates[templateFolder] = folderTmpl
}
func getBasePageData(title, currentURL string) basePage {
version := utils.GetAppVersion()
return basePage{
Title: title,
CurrentURL: currentURL,
UsersURL: webUsersPath,
UserURL: webUserPath,
APIUserURL: userPath,
APIConnectionsURL: activeConnectionsPath,
APIQuotaScanURL: quotaScanPath,
ConnectionsURL: webConnectionsPath,
UsersTitle: pageUsersTitle,
ConnectionsTitle: pageConnectionsTitle,
Version: version.GetVersionAsString(),
Title: title,
CurrentURL: currentURL,
UsersURL: webUsersPath,
UserURL: webUserPath,
FoldersURL: webFoldersPath,
FolderURL: webFolderPath,
APIUserURL: userPath,
APIConnectionsURL: activeConnectionsPath,
APIQuotaScanURL: quotaScanPath,
APIFoldersURL: folderPath,
APIFolderQuotaScanURL: quotaScanVFolderPath,
ConnectionsURL: webConnectionsPath,
UsersTitle: pageUsersTitle,
ConnectionsTitle: pageConnectionsTitle,
FoldersTitle: pageFoldersTitle,
Version: version.GetVersionAsString(),
}
}
@ -190,6 +226,15 @@ func renderUpdateUserPage(w http.ResponseWriter, user dataprovider.User, error s
renderTemplate(w, templateUser, data)
}
func renderAddFolderPage(w http.ResponseWriter, folder vfs.BaseVirtualFolder, error string) {
data := folderPage{
basePage: getBasePageData("Add a new folder", webFolderPath),
Error: error,
Folder: folder,
}
renderTemplate(w, templateFolder, data)
}
func getVirtualFoldersFromPostFields(r *http.Request) []vfs.VirtualFolder {
var virtualFolders []vfs.VirtualFolder
formValue := r.Form.Get("virtual_folders")
@ -198,13 +243,23 @@ func getVirtualFoldersFromPostFields(r *http.Request) []vfs.VirtualFolder {
mapping := strings.Split(cleaned, "::")
if len(mapping) > 1 {
vfolder := vfs.VirtualFolder{
BaseVirtualFolder: vfs.BaseVirtualFolder{
MappedPath: strings.TrimSpace(mapping[1]),
},
VirtualPath: strings.TrimSpace(mapping[0]),
MappedPath: strings.TrimSpace(mapping[1]),
QuotaFiles: -1,
QuotaSize: -1,
}
if len(mapping) > 2 {
excludeFromQuota, err := strconv.Atoi(strings.TrimSpace(mapping[2]))
quotaFiles, err := strconv.Atoi(strings.TrimSpace(mapping[2]))
if err == nil {
vfolder.ExcludeFromQuota = (excludeFromQuota > 0)
vfolder.QuotaFiles = quotaFiles
}
}
if len(mapping) > 3 {
quotaSize, err := strconv.ParseInt(strings.TrimSpace(mapping[3]), 10, 64)
if err == nil {
vfolder.QuotaSize = quotaSize
}
}
virtualFolders = append(virtualFolders, vfolder)
@ -453,29 +508,26 @@ func getUserFromPostFields(r *http.Request) (dataprovider.User, error) {
}
func handleGetWebUsers(w http.ResponseWriter, r *http.Request) {
limit := defaultUsersQueryLimit
limit := defaultQueryLimit
if _, ok := r.URL.Query()["qlimit"]; ok {
var err error
limit, err = strconv.Atoi(r.URL.Query().Get("qlimit"))
if err != nil {
limit = defaultUsersQueryLimit
limit = defaultQueryLimit
}
}
var users []dataprovider.User
u, err := dataprovider.GetUsers(dataProvider, limit, 0, "ASC", "")
users = append(users, u...)
for len(u) == limit {
u, err = dataprovider.GetUsers(dataProvider, limit, len(users), "ASC", "")
if err == nil && len(u) > 0 {
users = append(users, u...)
} else {
users := make([]dataprovider.User, 0, limit)
for {
u, err := dataprovider.GetUsers(dataProvider, limit, len(users), dataprovider.OrderASC, "")
if err != nil {
renderInternalServerErrorPage(w, err)
return
}
users = append(users, u...)
if len(u) < limit {
break
}
}
if err != nil {
renderInternalServerErrorPage(w, err)
return
}
data := usersPage{
basePage: getBasePageData(pageUsersTitle, webUsersPath),
Users: users,
@ -558,3 +610,54 @@ func handleWebGetConnections(w http.ResponseWriter, r *http.Request) {
}
renderTemplate(w, templateConnections, data)
}
func handleWebAddFolderGet(w http.ResponseWriter, r *http.Request) {
renderAddFolderPage(w, vfs.BaseVirtualFolder{}, "")
}
func handleWebAddFolderPost(w http.ResponseWriter, r *http.Request) {
r.Body = http.MaxBytesReader(w, r.Body, maxRequestSize)
folder := vfs.BaseVirtualFolder{}
err := r.ParseForm()
if err != nil {
renderAddFolderPage(w, folder, err.Error())
return
}
folder.MappedPath = r.Form.Get("mapped_path")
err = dataprovider.AddFolder(dataProvider, folder)
if err == nil {
http.Redirect(w, r, webFoldersPath, http.StatusSeeOther)
} else {
renderAddFolderPage(w, folder, err.Error())
}
}
func handleWebGetFolders(w http.ResponseWriter, r *http.Request) {
limit := defaultQueryLimit
if _, ok := r.URL.Query()["qlimit"]; ok {
var err error
limit, err = strconv.Atoi(r.URL.Query().Get("qlimit"))
if err != nil {
limit = defaultQueryLimit
}
}
folders := make([]vfs.BaseVirtualFolder, 0, limit)
for {
f, err := dataprovider.GetFolders(dataProvider, limit, len(folders), dataprovider.OrderASC, "")
if err != nil {
renderInternalServerErrorPage(w, err)
return
}
folders = append(folders, f...)
if len(f) < limit {
break
}
}
data := foldersPage{
basePage: getBasePageData(pageFoldersTitle, webFoldersPath),
Folders: folders,
}
renderTemplate(w, templateFolders, data)
}

View file

@ -69,25 +69,25 @@ func (c Connection) Fileread(request *sftp.Request) (io.ReaderAt, error) {
c.Log(logger.LevelDebug, logSender, "fileread requested for path: %#v", p)
transfer := Transfer{
file: file,
readerAt: r,
writerAt: nil,
cancelFn: cancelFn,
path: p,
start: time.Now(),
bytesSent: 0,
bytesReceived: 0,
user: c.User,
connectionID: c.ID,
transferType: transferDownload,
lastActivity: time.Now(),
isNewFile: false,
protocol: c.protocol,
transferError: nil,
isFinished: false,
minWriteOffset: 0,
isExcludedFromQuota: c.User.IsFileExcludedFromQuota(request.Filepath),
lock: new(sync.Mutex),
file: file,
readerAt: r,
writerAt: nil,
cancelFn: cancelFn,
path: p,
start: time.Now(),
bytesSent: 0,
bytesReceived: 0,
user: c.User,
connectionID: c.ID,
transferType: transferDownload,
lastActivity: time.Now(),
isNewFile: false,
protocol: c.protocol,
transferError: nil,
isFinished: false,
minWriteOffset: 0,
requestPath: request.Filepath,
lock: new(sync.Mutex),
}
addTransfer(&transfer)
return &transfer, nil
@ -112,12 +112,12 @@ func (c Connection) Filewrite(request *sftp.Request) (io.WriterAt, error) {
filePath = c.fs.GetAtomicUploadPath(p)
}
stat, statErr := c.fs.Stat(p)
if c.fs.IsNotExist(statErr) {
stat, statErr := c.fs.Lstat(p)
if (statErr == nil && stat.Mode()&os.ModeSymlink == os.ModeSymlink) || c.fs.IsNotExist(statErr) {
if !c.User.HasPerm(dataprovider.PermUpload, path.Dir(request.Filepath)) {
return nil, sftp.ErrSSHFxPermissionDenied
}
return c.handleSFTPUploadToNewFile(p, filePath, c.User.IsFileExcludedFromQuota(request.Filepath))
return c.handleSFTPUploadToNewFile(p, filePath, request.Filepath)
}
if statErr != nil {
@ -135,8 +135,7 @@ func (c Connection) Filewrite(request *sftp.Request) (io.WriterAt, error) {
return nil, sftp.ErrSSHFxPermissionDenied
}
return c.handleSFTPUploadToExistingFile(request.Pflags(), p, filePath, stat.Size(),
c.User.IsFileExcludedFromQuota(request.Filepath))
return c.handleSFTPUploadToExistingFile(request.Pflags(), p, filePath, stat.Size(), request.Filepath)
}
// Filecmd hander for basic SFTP system calls related to files, but not anything to do with reading
@ -301,29 +300,46 @@ func (c Connection) handleSFTPSetstat(filePath string, request *sftp.Request) er
return nil
}
func (c Connection) handleSFTPRename(sourcePath string, targetPath string, request *sftp.Request) error {
if c.fs.GetRelativePath(sourcePath) == "/" {
c.Log(logger.LevelWarn, logSender, "renaming root dir is not allowed")
func (c Connection) handleSFTPRename(sourcePath, targetPath string, request *sftp.Request) error {
if !c.isRenamePermitted(sourcePath, request) {
return sftp.ErrSSHFxPermissionDenied
}
if c.User.IsVirtualFolder(request.Filepath) || c.User.IsVirtualFolder(request.Target) {
c.Log(logger.LevelWarn, logSender, "renaming a virtual folder is not allowed")
return sftp.ErrSSHFxPermissionDenied
if c.User.HasVirtualFoldersInside(request.Filepath) {
if fi, err := c.fs.Stat(sourcePath); err == nil {
if fi.IsDir() {
c.Log(logger.LevelDebug, logSender, "renaming the folder %#v is not supported: it has virtual folders inside it",
request.Filepath)
return sftp.ErrSSHFxOpUnsupported
}
}
}
if !c.User.IsFileAllowed(request.Filepath) || !c.User.IsFileAllowed(request.Target) {
if fi, err := c.fs.Lstat(sourcePath); err == nil && fi.Mode().IsRegular() {
c.Log(logger.LevelDebug, logSender, "renaming file is not allowed, source: %#v target: %#v", request.Filepath,
request.Target)
initialSize := int64(-1)
if fi, err := c.fs.Lstat(targetPath); err == nil {
if fi.IsDir() {
c.Log(logger.LevelWarn, logSender, "attempted to rename %#v overwriting an existing directory %#v", sourcePath, targetPath)
return sftp.ErrSSHFxOpUnsupported
}
// we are overwriting an existing file/symlink
if fi.Mode().IsRegular() {
initialSize = fi.Size()
}
if !c.User.HasPerm(dataprovider.PermOverwrite, path.Dir(request.Target)) {
c.Log(logger.LevelDebug, logSender, "renaming is not allowed, source: %#v target: %#v. "+
"Target exists but the user has no overwrite permission", request.Filepath, request.Target)
return sftp.ErrSSHFxPermissionDenied
}
}
if !c.User.HasPerm(dataprovider.PermRename, path.Dir(request.Target)) {
return sftp.ErrSSHFxPermissionDenied
if !c.hasSpaceForRename(request, initialSize, sourcePath) {
c.Log(logger.LevelInfo, logSender, "denying cross rename due to space limit")
return sftp.ErrSSHFxFailure
}
if err := c.fs.Rename(sourcePath, targetPath); err != nil {
c.Log(logger.LevelWarn, logSender, "failed to rename file, source: %#v target: %#v: %+v", sourcePath, targetPath, err)
c.Log(logger.LevelWarn, logSender, "failed to rename %#v -> %#v: %+v", sourcePath, targetPath, err)
return vfs.GetSFTPError(c.fs, err)
}
if dataprovider.GetQuotaTracking() > 0 {
c.updateQuotaAfterRename(request, targetPath, initialSize) //nolint:errcheck
}
logger.CommandLog(renameLogSender, sourcePath, targetPath, c.User.Username, "", c.ID, c.protocol, -1, -1, "", "", "")
// the returned error is used in test cases only, we already log the error inside executeAction
go executeAction(newActionNotification(c.User, operationRename, sourcePath, targetPath, "", 0, nil)) //nolint:errcheck
@ -339,6 +355,10 @@ func (c Connection) handleSFTPRmdir(dirPath string, request *sftp.Request) error
c.Log(logger.LevelWarn, logSender, "removing a virtual folder is not allowed: %#v", request.Filepath)
return sftp.ErrSSHFxPermissionDenied
}
if c.User.HasVirtualFoldersInside(request.Filepath) {
c.Log(logger.LevelWarn, logSender, "removing a directory with a virtual folder inside is not allowed: %#v", request.Filepath)
return sftp.ErrSSHFxOpUnsupported
}
if !c.User.HasPerm(dataprovider.PermDelete, path.Dir(request.Filepath)) {
return sftp.ErrSSHFxPermissionDenied
}
@ -375,11 +395,14 @@ func (c Connection) handleSFTPSymlink(sourcePath string, targetPath string, requ
if !c.User.HasPerm(dataprovider.PermCreateSymlinks, path.Dir(request.Target)) {
return sftp.ErrSSHFxPermissionDenied
}
if c.isCrossFoldersRequest(request) {
c.Log(logger.LevelWarn, logSender, "cross folder symlink is not supported, src: %v dst: %v", request.Filepath, request.Target)
return sftp.ErrSSHFxFailure
}
if err := c.fs.Symlink(sourcePath, targetPath); err != nil {
c.Log(logger.LevelWarn, logSender, "failed to create symlink %#v -> %#v: %+v", sourcePath, targetPath, err)
return vfs.GetSFTPError(c.fs, err)
}
logger.CommandLog(symlinkLogSender, sourcePath, targetPath, c.User.Username, "", c.ID, c.protocol, -1, -1, "", "", "")
return nil
}
@ -437,7 +460,13 @@ func (c Connection) handleSFTPRemove(filePath string, request *sftp.Request) err
logger.CommandLog(removeLogSender, filePath, "", c.User.Username, "", c.ID, c.protocol, -1, -1, "", "", "")
if fi.Mode()&os.ModeSymlink != os.ModeSymlink {
if !c.User.IsFileExcludedFromQuota(request.Filepath) {
vfolder, err := c.User.GetVirtualFolderForPath(request.Filepath)
if err == nil {
dataprovider.UpdateVirtualFolderQuota(dataProvider, vfolder.BaseVirtualFolder, -1, -size, false) //nolint:errcheck
if vfolder.IsIncludedInUserQuota() {
dataprovider.UpdateUserQuota(dataProvider, c.User, -1, -size, false) //nolint:errcheck
}
} else {
dataprovider.UpdateUserQuota(dataProvider, c.User, -1, -size, false) //nolint:errcheck
}
}
@ -448,50 +477,50 @@ func (c Connection) handleSFTPRemove(filePath string, request *sftp.Request) err
return sftp.ErrSSHFxOk
}
func (c Connection) handleSFTPUploadToNewFile(requestPath, filePath string, isExcludedFromQuota bool) (io.WriterAt, error) {
if !c.hasSpace(true) {
c.Log(logger.LevelInfo, logSender, "denying file write due to space limit")
func (c Connection) handleSFTPUploadToNewFile(resolvedPath, filePath, requestPath string) (io.WriterAt, error) {
if !c.hasSpace(true, requestPath) {
c.Log(logger.LevelInfo, logSender, "denying file write due to quota limits")
return nil, sftp.ErrSSHFxFailure
}
file, w, cancelFn, err := c.fs.Create(filePath, 0)
if err != nil {
c.Log(logger.LevelWarn, logSender, "error creating file %#v: %+v", requestPath, err)
c.Log(logger.LevelWarn, logSender, "error creating file %#v: %+v", resolvedPath, err)
return nil, vfs.GetSFTPError(c.fs, err)
}
vfs.SetPathPermissions(c.fs, filePath, c.User.GetUID(), c.User.GetGID())
transfer := Transfer{
file: file,
writerAt: w,
readerAt: nil,
cancelFn: cancelFn,
path: requestPath,
start: time.Now(),
bytesSent: 0,
bytesReceived: 0,
user: c.User,
connectionID: c.ID,
transferType: transferUpload,
lastActivity: time.Now(),
isNewFile: true,
protocol: c.protocol,
transferError: nil,
isFinished: false,
minWriteOffset: 0,
isExcludedFromQuota: isExcludedFromQuota,
lock: new(sync.Mutex),
file: file,
writerAt: w,
readerAt: nil,
cancelFn: cancelFn,
path: resolvedPath,
start: time.Now(),
bytesSent: 0,
bytesReceived: 0,
user: c.User,
connectionID: c.ID,
transferType: transferUpload,
lastActivity: time.Now(),
isNewFile: true,
protocol: c.protocol,
transferError: nil,
isFinished: false,
minWriteOffset: 0,
requestPath: requestPath,
lock: new(sync.Mutex),
}
addTransfer(&transfer)
return &transfer, nil
}
func (c Connection) handleSFTPUploadToExistingFile(pflags sftp.FileOpenFlags, requestPath, filePath string,
fileSize int64, isExcludedFromQuota bool) (io.WriterAt, error) {
func (c Connection) handleSFTPUploadToExistingFile(pflags sftp.FileOpenFlags, resolvedPath, filePath string,
fileSize int64, requestPath string) (io.WriterAt, error) {
var err error
if !c.hasSpace(false) {
c.Log(logger.LevelInfo, logSender, "denying file write due to space limit")
if !c.hasSpace(false, requestPath) {
c.Log(logger.LevelInfo, logSender, "denying file write due to quota limits")
return nil, sftp.ErrSSHFxFailure
}
@ -499,16 +528,15 @@ func (c Connection) handleSFTPUploadToExistingFile(pflags sftp.FileOpenFlags, re
osFlags := getOSOpenFlags(pflags)
if pflags.Append && osFlags&os.O_TRUNC == 0 && !c.fs.IsUploadResumeSupported() {
c.Log(logger.LevelInfo, logSender, "upload resume requested for path: %#v but not supported in fs implementation",
requestPath)
c.Log(logger.LevelInfo, logSender, "upload resume requested for path: %#v but not supported in fs implementation", resolvedPath)
return nil, sftp.ErrSSHFxOpUnsupported
}
if isAtomicUploadEnabled() && c.fs.IsAtomicUploadSupported() {
err = c.fs.Rename(requestPath, filePath)
err = c.fs.Rename(resolvedPath, filePath)
if err != nil {
c.Log(logger.LevelWarn, logSender, "error renaming existing file for atomic upload, source: %#v, dest: %#v, err: %+v",
requestPath, filePath, err)
resolvedPath, filePath, err)
return nil, vfs.GetSFTPError(c.fs, err)
}
}
@ -525,7 +553,13 @@ func (c Connection) handleSFTPUploadToExistingFile(pflags sftp.FileOpenFlags, re
minWriteOffset = fileSize
} else {
if vfs.IsLocalOsFs(c.fs) {
if !isExcludedFromQuota {
vfolder, err := c.User.GetVirtualFolderForPath(requestPath)
if err == nil {
dataprovider.UpdateVirtualFolderQuota(dataProvider, vfolder.BaseVirtualFolder, 0, -fileSize, false) //nolint:errcheck
if vfolder.IsIncludedInUserQuota() {
dataprovider.UpdateUserQuota(dataProvider, c.User, 0, -fileSize, false) //nolint:errcheck
}
} else {
dataprovider.UpdateUserQuota(dataProvider, c.User, 0, -fileSize, false) //nolint:errcheck
}
} else {
@ -536,48 +570,104 @@ func (c Connection) handleSFTPUploadToExistingFile(pflags sftp.FileOpenFlags, re
vfs.SetPathPermissions(c.fs, filePath, c.User.GetUID(), c.User.GetGID())
transfer := Transfer{
file: file,
writerAt: w,
readerAt: nil,
cancelFn: cancelFn,
path: requestPath,
start: time.Now(),
bytesSent: 0,
bytesReceived: 0,
user: c.User,
connectionID: c.ID,
transferType: transferUpload,
lastActivity: time.Now(),
isNewFile: false,
protocol: c.protocol,
transferError: nil,
isFinished: false,
minWriteOffset: minWriteOffset,
initialSize: initialSize,
isExcludedFromQuota: isExcludedFromQuota,
lock: new(sync.Mutex),
file: file,
writerAt: w,
readerAt: nil,
cancelFn: cancelFn,
path: resolvedPath,
start: time.Now(),
bytesSent: 0,
bytesReceived: 0,
user: c.User,
connectionID: c.ID,
transferType: transferUpload,
lastActivity: time.Now(),
isNewFile: false,
protocol: c.protocol,
transferError: nil,
isFinished: false,
minWriteOffset: minWriteOffset,
initialSize: initialSize,
requestPath: requestPath,
lock: new(sync.Mutex),
}
addTransfer(&transfer)
return &transfer, nil
}
func (c Connection) hasSpace(checkFiles bool) bool {
if (checkFiles && c.User.QuotaFiles > 0) || c.User.QuotaSize > 0 {
numFile, size, err := dataprovider.GetUsedQuota(dataProvider, c.User.Username)
if err != nil {
if _, ok := err.(*dataprovider.MethodDisabledError); ok {
c.Log(logger.LevelWarn, logSender, "quota enforcement not possible for user %#v: %v", c.User.Username, err)
func (c Connection) hasSpaceForRename(request *sftp.Request, initialSize int64, sourcePath string) bool {
if dataprovider.GetQuotaTracking() == 0 {
return true
}
sourceFolder, errSrc := c.User.GetVirtualFolderForPath(request.Filepath)
dstFolder, errDst := c.User.GetVirtualFolderForPath(request.Target)
if errSrc != nil && errDst != nil {
// rename inside the user home dir
return true
}
if errSrc == nil && errDst == nil {
// rename between virtual folders
if sourceFolder.MappedPath == dstFolder.MappedPath {
// rename inside the same virtual folder
return true
}
}
if errSrc != nil && dstFolder.IsIncludedInUserQuota() {
// rename between user root dir and a virtual folder included in user quota
return true
}
if !c.hasSpace(true, request.Target) {
if initialSize != -1 {
// we are overquota but we are overwriting a file so we check the quota size
if c.hasSpace(false, request.Target) {
// we have enough quota size
return true
}
c.Log(logger.LevelWarn, logSender, "error getting used quota for %#v: %v", c.User.Username, err)
return false
if fi, err := c.fs.Lstat(sourcePath); err == nil {
if fi.Mode().IsRegular() {
// we have space if we are overwriting a bigger file with a smaller one
return initialSize >= fi.Size()
}
}
}
if (checkFiles && c.User.QuotaFiles > 0 && numFile >= c.User.QuotaFiles) ||
(c.User.QuotaSize > 0 && size >= c.User.QuotaSize) {
c.Log(logger.LevelDebug, logSender, "quota exceed for user %#v, num files: %v/%v, size: %v/%v check files: %v",
c.User.Username, numFile, c.User.QuotaFiles, size, c.User.QuotaSize, checkFiles)
return false
return false
}
return true
}
func (c Connection) hasSpace(checkFiles bool, requestPath string) bool {
if dataprovider.GetQuotaTracking() == 0 {
return true
}
var quotaSize, usedSize int64
var quotaFiles, numFiles int
var err error
var vfolder vfs.VirtualFolder
vfolder, err = c.User.GetVirtualFolderForPath(requestPath)
if err == nil && !vfolder.IsIncludedInUserQuota() {
if vfolder.HasNoQuotaRestrictions(checkFiles) {
return true
}
quotaSize = vfolder.QuotaSize
quotaFiles = vfolder.QuotaFiles
numFiles, usedSize, err = dataprovider.GetUsedVirtualFolderQuota(dataProvider, vfolder.MappedPath)
} else {
if c.User.HasNoQuotaRestrictions(checkFiles) {
return true
}
quotaSize = c.User.QuotaSize
quotaFiles = c.User.QuotaFiles
numFiles, usedSize, err = dataprovider.GetUsedQuota(dataProvider, c.User.Username)
}
if err != nil {
c.Log(logger.LevelWarn, logSender, "error getting used quota for %#v request path %#v: %v", c.User.Username, requestPath, err)
return false
}
if (checkFiles && quotaFiles > 0 && numFiles >= quotaFiles) ||
(quotaSize > 0 && usedSize >= quotaSize) {
c.Log(logger.LevelDebug, logSender, "quota exceed for user %#v, request path %#v, num files: %v/%v, size: %v/%v check files: %v",
c.User.Username, requestPath, numFiles, quotaFiles, usedSize, quotaSize, checkFiles)
return false
}
return true
}
@ -612,3 +702,143 @@ func getOSOpenFlags(requestFlags sftp.FileOpenFlags) (flags int) {
}
return osFlags
}
func (c Connection) isCrossFoldersRequest(request *sftp.Request) bool {
sourceFolder, errSrc := c.User.GetVirtualFolderForPath(request.Filepath)
dstFolder, errDst := c.User.GetVirtualFolderForPath(request.Target)
if errSrc != nil && errDst != nil {
return false
}
if errSrc == nil && errDst == nil {
return sourceFolder.MappedPath != dstFolder.MappedPath
}
return true
}
func (c Connection) isRenamePermitted(sourcePath string, request *sftp.Request) bool {
if c.fs.GetRelativePath(sourcePath) == "/" {
c.Log(logger.LevelWarn, logSender, "renaming root dir is not allowed")
return false
}
if c.User.IsVirtualFolder(request.Filepath) || c.User.IsVirtualFolder(request.Target) {
c.Log(logger.LevelWarn, logSender, "renaming a virtual folder is not allowed")
return false
}
if !c.User.IsFileAllowed(request.Filepath) || !c.User.IsFileAllowed(request.Target) {
if fi, err := c.fs.Lstat(sourcePath); err == nil && fi.Mode().IsRegular() {
c.Log(logger.LevelDebug, logSender, "renaming file is not allowed, source: %#v target: %#v", request.Filepath,
request.Target)
return false
}
}
if !c.User.HasPerm(dataprovider.PermRename, path.Dir(request.Target)) {
return false
}
return true
}
func (c Connection) updateQuotaMoveBetweenVFolders(sourceFolder, dstFolder vfs.VirtualFolder, initialSize, filesSize int64, numFiles int) {
if sourceFolder.MappedPath == dstFolder.MappedPath {
// both files are inside the same virtual folder
if initialSize != -1 {
dataprovider.UpdateVirtualFolderQuota(dataProvider, dstFolder.BaseVirtualFolder, -numFiles, -initialSize, false) //nolint:errcheck
if dstFolder.IsIncludedInUserQuota() {
dataprovider.UpdateUserQuota(dataProvider, c.User, -numFiles, -initialSize, false) //nolint:errcheck
}
}
return
}
// files are inside different virtual folders
dataprovider.UpdateVirtualFolderQuota(dataProvider, sourceFolder.BaseVirtualFolder, -numFiles, -filesSize, false) //nolint:errcheck
if sourceFolder.IsIncludedInUserQuota() {
dataprovider.UpdateUserQuota(dataProvider, c.User, -numFiles, -filesSize, false) //nolint:errcheck
}
if initialSize == -1 {
dataprovider.UpdateVirtualFolderQuota(dataProvider, dstFolder.BaseVirtualFolder, numFiles, filesSize, false) //nolint:errcheck
if dstFolder.IsIncludedInUserQuota() {
dataprovider.UpdateUserQuota(dataProvider, c.User, numFiles, filesSize, false) //nolint:errcheck
}
} else {
// we cannot have a directory here, initialSize != -1 only for files
dataprovider.UpdateVirtualFolderQuota(dataProvider, dstFolder.BaseVirtualFolder, 0, filesSize-initialSize, false) //nolint:errcheck
if dstFolder.IsIncludedInUserQuota() {
dataprovider.UpdateUserQuota(dataProvider, c.User, 0, filesSize-initialSize, false) //nolint:errcheck
}
}
}
func (c Connection) updateQuotaMoveFromVFolder(sourceFolder vfs.VirtualFolder, initialSize, filesSize int64, numFiles int) {
// move between a virtual folder and the user home dir
dataprovider.UpdateVirtualFolderQuota(dataProvider, sourceFolder.BaseVirtualFolder, -numFiles, -filesSize, false) //nolint:errcheck
if sourceFolder.IsIncludedInUserQuota() {
dataprovider.UpdateUserQuota(dataProvider, c.User, -numFiles, -filesSize, false) //nolint:errcheck
}
if initialSize == -1 {
dataprovider.UpdateUserQuota(dataProvider, c.User, numFiles, filesSize, false) //nolint:errcheck
} else {
// we cannot have a directory here, initialSize != -1 only for files
dataprovider.UpdateUserQuota(dataProvider, c.User, 0, filesSize-initialSize, false) //nolint:errcheck
}
}
func (c Connection) updateQuotaMoveToVFolder(dstFolder vfs.VirtualFolder, initialSize, filesSize int64, numFiles int) {
// move between the user home dir and a virtual folder
dataprovider.UpdateUserQuota(dataProvider, c.User, -numFiles, -filesSize, false) //nolint:errcheck
if initialSize == -1 {
dataprovider.UpdateVirtualFolderQuota(dataProvider, dstFolder.BaseVirtualFolder, numFiles, filesSize, false) //nolint:errcheck
if dstFolder.IsIncludedInUserQuota() {
dataprovider.UpdateUserQuota(dataProvider, c.User, numFiles, filesSize, false) //nolint:errcheck
}
} else {
// we cannot have a directory here, initialSize != -1 only for files
dataprovider.UpdateVirtualFolderQuota(dataProvider, dstFolder.BaseVirtualFolder, 0, filesSize-initialSize, false) //nolint:errcheck
if dstFolder.IsIncludedInUserQuota() {
dataprovider.UpdateUserQuota(dataProvider, c.User, 0, filesSize-initialSize, false) //nolint:errcheck
}
}
}
func (c Connection) updateQuotaAfterRename(request *sftp.Request, targetPath string, initialSize int64) error {
// we don't allow to overwrite an existing directory so targetPath can be:
// - a new file, a symlink is as a new file here
// - a file overwriting an existing one
// - a new directory
// initialSize != -1 only when overwriting files
sourceFolder, errSrc := c.User.GetVirtualFolderForPath(request.Filepath)
dstFolder, errDst := c.User.GetVirtualFolderForPath(request.Target)
if errSrc != nil && errDst != nil {
// both files are contained inside the user home dir
if initialSize != -1 {
// we cannot have a directory here
dataprovider.UpdateUserQuota(dataProvider, c.User, -1, -initialSize, false) //nolint:errcheck
}
return nil
}
filesSize := int64(0)
numFiles := 1
if fi, err := c.fs.Stat(targetPath); err == nil {
if fi.Mode().IsDir() {
numFiles, filesSize, err = c.fs.GetDirSize(targetPath)
if err != nil {
logger.Warn(logSender, "", "failed to update quota after rename, error scanning moved folder %#v: %v", targetPath, err)
return err
}
} else {
filesSize = fi.Size()
}
} else {
c.Log(logger.LevelWarn, logSender, "failed to update quota after rename, file %#v stat error: %+v", targetPath, err)
return err
}
if errSrc == nil && errDst == nil {
c.updateQuotaMoveBetweenVFolders(sourceFolder, dstFolder, initialSize, filesSize, numFiles)
}
if errSrc == nil && errDst != nil {
c.updateQuotaMoveFromVFolder(sourceFolder, initialSize, filesSize, numFiles)
}
if errSrc != nil && errDst == nil {
c.updateQuotaMoveToVFolder(dstFolder, initialSize, filesSize, numFiles)
}
return nil
}

View file

@ -9,6 +9,7 @@ import (
"net"
"os"
"os/exec"
"path"
"path/filepath"
"runtime"
"sync"
@ -99,6 +100,14 @@ func (fs MockOsFs) Stat(name string) (os.FileInfo, error) {
return os.Stat(name)
}
// Lstat returns a FileInfo describing the named file
func (fs MockOsFs) Lstat(name string) (os.FileInfo, error) {
if fs.statErr != nil {
return nil, fs.statErr
}
return os.Lstat(name)
}
// Remove removes the named file or (empty) directory.
func (fs MockOsFs) Remove(name string, isDir bool) error {
if fs.err != nil {
@ -203,6 +212,9 @@ func TestActionHTTP(t *testing.T) {
}
func TestPreDeleteAction(t *testing.T) {
if runtime.GOOS == osWindows {
t.Skip("this test is not available on Windows")
}
actionsCopy := actions
hookCmd, err := exec.LookPath("true")
@ -443,8 +455,6 @@ func TestMockFsErrors(t *testing.T) {
request := sftp.NewRequest("Remove", testfile)
err := ioutil.WriteFile(testfile, []byte("test"), 0666)
assert.NoError(t, err)
err = c.handleSFTPRemove(testfile, request)
assert.EqualError(t, err, sftp.ErrSSHFxFailure.Error())
_, err = c.Filewrite(request)
assert.EqualError(t, err, sftp.ErrSSHFxFailure.Error())
@ -452,9 +462,14 @@ func TestMockFsErrors(t *testing.T) {
flags.Write = true
flags.Trunc = false
flags.Append = true
_, err = c.handleSFTPUploadToExistingFile(flags, testfile, testfile, 0, false)
_, err = c.handleSFTPUploadToExistingFile(flags, testfile, testfile, 0, "/testfile")
assert.EqualError(t, err, sftp.ErrSSHFxOpUnsupported.Error())
fs = newMockOsFs(errFake, nil, false, "123", os.TempDir())
c.fs = fs
err = c.handleSFTPRemove(testfile, request)
assert.EqualError(t, err, sftp.ErrSSHFxFailure.Error())
err = os.Remove(testfile)
assert.NoError(t, err)
}
@ -468,18 +483,18 @@ func TestUploadFiles(t *testing.T) {
var flags sftp.FileOpenFlags
flags.Write = true
flags.Trunc = true
_, err := c.handleSFTPUploadToExistingFile(flags, "missing_path", "other_missing_path", 0, false)
_, err := c.handleSFTPUploadToExistingFile(flags, "missing_path", "other_missing_path", 0, "/missing_path")
assert.Error(t, err, "upload to existing file must fail if one or both paths are invalid")
uploadMode = uploadModeStandard
_, err = c.handleSFTPUploadToExistingFile(flags, "missing_path", "other_missing_path", 0, false)
_, err = c.handleSFTPUploadToExistingFile(flags, "missing_path", "other_missing_path", 0, "/missing_path")
assert.Error(t, err, "upload to existing file must fail if one or both paths are invalid")
missingFile := "missing/relative/file.txt"
if runtime.GOOS == osWindows {
missingFile = "missing\\relative\\file.txt"
}
_, err = c.handleSFTPUploadToNewFile(".", missingFile, false)
_, err = c.handleSFTPUploadToNewFile(".", missingFile, "/missing")
assert.Error(t, err, "upload new file in missing path must fail")
c.fs = newMockOsFs(nil, nil, false, "123", os.TempDir())
@ -488,7 +503,7 @@ func TestUploadFiles(t *testing.T) {
err = f.Close()
assert.NoError(t, err)
_, err = c.handleSFTPUploadToExistingFile(flags, f.Name(), f.Name(), 123, false)
_, err = c.handleSFTPUploadToExistingFile(flags, f.Name(), f.Name(), 123, f.Name())
assert.NoError(t, err)
if assert.Equal(t, 1, len(activeTransfers)) {
transfer := activeTransfers[0]
@ -572,7 +587,7 @@ func TestSFTPGetUsedQuota(t *testing.T) {
connection := Connection{
User: u,
}
assert.False(t, connection.hasSpace(false))
assert.False(t, connection.hasSpace(false, "/"))
}
func TestSupportedSSHCommands(t *testing.T) {
@ -923,16 +938,20 @@ func TestGitVirtualFolders(t *testing.T) {
args: []string{"/vdir"},
}
cmd.connection.User.VirtualFolders = append(cmd.connection.User.VirtualFolders, vfs.VirtualFolder{
BaseVirtualFolder: vfs.BaseVirtualFolder{
MappedPath: os.TempDir(),
},
VirtualPath: "/vdir",
MappedPath: os.TempDir(),
})
_, err = cmd.getSystemCommand()
assert.EqualError(t, err, errUnsupportedConfig.Error())
cmd.connection.User.VirtualFolders = nil
cmd.connection.User.VirtualFolders = append(cmd.connection.User.VirtualFolders, vfs.VirtualFolder{
BaseVirtualFolder: vfs.BaseVirtualFolder{
MappedPath: os.TempDir(),
},
VirtualPath: "/vdir",
MappedPath: os.TempDir(),
})
cmd.args = []string{"/vdir/subdir"}
_, err = cmd.getSystemCommand()
@ -987,8 +1006,10 @@ func TestRsyncOptions(t *testing.T) {
"--munge-links must be added if the user has the create symlinks permission")
sshCmd.connection.User.VirtualFolders = append(sshCmd.connection.User.VirtualFolders, vfs.VirtualFolder{
BaseVirtualFolder: vfs.BaseVirtualFolder{
MappedPath: os.TempDir(),
},
VirtualPath: "/vdir",
MappedPath: os.TempDir(),
})
_, err = sshCmd.getSystemCommand()
assert.EqualError(t, err, errUnsupportedConfig.Error())
@ -1391,7 +1412,7 @@ func TestSCPErrorsMockFs(t *testing.T) {
err = scpCommand.handleUpload(filepath.Base(testfile), 0)
assert.EqualError(t, err, errFake.Error())
err = scpCommand.handleUploadFile(testfile, testfile, 0, false, 4, false)
err = scpCommand.handleUploadFile(testfile, testfile, 0, false, 4, "/testfile")
assert.NoError(t, err)
err = os.Remove(testfile)
assert.NoError(t, err)
@ -1810,3 +1831,43 @@ func TestCertCheckerInitErrors(t *testing.T) {
err = os.Remove(testfile)
assert.NoError(t, err)
}
func TestUpdateQuotaAfterRenameMissingFile(t *testing.T) {
user := dataprovider.User{
Username: "username",
HomeDir: filepath.Join(os.TempDir(), "home"),
}
mappedPath := filepath.Join(os.TempDir(), "vdir")
user.Permissions = make(map[string][]string)
user.Permissions["/"] = []string{dataprovider.PermAny}
user.VirtualFolders = append(user.VirtualFolders, vfs.VirtualFolder{
BaseVirtualFolder: vfs.BaseVirtualFolder{
MappedPath: mappedPath,
},
VirtualPath: "/vdir",
})
c := Connection{
fs: vfs.NewOsFs("id", os.TempDir(), nil),
User: user,
}
request := sftp.NewRequest("Rename", "/testfile")
request.Filepath = "/dir"
request.Target = path.Join("vdir", "dir")
if runtime.GOOS != "windows" {
testDirPath := filepath.Join(mappedPath, "dir")
err := os.MkdirAll(testDirPath, 0777)
assert.NoError(t, err)
err = os.Chmod(testDirPath, 0001)
assert.NoError(t, err)
err = c.updateQuotaAfterRename(request, testDirPath, 0)
assert.Error(t, err)
err = os.Chmod(testDirPath, 0777)
assert.NoError(t, err)
err = os.RemoveAll(testDirPath)
assert.NoError(t, err)
}
request.Target = "/testfile1"
request.Filepath = path.Join("vdir", "file")
err := c.updateQuotaAfterRename(request, filepath.Join(os.TempDir(), "vdir", "file"), 0)
assert.Error(t, err)
}

View file

@ -187,10 +187,9 @@ func (c *scpCommand) getUploadFileData(sizeToRead int64, transfer *Transfer) err
return c.sendConfirmationMessage()
}
func (c *scpCommand) handleUploadFile(requestPath, filePath string, sizeToRead int64, isNewFile bool, fileSize int64,
isExcludedFromQuota bool) error {
if !c.connection.hasSpace(true) {
err := fmt.Errorf("denying file write due to space limit")
func (c *scpCommand) handleUploadFile(resolvedPath, filePath string, sizeToRead int64, isNewFile bool, fileSize int64, requestPath string) error {
if !c.connection.hasSpace(true, requestPath) {
err := fmt.Errorf("denying file write due to quota limits")
c.connection.Log(logger.LevelWarn, logSenderSCP, "error uploading file: %#v, err: %v", filePath, err)
c.sendErrorMessage(err)
return err
@ -199,7 +198,13 @@ func (c *scpCommand) handleUploadFile(requestPath, filePath string, sizeToRead i
initialSize := int64(0)
if !isNewFile {
if vfs.IsLocalOsFs(c.connection.fs) {
if !isExcludedFromQuota {
vfolder, err := c.connection.User.GetVirtualFolderForPath(requestPath)
if err == nil {
dataprovider.UpdateVirtualFolderQuota(dataProvider, vfolder.BaseVirtualFolder, 0, -fileSize, false) //nolint:errcheck
if vfolder.IsIncludedInUserQuota() {
dataprovider.UpdateUserQuota(dataProvider, c.connection.User, 0, -fileSize, false) //nolint:errcheck
}
} else {
dataprovider.UpdateUserQuota(dataProvider, c.connection.User, 0, -fileSize, false) //nolint:errcheck
}
} else {
@ -208,7 +213,7 @@ func (c *scpCommand) handleUploadFile(requestPath, filePath string, sizeToRead i
}
file, w, cancelFn, err := c.connection.fs.Create(filePath, 0)
if err != nil {
c.connection.Log(logger.LevelError, logSenderSCP, "error creating file %#v: %v", requestPath, err)
c.connection.Log(logger.LevelError, logSenderSCP, "error creating file %#v: %v", resolvedPath, err)
c.sendErrorMessage(err)
return err
}
@ -216,26 +221,26 @@ func (c *scpCommand) handleUploadFile(requestPath, filePath string, sizeToRead i
vfs.SetPathPermissions(c.connection.fs, filePath, c.connection.User.GetUID(), c.connection.User.GetGID())
transfer := Transfer{
file: file,
readerAt: nil,
writerAt: w,
cancelFn: cancelFn,
path: requestPath,
start: time.Now(),
bytesSent: 0,
bytesReceived: 0,
user: c.connection.User,
connectionID: c.connection.ID,
transferType: transferUpload,
lastActivity: time.Now(),
isNewFile: isNewFile,
protocol: c.connection.protocol,
transferError: nil,
isFinished: false,
minWriteOffset: 0,
initialSize: initialSize,
isExcludedFromQuota: isExcludedFromQuota,
lock: new(sync.Mutex),
file: file,
readerAt: nil,
writerAt: w,
cancelFn: cancelFn,
path: resolvedPath,
start: time.Now(),
bytesSent: 0,
bytesReceived: 0,
user: c.connection.User,
connectionID: c.connection.ID,
transferType: transferUpload,
lastActivity: time.Now(),
isNewFile: isNewFile,
protocol: c.connection.protocol,
transferError: nil,
isFinished: false,
minWriteOffset: 0,
initialSize: initialSize,
requestPath: requestPath,
lock: new(sync.Mutex),
}
addTransfer(&transfer)
@ -262,14 +267,14 @@ func (c *scpCommand) handleUpload(uploadFilePath string, sizeToRead int64) error
if isAtomicUploadEnabled() && c.connection.fs.IsAtomicUploadSupported() {
filePath = c.connection.fs.GetAtomicUploadPath(p)
}
stat, statErr := c.connection.fs.Stat(p)
if c.connection.fs.IsNotExist(statErr) {
stat, statErr := c.connection.fs.Lstat(p)
if (statErr == nil && stat.Mode()&os.ModeSymlink == os.ModeSymlink) || c.connection.fs.IsNotExist(statErr) {
if !c.connection.User.HasPerm(dataprovider.PermUpload, path.Dir(uploadFilePath)) {
c.connection.Log(logger.LevelWarn, logSenderSCP, "cannot upload file: %#v, permission denied", uploadFilePath)
c.sendErrorMessage(errPermission)
return errPermission
}
return c.handleUploadFile(p, filePath, sizeToRead, true, 0, c.connection.User.IsFileExcludedFromQuota(uploadFilePath))
return c.handleUploadFile(p, filePath, sizeToRead, true, 0, uploadFilePath)
}
if statErr != nil {
@ -301,7 +306,7 @@ func (c *scpCommand) handleUpload(uploadFilePath string, sizeToRead int64) error
}
}
return c.handleUploadFile(p, filePath, sizeToRead, false, stat.Size(), c.connection.User.IsFileExcludedFromQuota(uploadFilePath))
return c.handleUploadFile(p, filePath, sizeToRead, false, stat.Size(), uploadFilePath)
}
func (c *scpCommand) sendDownloadProtocolMessages(dirPath string, stat os.FileInfo) error {
@ -336,8 +341,8 @@ func (c *scpCommand) sendDownloadProtocolMessages(dirPath string, stat os.FileIn
return err
}
// we send first all the files in the root directory and then the directories
// for each directory we recursively call this method again
// We send first all the files in the root directory and then the directories.
// For each directory we recursively call this method again
func (c *scpCommand) handleRecursiveDownload(dirPath string, stat os.FileInfo) error {
var err error
if c.isRecursive() {

View file

@ -59,16 +59,17 @@ const (
)
var (
mutex sync.RWMutex
openConnections map[string]Connection
activeTransfers []*Transfer
idleTimeout time.Duration
activeQuotaScans []ActiveQuotaScan
dataProvider dataprovider.Provider
actions Actions
uploadMode int
setstatMode int
supportedSSHCommands = []string{"scp", "md5sum", "sha1sum", "sha256sum", "sha384sum", "sha512sum", "cd", "pwd",
mutex sync.RWMutex
openConnections map[string]Connection
activeTransfers []*Transfer
idleTimeout time.Duration
activeQuotaScans []ActiveQuotaScan
activeVFoldersQuotaScan []ActiveVirtualFolderQuotaScan
dataProvider dataprovider.Provider
actions Actions
uploadMode int
setstatMode int
supportedSSHCommands = []string{"scp", "md5sum", "sha1sum", "sha256sum", "sha384sum", "sha512sum", "cd", "pwd",
"git-receive-pack", "git-upload-pack", "git-upload-archive", "rsync"}
defaultSSHCommands = []string{"md5sum", "sha1sum", "cd", "pwd", "scp"}
sshHashCommands = []string{"md5sum", "sha1sum", "sha256sum", "sha384sum", "sha512sum"}
@ -86,7 +87,7 @@ type connectionTransfer struct {
Path string `json:"path"`
}
// ActiveQuotaScan defines an active quota scan
// ActiveQuotaScan defines an active quota scan for a user home dir
type ActiveQuotaScan struct {
// Username to which the quota scan refers
Username string `json:"username"`
@ -94,6 +95,14 @@ type ActiveQuotaScan struct {
StartTime int64 `json:"start_time"`
}
// ActiveVirtualFolderQuotaScan defines an active quota scan for a virtual folder
type ActiveVirtualFolderQuotaScan struct {
// folder path to which the quota scan refers
MappedPath string `json:"mapped_path"`
// quota scan start time as unix timestamp in milliseconds
StartTime int64 `json:"start_time"`
}
// Actions to execute on SFTP create, download, delete and rename.
// An external command can be executed and/or an HTTP notification can be fired
type Actions struct {
@ -278,7 +287,7 @@ func getActiveSessions(username string) int {
return numSessions
}
// GetQuotaScans returns the active quota scans
// GetQuotaScans returns the active quota scans for users home directories
func GetQuotaScans() []ActiveQuotaScan {
mutex.RLock()
defer mutex.RUnlock()
@ -320,8 +329,56 @@ func RemoveQuotaScan(username string) error {
activeQuotaScans[indexToRemove] = activeQuotaScans[len(activeQuotaScans)-1]
activeQuotaScans = activeQuotaScans[:len(activeQuotaScans)-1]
} else {
logger.Warn(logSender, "", "quota scan to remove not found for user: %v", username)
err = fmt.Errorf("quota scan to remove not found for user: %v", username)
err = fmt.Errorf("quota scan to remove not found for user: %#v", username)
logger.Warn(logSender, "", "error: %v", err)
}
return err
}
// GetVFoldersQuotaScans returns the active quota scans for virtual folders
func GetVFoldersQuotaScans() []ActiveVirtualFolderQuotaScan {
mutex.RLock()
defer mutex.RUnlock()
scans := make([]ActiveVirtualFolderQuotaScan, len(activeVFoldersQuotaScan))
copy(scans, activeVFoldersQuotaScan)
return scans
}
// AddVFolderQuotaScan add a virtual folder to the ones with active quota scans.
// Returns false if the folder has a quota scan already running
func AddVFolderQuotaScan(folderPath string) bool {
mutex.Lock()
defer mutex.Unlock()
for _, s := range activeVFoldersQuotaScan {
if s.MappedPath == folderPath {
return false
}
}
activeVFoldersQuotaScan = append(activeVFoldersQuotaScan, ActiveVirtualFolderQuotaScan{
MappedPath: folderPath,
StartTime: utils.GetTimeAsMsSinceEpoch(time.Now()),
})
return true
}
// RemoveVFolderQuotaScan removes a folder from the ones with active quota scans
func RemoveVFolderQuotaScan(folderPath string) error {
mutex.Lock()
defer mutex.Unlock()
var err error
indexToRemove := -1
for i, s := range activeVFoldersQuotaScan {
if s.MappedPath == folderPath {
indexToRemove = i
break
}
}
if indexToRemove >= 0 {
activeVFoldersQuotaScan[indexToRemove] = activeVFoldersQuotaScan[len(activeVFoldersQuotaScan)-1]
activeVFoldersQuotaScan = activeVFoldersQuotaScan[:len(activeVFoldersQuotaScan)-1]
} else {
err = fmt.Errorf("quota scan to remove not found for user: %#v", folderPath)
logger.Warn(logSender, "", "error: %v", err)
}
return err
}

File diff suppressed because it is too large Load diff

View file

@ -28,26 +28,26 @@ var (
// Transfer contains the transfer details for an upload or a download.
// It implements the io Reader and Writer interface to handle files downloads and uploads
type Transfer struct {
file *os.File
writerAt *vfs.PipeWriter
readerAt *pipeat.PipeReaderAt
cancelFn func()
path string
start time.Time
bytesSent int64
bytesReceived int64
user dataprovider.User
connectionID string
transferType int
lastActivity time.Time
protocol string
transferError error
minWriteOffset int64
initialSize int64
lock *sync.Mutex
isNewFile bool
isFinished bool
isExcludedFromQuota bool
file *os.File
writerAt *vfs.PipeWriter
readerAt *pipeat.PipeReaderAt
cancelFn func()
path string
start time.Time
bytesSent int64
bytesReceived int64
user dataprovider.User
connectionID string
transferType int
lastActivity time.Time
protocol string
transferError error
minWriteOffset int64
initialSize int64
lock *sync.Mutex
isNewFile bool
isFinished bool
requestPath string
}
// TransferError is called if there is an unexpected error.
@ -189,11 +189,17 @@ func (t *Transfer) updateQuota(numFiles int) bool {
if t.file == nil && t.transferError != nil {
return false
}
if t.isExcludedFromQuota {
return false
}
if t.transferType == transferUpload && (numFiles != 0 || t.bytesReceived > 0) {
dataprovider.UpdateUserQuota(dataProvider, t.user, numFiles, t.bytesReceived-t.initialSize, false) //nolint:errcheck
vfolder, err := t.user.GetVirtualFolderForPath(t.requestPath)
if err == nil {
dataprovider.UpdateVirtualFolderQuota(dataProvider, vfolder.BaseVirtualFolder, numFiles, //nolint:errcheck
t.bytesReceived-t.initialSize, false)
if vfolder.IsIncludedInUserQuota() {
dataprovider.UpdateUserQuota(dataProvider, t.user, numFiles, t.bytesReceived-t.initialSize, false) //nolint:errcheck
}
} else {
dataprovider.UpdateUserQuota(dataProvider, t.user, numFiles, t.bytesReceived-t.initialSize, false) //nolint:errcheck
}
return true
}
return false

View file

@ -38,7 +38,7 @@
"password": "",
"sslmode": 0,
"connection_string": "",
"users_table": "users",
"sql_tables_prefix": "",
"manage_users": 1,
"track_quota": 2,
"pool_size": 0,

File diff suppressed because one or more lines are too long

View file

@ -1,81 +0,0 @@
{
"_from": "@fortawesome/fontawesome-free@5.10.2",
"_id": "@fortawesome/fontawesome-free@5.10.2",
"_inBundle": false,
"_integrity": "sha512-9pw+Nsnunl9unstGEHQ+u41wBEQue6XPBsILXtJF/4fNN1L3avJcMF/gGF86rIjeTAgfLjTY9ndm68/X4f4idQ==",
"_location": "/@fortawesome/fontawesome-free",
"_phantomChildren": {},
"_requested": {
"type": "version",
"registry": true,
"raw": "@fortawesome/fontawesome-free@5.10.2",
"name": "@fortawesome/fontawesome-free",
"escapedName": "@fortawesome%2ffontawesome-free",
"scope": "@fortawesome",
"rawSpec": "5.10.2",
"saveSpec": null,
"fetchSpec": "5.10.2"
},
"_requiredBy": [
"/"
],
"_resolved": "https://registry.npmjs.org/@fortawesome/fontawesome-free/-/fontawesome-free-5.10.2.tgz",
"_shasum": "27e02da1e34b50c9869179d364fb46627b521130",
"_spec": "@fortawesome/fontawesome-free@5.10.2",
"_where": "/Users/DANGER_DAVID/Sites/startbootstrap-themes/startbootstrap-sb-admin-2",
"author": {
"name": "Dave Gandy",
"email": "dave@fontawesome.com",
"url": "http://twitter.com/davegandy"
},
"bugs": {
"url": "http://github.com/FortAwesome/Font-Awesome/issues"
},
"bundleDependencies": false,
"contributors": [
{
"name": "Brian Talbot",
"url": "http://twitter.com/talbs"
},
{
"name": "Travis Chase",
"url": "http://twitter.com/supercodepoet"
},
{
"name": "Rob Madole",
"url": "http://twitter.com/robmadole"
},
{
"name": "Geremia Taglialatela",
"url": "http://twitter.com/gtagliala"
},
{
"name": "Mike Wilkerson",
"url": "http://twitter.com/mw77"
}
],
"dependencies": {},
"deprecated": false,
"description": "The iconic font, CSS, and SVG framework",
"engines": {
"node": ">=6"
},
"homepage": "https://fontawesome.com",
"keywords": [
"font",
"awesome",
"fontawesome",
"icon",
"svg",
"bootstrap"
],
"license": "(CC-BY-4.0 AND OFL-1.1 AND MIT)",
"main": "js/fontawesome.js",
"name": "@fortawesome/fontawesome-free",
"repository": {
"type": "git",
"url": "git+https://github.com/FortAwesome/Font-Awesome.git"
},
"style": "css/fontawesome.css",
"version": "5.10.2"
}

View file

@ -0,0 +1 @@
<svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path d="M464 128H272l-64-64H48C21.49 64 0 85.49 0 112v288c0 26.51 21.49 48 48 48h416c26.51 0 48-21.49 48-48V176c0-26.51-21.49-48-48-48z"/></svg>

After

Width:  |  Height:  |  Size: 207 B

View file

@ -1,12 +1,12 @@
<?xml version="1.0" standalone="no"?>
<!--
Font Awesome Free 5.10.2 by @fontawesome - https://fontawesome.com
Font Awesome Free 5.13.0 by @fontawesome - https://fontawesome.com
License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License)
-->
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd" >
<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1">
<metadata>
Created by FontForge 20190801 at Thu Aug 22 14:41:09 2019
Created by FontForge 20190801 at Mon Mar 23 10:45:51 2020
By Robert Madole
Copyright (c) Font Awesome
</metadata>
@ -23,15 +23,15 @@ Copyright (c) Font Awesome
bbox="-0.983398 -64.9834 640.104 448.427"
underline-thickness="25"
underline-position="-50"
unicode-range="U+0020-F897"
unicode-range="U+0020-F976"
/>
<missing-glyph />
<glyph glyph-name="glass-martini" unicode="&#xf000;"
d="M502.05 390.4l-214.05 -214.04v-192.36h56c22.0898 0 40 -17.9102 40 -40c0 -4.41992 -3.58008 -8 -8 -8h-240c-4.41992 0 -8 3.58008 -8 8c0 22.0898 17.9102 40 40 40h56v192.36l-214.05 214.04c-21.25 21.2598 -6.2002 57.5996 23.8496 57.5996h444.4
c30.0498 0 45.0996 -36.3398 23.8496 -57.5996z" />
<glyph glyph-name="music" unicode="&#xf001;"
d="M511.99 415.99l0.00976562 -351.99c0 -35.3496 -42.9805 -64 -96 -64s-96 28.6504 -96 64s42.9805 64 96 64c11.2803 0 21.9502 -1.54004 32 -3.91992v184.63l-256 -75.0195v-233.69c0 -35.3496 -42.9805 -64 -96 -64s-96 28.6504 -96 64s42.9805 64 96 64
c11.2803 0 21.9502 -1.54004 32 -3.91992v261.42c0 14 9.09961 26.2998 22.4004 30.5l319.989 94.5c20.5 6.5 41.6006 -8.7998 41.6006 -30.5098z" />
d="M470.38 446.49c2.59277 0.816406 6.90234 1.48047 9.62012 1.48047c17.6475 0 31.9834 -14.3232 32 -31.9707v-352c0 -35.3496 -43 -64 -96 -64s-96 28.6602 -96 64s43 64 96 64c8.95898 -0.0488281 23.2949 -1.80957 32 -3.92969v184.609l-256 -75v-233.68
c0 -35.3398 -43 -64 -96 -64s-96 28.6602 -96 64s43 64 96 64c8.95801 -0.0507812 23.2939 -1.80664 32 -3.91992v261.41c0.0078125 12.958 10.0479 26.626 22.4102 30.5098z" />
<glyph glyph-name="search" unicode="&#xf002;"
d="M505 5.2998c9.2998 -9.39941 9.2998 -24.5996 -0.0996094 -34l-28.3008 -28.2998c-9.2998 -9.40039 -24.5 -9.40039 -33.8994 0l-99.7002 99.7002c-4.5 4.5 -7 10.5996 -7 17v16.2998c-35.2998 -27.5996 -79.7002 -44 -128 -44c-114.9 0 -208 93.0996 -208 208
s93.0996 208 208 208s208 -93.0996 208 -208c0 -48.2998 -16.4004 -92.7002 -44 -128h16.2998c6.40039 0 12.5 -2.5 17 -7zM208 112c70.7998 0 128 57.2998 128 128c0 70.7998 -57.2998 128 -128 128c-70.7998 0 -128 -57.2998 -128 -128c0 -70.7998 57.2998 -128 128 -128z
@ -108,8 +108,8 @@ c-1.84863 1.49023 -5.27539 2.69922 -7.65039 2.69922c-2.37402 0 -5.80078 -1.20898
c-1.52051 1.83789 -2.75488 5.26562 -2.75488 7.65039c0 3.11914 1.95117 7.2627 4.35449 9.25l253.13 208.47c7.33594 6.03613 21 10.9355 30.5 10.9355c9.50098 0 23.1641 -4.89941 30.5 -10.9355l89.5303 -73.6602v72.6104c0 6.62402 5.37598 12 12 12h56
c6.62402 0 12 -5.37598 12 -12v-138.51z" />
<glyph glyph-name="clock" unicode="&#xf017;"
d="M256 440c137 0 248 -111 248 -248s-111 -248 -248 -248s-248 111 -248 248s111 248 248 248zM313.1 89.9004c5.40039 -3.90039 12.9004 -2.7002 16.8008 2.59961l28.1992 38.7998c3.90039 5.40039 2.80078 12.9004 -2.59961 16.7998l-63.5 46.2002v137.7
c0 6.59961 -5.40039 12 -12 12h-48c-6.59961 0 -12 -5.40039 -12 -12v-168.3c0 -3.7998 1.7998 -7.40039 4.90039 -9.7002z" />
d="M256 440c137 0 248 -111 248 -248s-111 -248 -248 -248s-248 111 -248 248s111 248 248 248zM348.49 127c1.94043 2.4209 3.51465 6.90332 3.51465 10.0059c0 4.24512 -2.69043 9.84277 -6.00488 12.4941l-58 42.5v144c0 8.83203 -7.16797 16 -16 16h-32
c-8.83203 0 -16 -7.16797 -16 -16v-155.55v-0.00488281c0 -10.6074 6.71973 -24.5957 15 -31.2256l67 -49.7197v0c2.41895 -1.93555 6.89746 -3.50586 9.99512 -3.50586c4.24512 0 9.84277 2.69043 12.4951 6.00586l20 25v0z" />
<glyph glyph-name="road" unicode="&#xf018;" horiz-adv-x="576"
d="M573.19 45.3301c9.25977 -21.1904 -5.5 -45.3301 -27.7305 -45.3301h-196.84l-10.3105 97.6797c-0.859375 8.14062 -7.71973 14.3203 -15.9092 14.3203h-68.8008c-8.18945 0 -15.0498 -6.17969 -15.9092 -14.3203l-10.3105 -97.6797h-196.84
c-22.2305 0 -36.9902 24.1396 -27.7402 45.3301l139.79 320c4.96973 11.3799 15.7998 18.6699 27.7305 18.6699h97.5898l-2.4502 -23.1602c-0.5 -4.71973 3.20996 -8.83984 7.95996 -8.83984h29.1602c4.75 0 8.45996 4.12012 7.95996 8.83984l-2.4502 23.1602h97.5898
@ -834,9 +834,10 @@ c22.4004 26.7998 55.2998 42.2002 90.2002 42.2002s67.7998 -15.4004 90.2002 -42.20
d="M248 440c137 0 248 -111 248 -248s-111 -248 -248 -248s-248 111 -248 248s111 248 248 248zM168 272c-17.7002 0 -32 -14.2998 -32 -32s14.2998 -32 32 -32s32 14.2998 32 32s-14.2998 32 -32 32zM344 80c21.2002 0 21.2002 32 0 32h-192c-21.2002 0 -21.2002 -32 0 -32
h192zM328 208c17.7002 0 32 14.2998 32 32s-14.2998 32 -32 32s-32 -14.2998 -32 -32s14.2998 -32 32 -32z" />
<glyph glyph-name="gamepad" unicode="&#xf11b;" horiz-adv-x="640"
d="M480 352c88.4004 0 159.9 -71.5996 159.9 -160s-71.6006 -160 -160 -160c-44.7002 0 -85.2002 18.4004 -114.2 48h-91.5c-29 -29.5996 -69.4004 -48 -114.2 -48c-88.4004 0 -160 71.5996 -160 160s71.5996 160 160 160h320zM256 172v40c0 6.59961 -5.40039 12 -12 12h-52
v52c0 6.59961 -5.40039 12 -12 12h-40c-6.59961 0 -12 -5.40039 -12 -12v-52h-52c-6.59961 0 -12 -5.40039 -12 -12v-40c0 -6.59961 5.40039 -12 12 -12h52v-52c0 -6.59961 5.40039 -12 12 -12h40c6.59961 0 12 5.40039 12 12v52h52c6.59961 0 12 5.40039 12 12zM440 104
c26.5 0 48 21.5 48 48s-21.5 48 -48 48s-48 -21.5 -48 -48s21.5 -48 48 -48zM520 184c26.5 0 48 21.5 48 48s-21.5 48 -48 48s-48 -21.5 -48 -48s21.5 -48 48 -48z" />
d="M480.07 352c88.2939 -0.0263672 159.952 -71.7061 159.952 -160c0 -88.3203 -71.6797 -160 -160 -160c-37.1016 0 -88.291 21.5039 -114.263 48h-91.5195c-25.9717 -26.4961 -77.1611 -48 -114.263 -48c-88.3203 0 -160 71.6797 -160 160s71.6797 160 160 160h0.0224609
h320.07zM248 180v24c0 6.62402 -5.37598 12 -12 12h-52v52c0 6.62402 -5.37598 12 -12 12h-24c-6.62402 0 -12 -5.37598 -12 -12v-52h-52c-6.62402 0 -12 -5.37598 -12 -12v-24c0 -6.62402 5.37598 -12 12 -12h52v-52c0 -6.62402 5.37598 -12 12 -12h24
c6.62402 0 12 5.37598 12 12v52h52c6.62402 0 12 5.37598 12 12zM464 104c22.0801 0 40 17.9199 40 40s-17.9199 40 -40 40s-40 -17.9199 -40 -40s17.9199 -40 40 -40zM528 200c22.0801 0 40 17.9199 40 40s-17.9199 40 -40 40s-40 -17.9199 -40 -40s17.9199 -40 40 -40z
" />
<glyph glyph-name="keyboard" unicode="&#xf11c;" horiz-adv-x="576"
d="M528 0h-480c-26.5098 0 -48 21.4902 -48 48v288c0 26.5098 21.4902 48 48 48h480c26.5098 0 48 -21.4902 48 -48v-288c0 -26.5098 -21.4902 -48 -48 -48zM128 268v40c0 6.62695 -5.37305 12 -12 12h-40c-6.62695 0 -12 -5.37305 -12 -12v-40
c0 -6.62695 5.37305 -12 12 -12h40c6.62695 0 12 5.37305 12 12zM224 268v40c0 6.62695 -5.37305 12 -12 12h-40c-6.62695 0 -12 -5.37305 -12 -12v-40c0 -6.62695 5.37305 -12 12 -12h40c6.62695 0 12 5.37305 12 12zM320 268v40c0 6.62695 -5.37305 12 -12 12h-40
@ -932,10 +933,10 @@ c0 -13.2549 -10.7451 -24 -24 -24h-144c-13.2549 0 -24 10.7451 -24 24v246.795c0 44
c-12.3066 4.92285 -18.293 18.8906 -13.3701 31.1973c14.668 36.6709 38.0107 77.833 90.0498 90.8838c-14.1406 36.5273 12.793 76.2031 52.2275 76.2031c37.4463 0 64.3525 -36.1084 53.668 -72h58.332c0 4.2002 -1.30664 15.7822 10.0273 17.6709zM144 376
c8.82227 0 16 7.17773 16 16s-7.17773 16 -16 16s-16 -7.17773 -16 -16s7.17773 -16 16 -16z" />
<glyph glyph-name="rocket" unicode="&#xf135;"
d="M505.05 428.9c6.9502 -32.2002 6.9502 -57.4004 6.85059 -82.6006c0 -102.689 -55.4102 -164.79 -128 -211.09v-104.41v-0.0400391c0 -16.3516 -11.8721 -35.5527 -26.5 -42.8594l-98.7002 -49.3906c-2.79004 -1.38965 -7.58398 -2.5166 -10.7002 -2.5166
c-13.248 0 -24 10.752 -24 24v0.00683594v103.84l-22.4697 -22.4697c-5.17383 -5.1748 -15.3125 -9.375 -22.6299 -9.375c-7.31836 0 -17.4561 4.2002 -22.6309 9.375l-50.8994 50.9102c-5.17285 5.17285 -9.37012 15.3096 -9.37012 22.625s4.19727 17.4512 9.37012 22.625
l22.4697 22.4697h-103.77h-0.0126953c-13.248 0 -24 10.752 -24 24c0 3.12012 1.12988 7.91797 2.52246 10.71l49.4199 98.7998c7.32324 14.6094 26.5283 26.4766 42.8701 26.4902h104.2c46.1895 72.7998 108.09 128 211.29 128c25.0996 0 50.29 0 82.4893 -6.90039
c5.54395 -1.19043 11.0098 -6.65527 12.2002 -12.1992zM384 280c22.0801 0 40 17.9199 40 40s-17.9199 40 -40 40s-40 -17.9199 -40 -40s17.9199 -40 40 -40z" />
d="M505.12 428.906c6.95508 -32.2031 6.95508 -57.4062 6.86133 -82.6094c0 -102.688 -55.4375 -164.781 -128.035 -211.094v-104.438c0 -16.3594 -11.8789 -35.5625 -26.5078 -42.8594l-98.7275 -49.3906c-2.81934 -1.27441 -7.61621 -2.40137 -10.707 -2.51562
c-13.2471 0.00195312 -24.002 10.7539 -24.0059 24v103.844l-22.4746 -22.4688c-13.1211 -13.1562 -34.1211 -11.1875 -45.2773 0l-50.9043 50.9062c-12.9961 12.9922 -11.3652 33.8887 0 45.25l22.4746 22.4688h-103.811c-13.2461 0.00195312 -24.001 10.7539 -24.0059 24
c0.111328 3.09082 1.23828 7.88574 2.51562 10.7031l49.4355 98.8125c7.33008 14.6094 26.5391 26.4688 42.8867 26.4844h104.215c46.2168 72.7969 108.122 128 211.354 128c25.0996 0 50.3086 0 82.5059 -6.90625c5.54883 -1.1875 11.0176 -6.65625 12.207 -12.1875z
M384.04 280c22.0732 0.0078125 39.9971 17.9277 40.0098 40c0 22.0801 -17.9199 40 -40 40s-40 -17.9199 -40 -40c0 -22.0742 17.916 -39.9951 39.9902 -40z" />
<glyph glyph-name="chevron-circle-left" unicode="&#xf137;"
d="M256 -56c-137 0 -248 111 -248 248s111 248 248 248s248 -111 248 -248s-111 -248 -248 -248zM142.1 175l135.5 -135.5c9.40039 -9.40039 24.6006 -9.40039 33.9004 0l17 17c9.40039 9.40039 9.40039 24.5996 0 33.9004l-101.6 101.6l101.6 101.6
c9.40039 9.40039 9.40039 24.6006 0 33.9004l-17 17c-9.40039 9.40039 -24.5996 9.40039 -33.9004 0l-135.5 -135.5c-9.39941 -9.40039 -9.39941 -24.5996 0 -34z" />
@ -1159,11 +1160,11 @@ c10.9004 -8.7998 22.8008 -17.0996 35.4004 -24.8994c5.7998 -3.5 13.2998 -1.60059
c6.59961 0 12 5.40039 12 12zM0 328c0 13.2998 10.7002 24 24 24h280v-320h-280c-13.2998 0 -24 10.7002 -24 24v272zM58.9004 111.9c-2.60059 -7.80078 3.19922 -15.9004 11.3994 -15.9004h22.9004c5.2998 0 10 3.59961 11.5 8.7002l9.09961 31.7998h60.2002
l9.40039 -31.9004c1.40137 -4.74316 6.55273 -8.59668 11.5 -8.59961h22.8994c8.2998 0 14 8.09961 11.4004 15.9004l-57.5 169.1c-1.7002 4.7998 -6.2998 8.09961 -11.4004 8.09961h-32.5c-5.2002 0 -9.7002 -3.19922 -11.3994 -8.09961z" />
<glyph glyph-name="fax" unicode="&#xf1ac;"
d="M64 320c17.6699 0 32 -14.3301 32 -32v-320c0 -17.6699 -14.3301 -32 -32 -32h-32c-17.6699 0 -32 14.3301 -32 32v320c0 17.6699 14.3301 32 32 32h32zM480 288c17.6699 0 32 -14.3301 32 -32v-288c0 -17.6699 -14.3301 -32 -32 -32h-320c-17.6699 0 -32 14.3301 -32 32
v448c0 17.6699 14.3301 32 32 32h242.74c8.49023 0 16.6299 -3.37012 22.6299 -9.37012l45.2598 -45.25c6 -6.00977 9.37012 -14.1396 9.37012 -22.6299v-82.75zM288 16v32c0 8.83984 -7.16016 16 -16 16h-32c-8.83984 0 -16 -7.16016 -16 -16v-32
c0 -8.83984 7.16016 -16 16 -16h32c8.83984 0 16 7.16016 16 16zM288 144v32c0 8.83984 -7.16016 16 -16 16h-32c-8.83984 0 -16 -7.16016 -16 -16v-32c0 -8.83984 7.16016 -16 16 -16h32c8.83984 0 16 7.16016 16 16zM416 16v32c0 8.83984 -7.16016 16 -16 16h-32
c-8.83984 0 -16 -7.16016 -16 -16v-32c0 -8.83984 7.16016 -16 16 -16h32c8.83984 0 16 7.16016 16 16zM416 144v32c0 8.83984 -7.16016 16 -16 16h-32c-8.83984 0 -16 -7.16016 -16 -16v-32c0 -8.83984 7.16016 -16 16 -16h32c8.83984 0 16 7.16016 16 16zM432 256v96h-32
c-8.83984 0 -16 7.16016 -16 16v32h-208v-144h256z" />
d="M480 288c17.6641 0 32 -14.3359 32 -32v-288c0 -17.6641 -14.3359 -32 -32 -32h-320c-17.6641 0 -32 14.3359 -32 32v448c0 17.6641 14.3359 32 32 32h242.75c7.31348 -0.000976562 17.4473 -4.19922 22.6201 -9.37012l45.25 -45.25
c5.17676 -5.17285 9.37891 -15.3115 9.37988 -22.6299v-82.75zM288 16v32c0 8.83203 -7.16797 16 -16 16h-32c-8.83203 0 -16 -7.16797 -16 -16v-32c0 -8.83203 7.16797 -16 16 -16h32c8.83203 0 16 7.16797 16 16zM288 144v32c0 8.83203 -7.16797 16 -16 16h-32
c-8.83203 0 -16 -7.16797 -16 -16v-32c0 -8.83203 7.16797 -16 16 -16h32c8.83203 0 16 7.16797 16 16zM416 16v32c0 8.83203 -7.16797 16 -16 16h-32c-8.83203 0 -16 -7.16797 -16 -16v-32c0 -8.83203 7.16797 -16 16 -16h32c8.83203 0 16 7.16797 16 16zM416 144v32
c0 8.83203 -7.16797 16 -16 16h-32c-8.83203 0 -16 -7.16797 -16 -16v-32c0 -8.83203 7.16797 -16 16 -16h32c8.83203 0 16 7.16797 16 16zM416 256v64h-48c-8.83203 0 -16 7.16797 -16 16v48h-160v-128h224zM64 320c17.6641 0 32 -14.3359 32 -32v-320
c0 -17.6641 -14.3359 -32 -32 -32h-32c-17.6641 0 -32 14.3359 -32 32v320c0 17.6641 14.3359 32 32 32h32z" />
<glyph glyph-name="building" unicode="&#xf1ad;" horiz-adv-x="448"
d="M436 -32c6.62695 0 12 -5.37305 12 -12v-20h-448v20c0 6.62695 5.37305 12 12 12h20v456c0 13.2549 10.7451 24 24 24h336c13.2549 0 24 -10.7451 24 -24v-456h20zM128 372v-40c0 -6.62695 5.37305 -12 12 -12h40c6.62695 0 12 5.37305 12 12v40
c0 6.62695 -5.37305 12 -12 12h-40c-6.62695 0 -12 -5.37305 -12 -12zM128 276v-40c0 -6.62695 5.37305 -12 12 -12h40c6.62695 0 12 5.37305 12 12v40c0 6.62695 -5.37305 12 -12 12h-40c-6.62695 0 -12 -5.37305 -12 -12zM180 128c6.62695 0 12 5.37305 12 12v40
@ -1331,8 +1332,8 @@ d="M416 400v-48h-96v48c0 8.83984 7.16016 16 16 16h64c8.83984 0 16 -7.16016 16 -1
c3.45996 129.78 61.4004 150.16 63.9102 244.01zM448.09 288.01c2.50977 -93.8496 60.4502 -114.229 63.9102 -244.01v-44c0 -17.6699 -14.3301 -32 -32 -32h-96c-17.6699 0 -32 14.3301 -32 32v160h-32v160h96.1602c17.6299 0 31.4502 -14.3701 31.9297 -31.9902zM176 416
c8.83984 0 16 -7.16016 16 -16v-48h-96v48c0 8.83984 7.16016 16 16 16h64zM224 160v160h64v-160h-64z" />
<glyph glyph-name="plug" unicode="&#xf1e6;" horiz-adv-x="384"
d="M256 304v112c0 17.6729 14.3271 32 32 32s32 -14.3271 32 -32v-112h-64zM368 288c8.83691 0 16 -7.16309 16 -16v-32c0 -8.83691 -7.16309 -16 -16 -16h-16v-32c0 -77.4062 -54.9688 -141.971 -128 -156.796v-99.2041h-64v99.2041
c-73.0312 14.8252 -128 79.3896 -128 156.796v32h-16c-8.83691 0 -16 7.16309 -16 16v32c0 8.83691 7.16309 16 16 16h352zM128 304h-64v112c0 17.6729 14.3271 32 32 32s32 -14.3271 32 -32v-112z" />
d="M320 416v-96h-64v96c0 17.6641 14.3359 32 32 32s32 -14.3359 32 -32zM368 288c8.83203 0 16 -7.16797 16 -16v-32c0 -8.83203 -7.16797 -16 -16 -16h-16v-32c-0.0107422 -72.1074 -57.3555 -142.354 -128 -156.8v-99.2002h-64v99.2002
c-70.6445 14.4463 -127.989 84.6924 -128 156.8v32h-16c-8.83203 0 -16 7.16797 -16 16v32c0 8.83203 7.16797 16 16 16h352zM128 416v-96h-64v96c0 17.6641 14.3359 32 32 32s32 -14.3359 32 -32z" />
<glyph glyph-name="newspaper" unicode="&#xf1ea;" horiz-adv-x="576"
d="M552 384c13.2549 0 24 -10.7451 24 -24v-312c0 -26.5098 -21.4902 -48 -48 -48h-472c-30.9277 0 -56 25.0723 -56 56v272c0 13.2549 10.7451 24 24 24h40v8c0 13.2549 10.7451 24 24 24h464zM56 48c4.41602 0 8 3.58398 8 8v248h-16v-248c0 -4.41602 3.58398 -8 8 -8z
M292 64c6.62695 0 12 5.37305 12 12v8c0 6.62695 -5.37305 12 -12 12h-152c-6.62695 0 -12 -5.37305 -12 -12v-8c0 -6.62695 5.37305 -12 12 -12h152zM500 64c6.62695 0 12 5.37305 12 12v8c0 6.62695 -5.37305 12 -12 12h-152c-6.62695 0 -12 -5.37305 -12 -12v-8
@ -1625,10 +1626,12 @@ d="M384 -32v61.4609c0 7.28906 -4.99707 16.3711 -11.1543 20.2734l-111.748 70.8105
c11.7754 0 25.0088 8.82227 29.5371 19.6924l21.4102 51.3848c4.94141 11.8555 -3.77051 24.9229 -16.6143 24.9229h-229.981c-30.9277 0 -56 25.0723 -56 56v16c0 13.2549 10.7451 24 24 24h333.544c14.6035 0 32.7852 -10.0205 40.583 -22.3682l163.04 -258.146
c8.1875 -12.9639 14.833 -35.9297 14.833 -51.2627v-0.000976562v-116.222h-192z" />
<glyph glyph-name="hand-spock" unicode="&#xf259;"
d="M481.3 350.9c21.4004 -5.10059 34.7002 -26.7002 29.7002 -48.2002l-36.2998 -152.5c-1.7002 -7.2002 -2.60059 -14.7002 -2.60059 -22.2002v-42c0 -9.2998 -1.39941 -18.4004 -4 -27.2998l-26.1992 -88.2998c-6 -20.4004 -24.7002 -34.4004 -46 -34.4004h-216.7
c-12.2002 0 -24 4.59961 -32.9004 13l-133.7 125.9c-16.0996 15.0996 -16.7998 40.3994 -1.69922 56.5c15.0996 16.0996 40.3994 16.7998 56.5 1.69922l60.5996 -57v79.4004l-39 171.6c-4.90039 21.6006 8.59961 43 30.0996 47.9004
c21.6006 4.90039 43 -8.59961 47.9004 -30.0996l34.7998 -152.801h9.7998l-47.5996 207c-5 21.5 8.5 43 30 47.9004c21.5996 4.90039 43 -8.5 48 -30.0996l51.7002 -224.9h15.0996l48.4004 193.7c5.39941 21.3994 27.0996 34.5 48.5 29.0996
c21.3994 -5.39941 34.5 -27.0996 29.0996 -48.5l-43.5996 -174.3h11.0996l30.7998 129.3c5.10059 21.4004 26.7002 34.7002 48.2002 29.6006z" />
d="M510.9 302.729l-68.2969 -286.823c-10.502 -44.1084 -55.8252 -79.9062 -101.166 -79.9062h-127.363c-29.7637 0 -71.5107 16.5547 -93.1855 36.9531l-108.298 101.92c-6.92383 6.53418 -12.542 19.5635 -12.542 29.083c0 22.0762 17.916 39.9922 39.9922 39.9922
c8.7334 0 20.9922 -4.84961 27.3623 -10.8252l60.5928 -57.0254v0c0 22.6758 -5.22852 58.7256 -11.6699 80.4668l-42.6885 144.075c-0.90918 3.06934 -1.64746 8.1582 -1.64746 11.3594c0 22.083 17.9229 40.0059 40.0059 40.0059
c16.4922 0 33.6768 -12.833 38.3594 -28.6465l37.1543 -125.395c0.975586 -3.29199 4.55469 -5.96484 7.98828 -5.96484c4.59863 0 8.33105 3.73242 8.33105 8.33105c0 0.582031 -0.117188 1.51172 -0.262695 2.0752l-50.3047 195.641
c-0.696289 2.70703 -1.26172 7.17285 -1.26172 9.96875c0 22.0781 17.918 39.9961 39.9961 39.9961c17.1152 0 34.4678 -13.4521 38.7344 -30.0273l56.0947 -218.158c1.11035 -4.31934 5.63184 -7.82617 10.0918 -7.82617c4.69238 0 9.26562 3.73047 10.208 8.32715
l37.6826 183.704c3.6416 17.6387 21.2139 31.9541 39.2246 31.9541c3.41309 0 8.82422 -0.835938 12.0781 -1.86426c19.8604 -6.2998 30.8623 -27.6738 26.6758 -48.085l-33.8389 -164.967c-0.0849609 -0.414062 -0.154297 -1.09375 -0.154297 -1.51758
c0 -4.16797 3.38281 -7.55176 7.55176 -7.55176c3.29297 0 6.58398 2.59961 7.34668 5.80273l29.3975 123.459c4.03906 16.9619 21.4688 30.7285 38.9053 30.7285c22.0771 0 39.9941 -17.917 39.9941 -39.9941c0 -2.59277 -0.487305 -6.74316 -1.08789 -9.26562z" />
<glyph glyph-name="hand-pointer" unicode="&#xf25a;" horiz-adv-x="448"
d="M448 208v-96c0 -3.08398 -0.356445 -6.15918 -1.06348 -9.16211l-32 -136c-4.25098 -18.0684 -20.375 -30.8379 -38.9365 -30.8379h-208c-11.2432 0 -25.7363 7.37988 -32.3496 16.4727l-127.997 176c-12.9932 17.8662 -9.04297 42.8838 8.82129 55.876
c17.8672 12.9941 42.8848 9.04297 55.877 -8.82227l31.6484 -43.5186v275.992c0 22.0908 17.9082 40 40 40s40 -17.9092 40 -40v-200h8v40c0 22.0908 17.9082 40 40 40s40 -17.9092 40 -40v-40h8v24c0 22.0908 17.9082 40 40 40s40 -17.9092 40 -40v-24h8
@ -1648,8 +1651,8 @@ d="M285.363 240.525c0 -18.6006 -9.83105 -28.4316 -28.4316 -28.4316h-29.876v56.14
M363.411 87.5859c-46.7295 84.8252 -43.2988 78.6357 -44.7021 80.9805c23.4316 15.1719 37.9453 42.9785 37.9453 74.4854c0 54.2441 -31.5 89.252 -105.498 89.252h-70.667c-13.2549 0 -24 -10.7451 -24 -24v-232.304c0 -13.2549 10.7451 -24 24 -24h22.5664
c13.2549 0 24 10.7451 24 24v71.6631h25.5566l44.1289 -82.9375c3.73828 -7.02441 13.2305 -12.7266 21.1875 -12.7266h24.4639c18.2617 0.000976562 29.8291 19.5908 21.0186 35.5869z" />
<glyph glyph-name="tv" unicode="&#xf26c;" horiz-adv-x="640"
d="M592 448c26.5 0 48 -21.5 48 -48v-320c0 -26.5 -21.5 -48 -48 -48h-234.9v-32h160c17.7002 0 32 -14.2998 32 -32s-14.2998 -32 -32 -32h-384c-17.6992 0 -32 14.2998 -32 32s14.3008 32 32 32h160v32h-245.1c-26.5 0 -48 21.5 -48 48v320c0 26.5 21.5 48 48 48h544z
M576 96v288h-512v-288h512z" />
d="M592 448c26.4961 0 48 -21.5039 48 -48v-320c0 -26.4961 -21.5039 -48 -48 -48h-240v-32h176c8.83203 0 16 -7.16797 16 -16v-32c0 -8.83203 -7.16797 -16 -16 -16h-416c-8.83203 0 -16 7.16797 -16 16v32c0 8.83203 7.16797 16 16 16h176v32h-240
c-26.4961 0 -48 21.5039 -48 48v320c0 26.4961 21.5039 48 48 48h544zM576 96v288h-512v-288h512z" />
<glyph glyph-name="calendar-plus" unicode="&#xf271;" horiz-adv-x="448"
d="M436 288h-424c-6.59961 0 -12 5.40039 -12 12v36c0 26.5 21.5 48 48 48h48v52c0 6.59961 5.40039 12 12 12h40c6.59961 0 12 -5.40039 12 -12v-52h128v52c0 6.59961 5.40039 12 12 12h40c6.59961 0 12 -5.40039 12 -12v-52h48c26.5 0 48 -21.5 48 -48v-36
c0 -6.59961 -5.40039 -12 -12 -12zM12 256h424c6.59961 0 12 -5.40039 12 -12v-260c0 -26.5 -21.5 -48 -48 -48h-352c-26.5 0 -48 21.5 -48 48v260c0 6.59961 5.40039 12 12 12zM328 116c0 6.59961 -5.40039 12 -12 12h-60v60c0 6.59961 -5.40039 12 -12 12h-40
@ -1844,20 +1847,23 @@ d="M192 64c0 -35.3457 -28.6543 -64 -64 -64s-64 28.6543 -64 64s28.6543 64 64 64s6
c-70.3018 0.488281 -127.448 58.3613 -127.089 128.664c0.164062 32.1982 12.2227 61.5781 31.998 83.9863v203.347c0 53.0186 42.9814 96 96 96s96 -42.9814 96 -96v-203.347zM208 64c0 34.3389 -19.3701 52.1904 -32 66.502v221.498c0 26.4668 -21.5332 48 -48 48
s-48 -21.5332 -48 -48v-221.498c-12.7324 -14.4277 -31.8252 -32.0996 -31.999 -66.0801c-0.223633 -43.876 35.5635 -80.1162 79.4229 -80.4199l0.576172 -0.00195312c44.1123 0 80 35.8877 80 80z" />
<glyph glyph-name="shower" unicode="&#xf2cc;"
d="M389.66 312.4l-158.061 -158.061c-9.36914 -9.37012 -24.5693 -9.37012 -33.9395 0l-11.3203 11.3203c-9.37012 9.37012 -9.37012 24.5703 0 33.9395l0.110352 0.110352c-34.0303 40.21 -35.1602 98.9404 -3.39062 140.38
c-11.9697 7.5498 -26.1396 11.9102 -41.2998 11.9102c-42.8799 0 -77.7598 -34.8799 -77.7598 -77.7598v-306.24h-64v306.24c0 78.1699 63.5898 141.76 141.76 141.76c36.9307 0 70.6104 -14.2002 95.8604 -37.4199c35.8994 11.5098 76.5 4.5 106.67 -21.0303
l0.110352 0.110352c9.36914 9.37012 24.5693 9.37012 33.9395 0l11.3203 -11.3203c9.37012 -9.37012 9.37012 -24.5703 0 -33.9395zM384 240c0 -8.83691 -7.16309 -16 -16 -16s-16 7.16309 -16 16s7.16309 16 16 16s16 -7.16309 16 -16zM416 240c0 8.83691 7.16309 16 16 16
s16 -7.16309 16 -16s-7.16309 -16 -16 -16s-16 7.16309 -16 16zM512 240c0 -8.83691 -7.16309 -16 -16 -16s-16 7.16309 -16 16s7.16309 16 16 16s16 -7.16309 16 -16zM352 208c0 -8.83691 -7.16309 -16 -16 -16s-16 7.16309 -16 16s7.16309 16 16 16s16 -7.16309 16 -16z
M400 224c8.83691 0 16 -7.16309 16 -16s-7.16309 -16 -16 -16s-16 7.16309 -16 16s7.16309 16 16 16zM480 208c0 -8.83691 -7.16309 -16 -16 -16s-16 7.16309 -16 16s7.16309 16 16 16s16 -7.16309 16 -16zM320 176c0 -8.83691 -7.16309 -16 -16 -16s-16 7.16309 -16 16
s7.16309 16 16 16s16 -7.16309 16 -16zM352 176c0 8.83691 7.16309 16 16 16s16 -7.16309 16 -16s-7.16309 -16 -16 -16s-16 7.16309 -16 16zM448 176c0 -8.83691 -7.16309 -16 -16 -16s-16 7.16309 -16 16s7.16309 16 16 16s16 -7.16309 16 -16zM320 144
c0 8.83691 7.16309 16 16 16s16 -7.16309 16 -16s-7.16309 -16 -16 -16s-16 7.16309 -16 16zM416 144c0 -8.83691 -7.16309 -16 -16 -16s-16 7.16309 -16 16s7.16309 16 16 16s16 -7.16309 16 -16zM320 112c0 -8.83691 -7.16309 -16 -16 -16s-16 7.16309 -16 16
s7.16309 16 16 16s16 -7.16309 16 -16zM384 112c0 -8.83691 -7.16309 -16 -16 -16s-16 7.16309 -16 16s7.16309 16 16 16s16 -7.16309 16 -16zM352 80c0 -8.83691 -7.16309 -16 -16 -16s-16 7.16309 -16 16s7.16309 16 16 16s16 -7.16309 16 -16zM320 48
c0 -8.83691 -7.16309 -16 -16 -16s-16 7.16309 -16 16s7.16309 16 16 16s16 -7.16309 16 -16z" />
d="M304 128c8.83203 0 16 -7.16797 16 -16s-7.16797 -16 -16 -16s-16 7.16797 -16 16s7.16797 16 16 16zM336 224c8.83203 0 16 -7.16797 16 -16s-7.16797 -16 -16 -16s-16 7.16797 -16 16s7.16797 16 16 16zM368 160c-8.83203 0 -16 7.16797 -16 16s7.16797 16 16 16
s16 -7.16797 16 -16s-7.16797 -16 -16 -16zM336 128c-8.83203 0 -16 7.16797 -16 16s7.16797 16 16 16s16 -7.16797 16 -16s-7.16797 -16 -16 -16zM304 192c8.83203 0 16 -7.16797 16 -16s-7.16797 -16 -16 -16s-16 7.16797 -16 16s7.16797 16 16 16zM432 224
c-8.83203 0 -16 7.16797 -16 16s7.16797 16 16 16s16 -7.16797 16 -16s-7.16797 -16 -16 -16zM384 208c0 8.83203 7.16797 16 16 16s16 -7.16797 16 -16s-7.16797 -16 -16 -16s-16 7.16797 -16 16zM368 256c8.83203 0 16 -7.16797 16 -16s-7.16797 -16 -16 -16
s-16 7.16797 -16 16s7.16797 16 16 16zM464 224c8.83203 0 16 -7.16797 16 -16s-7.16797 -16 -16 -16s-16 7.16797 -16 16s7.16797 16 16 16zM496 256c8.83203 0 16 -7.16797 16 -16s-7.16797 -16 -16 -16s-16 7.16797 -16 16s7.16797 16 16 16zM432 192
c8.83203 0 16 -7.16797 16 -16s-7.16797 -16 -16 -16s-16 7.16797 -16 16s7.16797 16 16 16zM400 160c8.83203 0 16 -7.16797 16 -16s-7.16797 -16 -16 -16s-16 7.16797 -16 16s7.16797 16 16 16zM336 96c8.83203 0 16 -7.16797 16 -16s-7.16797 -16 -16 -16
s-16 7.16797 -16 16s7.16797 16 16 16zM304 64c8.83203 0 16 -7.16797 16 -16s-7.16797 -16 -16 -16s-16 7.16797 -16 16s7.16797 16 16 16zM368 128c8.83203 0 16 -7.16797 16 -16s-7.16797 -16 -16 -16s-16 7.16797 -16 16s7.16797 16 16 16zM389.65 346.35
c2.58691 -2.58691 4.6875 -7.65527 4.6875 -11.3145s-2.10059 -8.72852 -4.6875 -11.3154l-169.381 -169.37c-2.58691 -2.58691 -7.65527 -4.6875 -11.3145 -4.6875s-8.72852 2.10059 -11.3154 4.6875l-11.2998 11.3105c-2.58496 2.58594 -4.68262 7.65332 -4.68262 11.3096
c0 3.65723 2.09766 8.72363 4.68262 11.3105l5.66016 5.66992c-17.6602 17.9219 -31.9961 52.8887 -32 78.0498c0 19.2402 5.2998 37.0801 13.9297 52.8604l-10 10c-9.44434 9.47461 -27.9678 17.1641 -41.3457 17.1641c-2.10254 0 -5.5 -0.22168 -7.58398 -0.494141
c-30 -3.73047 -51 -31.7803 -51 -61.9307v-305.6c0 -8.83203 -7.16797 -16 -16 -16h-32c-8.83203 0 -16 7.16797 -16 16v303.15c0 67.9395 55.4902 129.35 123.44 128.85c27.7246 -0.138672 66.1006 -16.1992 85.6592 -35.8496l10 -10
c15.8203 8.5498 33.6602 13.8496 52.9004 13.8496c25.1631 -0.000976562 60.1289 -14.3369 78.0498 -32l5.66992 5.66016c2.58691 2.58691 7.65625 4.6875 11.3154 4.6875s8.72754 -2.10059 11.3145 -4.6875z" />
<glyph glyph-name="bath" unicode="&#xf2cd;"
d="M488 192c13.2549 0 24 -10.7451 24 -24v-16c0 -13.2549 -10.7451 -24 -24 -24h-8v-32c0 -28.4297 -12.3623 -53.9688 -32 -71.5469v-32.4531c0 -13.2549 -10.7451 -24 -24 -24h-16c-13.2549 0 -24 10.7451 -24 24v8h-256v-8c0 -13.2549 -10.7451 -24 -24 -24h-16
c-13.2549 0 -24 10.7451 -24 24v32.4531c-19.6377 17.5781 -32 43.1172 -32 71.5469v32h-8c-13.2549 0 -24 10.7451 -24 24v16c0 13.2549 10.7451 24 24 24h8v144c0 44.1123 35.8877 80 80 80c27.2119 0 51.2812 -13.667 65.7393 -34.4873
c21.8838 6.06445 46.2285 1.10449 64.1777 -15.3643c4.71289 4.1748 11.916 4.02051 16.4277 -0.491211l11.3145 -11.3145c4.68555 -4.68652 4.68555 -12.2852 0 -16.9707l-95.0303 -95.0293c-4.68652 -4.68555 -12.2852 -4.68555 -16.9707 0l-11.3145 11.3145
c-4.51172 4.51172 -4.66699 11.7148 -0.491211 16.4277c-21.5244 23.459 -23.3291 57.8281 -6.83789 83.0352c-5.68262 8.93457 -15.6641 14.8799 -27.0146 14.8799c-17.6445 0 -32 -14.3555 -32 -32v-144h408z" />
d="M32 64v48h448v-48c-0.0478516 -23.5742 -14.3848 -55.4229 -32 -71.0898v-40.9102c0 -8.83203 -7.16797 -16 -16 -16h-32c-8.83203 0 -16 7.16797 -16 16v16h-256v-16c0 -8.83203 -7.16797 -16 -16 -16h-32c-8.83203 0 -16 7.16797 -16 16v40.9102
c-17.6152 15.667 -31.9521 47.5156 -32 71.0898zM496 192c8.83203 0 16 -7.16797 16 -16v-16c0 -8.83203 -7.16797 -16 -16 -16h-480c-8.83203 0 -16 7.16797 -16 16v16c0 8.83203 7.16797 16 16 16h16v186.75v0.00585938c0 38.2256 31.0244 69.25 69.25 69.25
c15.835 0 37.7734 -9.08789 48.9697 -20.2861l19.2607 -19.2695c29.8994 13.1299 59.1094 7.60938 79.7295 -8.62012l0.169922 0.169922c2.58691 2.58496 7.65332 4.68262 11.3105 4.68262c3.65625 0 8.72266 -2.09766 11.3096 -4.68262l11.3096 -11.3096
c2.58789 -2.58691 4.68848 -7.65625 4.68848 -11.3154s-2.10059 -8.72852 -4.68848 -11.3154l-105.369 -105.369c-2.58691 -2.58789 -7.65625 -4.68848 -11.3154 -4.68848s-8.72852 2.10059 -11.3154 4.68848l-11.3096 11.3096
c-2.57617 2.58496 -4.66797 7.64551 -4.66797 11.2949s2.0918 8.70996 4.66797 11.2949l0.169922 0.169922c-16.2295 20.6201 -21.75 49.8506 -8.62012 79.7305l-19.2695 19.2598c-3.43652 3.42969 -10.165 6.21387 -15.0205 6.21387
c-11.71 0 -21.2344 -9.50391 -21.2598 -21.2139v-186.75h416z" />
<glyph glyph-name="podcast" unicode="&#xf2ce;" horiz-adv-x="448"
d="M267.429 -40.5635c-5.14258 -19.0098 -24.5703 -23.4365 -43.4287 -23.4365c-18.8574 0 -38.2861 4.42676 -43.4277 23.4365c-7.64551 28.4297 -20.5723 99.665 -20.5723 132.813c0 35.1562 31.1416 43.75 64 43.75s64 -8.59375 64 -43.75
c0 -32.9492 -12.8711 -104.179 -20.5713 -132.813zM156.867 159.446c2.6748 -2.61914 2.39941 -6.98535 -0.628906 -9.18555c-9.3125 -6.76465 -16.4609 -15.3418 -21.2354 -25.3623c-1.74219 -3.65723 -6.5 -4.6582 -9.45312 -1.8877
@ -1987,10 +1993,10 @@ v-70.9004h-116c-6.59961 0 -12 -5.40039 -12 -12v-64c0 -6.59961 5.40039 -12 12 -12
<glyph glyph-name="arrow-alt-circle-up" unicode="&#xf35b;"
d="M8 192c0 137 111 248 248 248s248 -111 248 -248s-111 -248 -248 -248s-248 111 -248 248zM300 76v116h70.9004c10.6992 0 16.0996 13 8.5 20.5l-114.9 114.3c-4.7002 4.7002 -12.2002 4.7002 -16.9004 0l-115 -114.3c-7.59961 -7.59961 -2.19922 -20.5 8.5 -20.5
h70.9004v-116c0 -6.59961 5.40039 -12 12 -12h64c6.59961 0 12 5.40039 12 12z" />
<glyph glyph-name="external-link-alt" unicode="&#xf35d;" horiz-adv-x="576"
d="M576 424v-127.984c0 -21.4609 -25.96 -31.9795 -40.9707 -16.9707l-35.707 35.709l-243.523 -243.522c-9.37305 -9.37305 -24.5674 -9.37305 -33.9404 0l-22.627 22.627c-9.37305 9.37305 -9.37305 24.5684 0 33.9404l243.524 243.525l-35.7031 35.7051
c-15.0703 15.0703 -4.39648 40.9707 16.9717 40.9707h127.976c13.2549 0 24 -10.7451 24 -24zM407.029 177.206c15.1191 15.1201 40.9707 4.41211 40.9707 -16.9697v-176.236c0 -26.5098 -21.4902 -48 -48 -48h-352c-26.5098 0 -48 21.4902 -48 48v352
c0 26.5098 21.4902 48 48 48h296c21.3809 0 32.0889 -25.8506 16.9697 -40.9707l-16 -16c-3.87988 -3.87988 -11.4824 -7.0293 -16.9697 -7.0293h-264v-320h320v144.235v0.000976562c0 5.4873 3.14941 13.0898 7.0293 16.9697z" />
<glyph glyph-name="external-link-alt" unicode="&#xf35d;"
d="M432 128c8.83203 0 16 -7.16797 16 -16v-128c0 -26.4961 -21.5039 -48 -48 -48h-352c-26.4961 0 -48 21.5039 -48 48v352c0 26.4961 21.5039 48 48 48h160c8.83203 0 16 -7.16797 16 -16v-32c0 -8.83203 -7.16797 -16 -16 -16h-144v-320h320v112
c0 8.83203 7.16797 16 16 16h32zM488 448c13.248 0 24 -10.752 24 -24v-128c0 -21.5 -26 -32 -41 -17l-35.7197 35.6797l-243.61 -243.68c-3.88281 -3.89648 -11.499 -7.05859 -17 -7.05859s-13.1172 3.16211 -17 7.05859l-22.6699 22.6299
c-3.89648 3.88281 -7.05859 11.499 -7.05859 17s3.16211 13.1172 7.05859 17l243.73 243.64l-35.7305 35.7305c-15.0498 15.0898 -4.37012 41 17 41h128z" />
<glyph glyph-name="external-link-square-alt" unicode="&#xf360;" horiz-adv-x="448"
d="M448 368v-352c0 -26.5098 -21.4902 -48 -48 -48h-352c-26.5098 0 -48 21.4902 -48 48v352c0 26.5098 21.4902 48 48 48h352c26.5098 0 48 -21.4902 48 -48zM360 352h-111.971c-21.3135 0 -32.0801 -25.8613 -16.9717 -40.9707l31.9844 -31.9873l-195.527 -195.527
c-4.68555 -4.68555 -4.68555 -12.2832 0 -16.9707l31.0293 -31.0293c4.6875 -4.68555 12.2852 -4.68555 16.9707 0l195.526 195.526l31.9883 -31.9912c15.0283 -15.0264 40.9707 -4.47461 40.9707 16.9717v111.979c0 13.2549 -10.7451 24 -24 24z" />
@ -2068,6 +2074,14 @@ c22.3008 -10.2002 46.9004 -16 72.9004 -16s50.7002 5.7998 72.9004 16h55.0996z" />
d="M464 416c26.5 0 48 -21.5 48 -48v-352c0 -26.5 -21.5 -48 -48 -48h-416c-26.5 0 -48 21.5 -48 48v352c0 26.5 21.5 48 48 48h416zM380.4 125.5l-67.1006 66.5l67.1006 66.5c4.7998 4.7998 4.7998 12.5996 0 17.4004l-40.5 40.5
c-4.80078 4.7998 -12.6006 4.7998 -17.4004 0l-66.5 -67.1006l-66.5 67.1006c-4.7998 4.7998 -12.5996 4.7998 -17.4004 0l-40.5 -40.5c-4.7998 -4.80078 -4.7998 -12.6006 0 -17.4004l67.1006 -66.5l-67.1006 -66.5c-4.7998 -4.7998 -4.7998 -12.5996 0 -17.4004
l40.5 -40.5c4.80078 -4.7998 12.6006 -4.7998 17.4004 0l66.5 67.1006l66.5 -67.1006c4.7998 -4.7998 12.5996 -4.7998 17.4004 0l40.5 40.5c4.7998 4.80078 4.7998 12.6006 0 17.4004z" />
<glyph glyph-name="compress-alt" unicode="&#xf422;" horiz-adv-x="448"
d="M4.68555 20.6855l99.3145 99.3145l-32.9219 31.0293c-15.1201 15.1201 -4.41211 40.9707 16.9697 40.9707h112c13.2549 0 23.9521 -10.7451 23.9521 -24v-112c0 -21.3818 -25.8027 -32.0898 -40.9219 -16.9707l-31.0781 32.9707l-99.3145 -99.3145
c-6.24707 -6.24707 -16.3789 -6.24707 -22.627 0l-25.373 25.373c-6.24707 6.24805 -6.24707 16.3799 0 22.627zM443.314 363.314l-99.3145 -99.3145l32.9219 -31.0293c15.1201 -15.1201 4.41211 -40.9707 -16.9697 -40.9707h-112c-13.2549 0 -23.9521 10.7451 -23.9521 24
v112c0 21.3818 25.8027 32.0898 40.9219 16.9707l31.0781 -32.9707l99.3145 99.3145c6.24707 6.24707 16.3789 6.24707 22.627 0l25.373 -25.373c6.24707 -6.24805 6.24707 -16.3799 0 -22.627z" />
<glyph glyph-name="expand-alt" unicode="&#xf424;" horiz-adv-x="448"
d="M212.686 132.686l-92.6855 -92.6855l32.9219 -31.0293c15.1201 -15.1201 4.41211 -40.9707 -16.9697 -40.9707h-112c-13.2549 0 -23.9521 10.7451 -23.9521 24v112c0 21.3818 25.8027 32.0898 40.9219 16.9707l31.0781 -32.9707l92.6855 92.6855
c6.24805 6.24805 16.3799 6.24805 22.6279 0l25.3721 -25.3721c6.24902 -6.24805 6.24902 -16.3789 0 -22.6279zM235.314 251.314l92.6855 92.6855l-32.9219 31.0293c-15.1201 15.1201 -4.41211 40.9707 16.9697 40.9707h112c13.2549 0 23.9521 -10.7451 23.9521 -24v-112
c0 -21.3818 -25.8027 -32.0898 -40.9219 -16.9707l-31.0781 32.9707l-92.6855 -92.6855c-6.24805 -6.24805 -16.3799 -6.24805 -22.6279 0l-25.3721 25.3721c-6.24902 6.24805 -6.24902 16.3789 0 22.6279z" />
<glyph glyph-name="baseball-ball" unicode="&#xf433;" horiz-adv-x="496"
d="M368.5 84.0996c12.9004 -26.6992 30.2998 -50.1992 51.4004 -70.5996c-44.6006 -43 -105.101 -69.5 -171.9 -69.5c-66.9004 0 -127.5 26.5996 -172 69.7002c21.2002 20.3994 38.5996 44 51.5 70.7002l-28.7998 13.8994c-11.1006 -23 -26.1006 -43.2998 -44.2998 -61
c-34 42.4004 -54.4004 96.1006 -54.4004 154.7s20.4004 112.3 54.4004 154.8c17.7998 -17.2998 32.5 -37.0996 43.5 -59.3994l28.6992 14.0996c-12.7998 25.9004 -30 48.9004 -50.6992 68.7998c44.5996 43.1006 105.199 69.7002 172.1 69.7002
@ -2354,13 +2368,19 @@ d="M275.3 197.5l-108.899 114.2c-31.6006 33.2002 -29.7002 88.2002 5.59961 118.8c3
l-108.9 -114.2c-7.09961 -7.40039 -18.5 -7.40039 -25.5 0zM565.3 119.9c15.1006 -13.6006 13.9004 -36.8008 -1.2998 -48.9004l-151.2 -121c-11.3994 -9.09961 -25.5 -14 -40 -14h-356.8c-8.7998 0 -16 7.2002 -16 16v96c0 8.7998 7.2002 16 16 16h55.4004l46.5 37.7002
c21 17 47.0996 26.2998 74.0996 26.2998h160c19.5 0 34.9004 -17.4004 31.5996 -37.4004c-2.59961 -15.6992 -17.3994 -26.5996 -33.2998 -26.5996h-78.2998c-8.7998 0 -16 -7.2002 -16 -16s7.2002 -16 16 -16h118.3c14.6006 0 28.7002 4.90039 40 14l92.4004 73.9004
c12.3994 10 30.7998 10.6992 42.5996 0z" />
<glyph glyph-name="hand-holding-usd" unicode="&#xf4c0;" horiz-adv-x="544"
d="M257.6 303.7c-22.1992 6.39941 -40 24.7002 -42.8994 47.7002c-4 32 19 59.3994 49.2998 63v17.5996c0 8.7998 7.2002 16 16 16h16c8.7998 0 16 -7.2002 16 -16v-17.7002c11.5 -1.39941 22.2998 -5.2002 31.7998 -11.5c6.2002 -4.09961 6.7998 -13.0996 1.5 -18.3994
l-17.5 -17.5c-3.7002 -3.7002 -9.2998 -4.2002 -14.0996 -2c-3.2002 1.39941 -6.7002 2.19922 -10.2998 2.19922h-32.8008c-4.59961 0 -8.39941 -3.7998 -8.39941 -8.39941c0 -3.7002 2.5 -7.10059 6.09961 -8.10059l50 -14.2998
c22.2002 -6.39941 40 -24.7002 42.9004 -47.7002c4 -32 -19 -59.3994 -49.2998 -63v-17.5996c0 -8.7998 -7.2002 -16 -16 -16h-16c-8.80078 0 -16 7.2002 -16 16v17.7002c-11.5 1.39941 -22.3008 5.2002 -31.8008 11.5c-6.19922 4.09961 -6.7998 13.0996 -1.5 18.3994
l17.5 17.5c3.7002 3.7002 9.30078 4.2002 14.1006 2c3.2002 -1.39941 6.7002 -2.19922 10.2998 -2.19922h32.7998c4.60059 0 8.40039 3.7998 8.40039 8.39941c0 3.7002 -2.5 7.10059 -6.10059 8.10059zM533.9 119.9c14.1992 -13.6006 13.0996 -36.8008 -1.30078 -48.9004
l-142.8 -121c-10.7998 -9.09961 -24.0996 -14 -37.7998 -14h-336.9c-8.2998 0 -15.0996 7.2002 -15.0996 16v96c0 8.7998 6.7998 16 15.0996 16h52.4004l43.9004 37.7002c19.6992 17 44.3994 26.2998 69.8994 26.2998h151.101c18.2998 0 32.8994 -17.4004 29.7998 -37.4004
c-2.40039 -15.6992 -16.2998 -26.5996 -31.4004 -26.5996h-73.8994c-8.30078 0 -15.1006 -7.2002 -15.1006 -16s6.7998 -16 15.1006 -16h111.699c13.8008 0 27.1006 4.90039 37.8008 14l87.1992 73.9004c11.8008 10 29.1006 10.6992 40.3008 0z" />
<glyph glyph-name="hand-holding-usd" unicode="&#xf4c0;" horiz-adv-x="576"
d="M271.06 303.7c-24.0596 6.39941 -43.4297 24.7002 -46.5693 47.7002c-4.33984 32 20.6201 59.3994 53.5098 63v17.5996c0 8.7998 7.82031 16 17.3701 16h17.3701c9.5498 0 17.3701 -7.2002 17.3701 -16v-17.7197c10.2324 -1.05566 25.6982 -6.20801 34.5195 -11.5
c3.05469 -1.83984 5.53418 -6.22656 5.53418 -9.79199c0 -1.78516 -0.758789 -4.46777 -1.69434 -5.98828c-0.490234 -0.808594 -1.46191 -1.97266 -2.16992 -2.59961l-19 -17.5c-4.01953 -3.7002 -10.0693 -4.2002 -15.2998 -2
c-2.98145 1.20898 -8.0127 2.19434 -11.2305 2.19922h-35.5996c-5.03027 0 -9.12012 -3.7998 -9.12012 -8.39941c0.112305 -3.6416 3.08301 -7.27051 6.62988 -8.10059l54.2705 -14.2998c24.0996 -6.39941 43.4102 -24.7002 46.5596 -47.7002
c4.33984 -32 -20.5693 -59.3994 -53.5 -63v-17.5996c0 -8.7998 -7.83008 -16 -17.3799 -16h-17.3701c-9.54004 0 -17.3701 7.2002 -17.3701 16v17.7002c-10.2305 1.05566 -25.6904 6.20703 -34.5098 11.5c-3.06348 1.83594 -5.54883 6.22363 -5.54883 9.79492
c0 1.77051 0.74707 4.43359 1.66895 5.94531c0.510742 0.827148 1.51855 2.01953 2.25 2.65918l19 17.5c4.01953 3.7002 10.0596 4.2002 15.2998 2c2.9707 -1.20508 7.98438 -2.19043 11.1904 -2.19922h35.5996c5.03027 0 9.12012 3.7998 9.12012 8.39941
c-0.112305 3.6416 -3.08203 7.27051 -6.62988 8.10059zM565.27 119.9c5.92383 -5.26953 10.7432 -15.9814 10.7432 -23.9102c0 -8.49121 -5.38184 -19.6865 -12.0127 -24.9902l-151.23 -121c-9.67188 -7.72754 -27.5693 -14 -39.9492 -14h-0.0507812h-356.77
c-8.83203 0 -16 7.16797 -16 16v96c0 8.83203 7.16797 16 16 16h55.4004l46.5 37.71c17.8789 14.5059 51.0762 26.2842 74.0996 26.29h160v0c17.6309 0 31.9668 -14.3096 32 -31.9404v-0.120117c0 -1.48438 -0.206055 -3.87695 -0.459961 -5.33984
c-2.54004 -15.6992 -17.3496 -26.5996 -33.25 -26.5996h-78.29c-8.83203 0 -16 -7.16797 -16 -16s7.16797 -16 16 -16h118.27h0.176758c12.3496 0 30.1904 6.27148 39.8232 14l92.4004 73.9004c12.4004 10 30.7998 10.6992 42.5996 0z" />
<glyph glyph-name="hand-holding-water" unicode="&#xf4c1;" horiz-adv-x="576"
d="M288 192c-53 0 -96 42.0996 -96 94c0 40 57.0996 120.7 83.2002 155.6c6.39941 8.5 19.2002 8.5 25.5996 0c26.1006 -34.8994 83.2002 -115.6 83.2002 -155.6c0 -51.9004 -43 -94 -96 -94zM565.3 119.9c15.1006 -13.6006 13.9004 -36.8008 -1.2998 -48.9004l-151.2 -121
c-11.3994 -9.09961 -25.5 -14 -40 -14h-356.8c-8.7998 0 -16 7.2002 -16 16v96c0 8.7998 7.2002 16 16 16h55.4004l46.5 37.7002c21 17 47.0996 26.2998 74.0996 26.2998h160c19.5 0 34.9004 -17.4004 31.5996 -37.4004
c-2.59961 -15.6992 -17.3994 -26.5996 -33.2998 -26.5996h-78.2998c-8.7998 0 -16 -7.2002 -16 -16s7.2002 -16 16 -16h118.3c14.6006 0 28.7002 4.90039 40 14l92.4004 73.9004c12.3994 10 30.7998 10.6992 42.5996 0z" />
<glyph glyph-name="hands" unicode="&#xf4c2;" horiz-adv-x="640"
d="M204.8 217.6l57.6006 -76.7998c16.5996 -22.2002 25.5996 -49.0996 25.5996 -76.7998v-112c0 -8.7998 -7.2002 -16 -16 -16h-131.7c-7.2002 0 -13.5 4.7002 -15.2998 11.5996c-2 7.80078 -5.40039 15.2002 -10.4004 21.7002l-104.1 134.3
c-6.7998 8.5 -10.5 19.1006 -10.5 30v218.4c0 17.7002 14.2998 32 32 32s32 -14.2998 32 -32v-148.4l89.7998 -107.8c6 -7.2998 16.9004 -7.7998 23.6006 -1.09961l12.7998 12.7998c5.59961 5.59961 6.2998 14.5 1.5 20.9004l-38.1006 50.7998
@ -2720,9 +2740,11 @@ l38.4004 -44.7998l54.4004 44.7998c2.35059 1.78027 6.65137 3.22559 9.59961 3.2255
M320 88v16c0 4.40039 -3.59961 8 -8 8h-240c-4.40039 0 -8 -3.59961 -8 -8v-16c0 -4.40039 3.59961 -8 8 -8h240c4.40039 0 8 3.59961 8 8zM320 184v16c0 4.40039 -3.59961 8 -8 8h-240c-4.40039 0 -8 -3.59961 -8 -8v-16c0 -4.40039 3.59961 -8 8 -8h240
c4.40039 0 8 3.59961 8 8zM320 280v16c0 4.40039 -3.59961 8 -8 8h-240c-4.40039 0 -8 -3.59961 -8 -8v-16c0 -4.40039 3.59961 -8 8 -8h240c4.40039 0 8 3.59961 8 8z" />
<glyph glyph-name="robot" unicode="&#xf544;" horiz-adv-x="640"
d="M0 192c0 17.7002 14.2998 32 32 32h32v-192h-32c-17.7002 0 -32 14.2998 -32 32v128zM464 352c44.2002 0 80 -35.7998 80 -80v-272c0 -35.2998 -28.7002 -64 -64 -64h-320c-35.2998 0 -64 28.7002 -64 64v272c0 44.2002 35.7998 80 80 80h112v64
c0 17.7002 14.2998 32 32 32s32 -14.2998 32 -32v-64h112zM256 32v32h-64v-32h64zM224 152c22.0996 0 40 17.9004 40 40s-17.9004 40 -40 40s-40 -17.9004 -40 -40s17.9004 -40 40 -40zM352 32v32h-64v-32h64zM448 32v32h-64v-32h64zM416 152c22.0996 0 40 17.9004 40 40
s-17.9004 40 -40 40s-40 -17.9004 -40 -40s17.9004 -40 40 -40zM608 224c17.7002 0 32 -14.2998 32 -32v-128c0 -17.7002 -14.2998 -32 -32 -32h-32v192h32z" />
d="M32 224h32v-192h-32h-0.0380859c-17.6436 0 -31.9619 14.3184 -31.9619 31.9619v0.0380859v128v0.0380859c0 17.6436 14.3184 31.9619 31.9619 31.9619h0.0380859zM544 272v-272c-0.0351562 -35.293 -28.707 -63.9648 -64 -64h-320
c-35.293 0.0351562 -63.9648 28.707 -64 64v272v0.0263672c0 44.1455 35.8281 79.9736 79.9736 79.9736h0.0263672h112v64c0 17.6641 14.3359 32 32 32s32 -14.3359 32 -32v-64h112h0.0263672c44.1455 0 79.9736 -35.8281 79.9736 -79.9736v-0.0263672zM264 192
c0 22.0801 -17.9199 40 -40 40s-40 -17.9199 -40 -40s17.9199 -40 40 -40h0.00292969c22.0781 0 39.9971 17.9189 39.9971 39.9971v0.00292969zM256 64h-64v-32h64v32zM352 64h-64v-32h64v32zM456 192c0 22.0801 -17.9199 40 -40 40s-40 -17.9199 -40 -40
s17.9199 -40 40 -40h0.00292969c22.0781 0 39.9971 17.9189 39.9971 39.9971v0.00292969zM448 64h-64v-32h64v32zM640 192v-128v-0.0380859c0 -17.6436 -14.3184 -31.9619 -31.9619 -31.9619h-0.0380859h-32v192h32h0.0380859c17.6436 0 31.9619 -14.3184 31.9619 -31.9619
v-0.0380859z" />
<glyph glyph-name="ruler" unicode="&#xf545;" horiz-adv-x="640"
d="M635.7 280.8c8.7998 -15 3.59961 -34.2002 -11.6006 -42.7998l-496.8 -281.9c-15.2002 -8.59961 -34.7002 -3.5 -43.5 11.5l-79.5996 135.601c-8.7998 15 -3.5 34.0996 11.7002 42.7998l69 39.0996l59.6992 -101.399c2.2002 -3.7998 7.10059 -5.10059 10.9004 -2.90039
l13.7998 7.7998c3.7998 2.2002 5.10059 7 2.90039 10.7002l-59.7002 101.7l55.2002 31.2998l27.8994 -47.5c2.2002 -3.7998 7.10059 -5.09961 10.9004 -2.89941l13.7998 7.7998c3.7998 2.2002 5.10059 6.89941 2.90039 10.7002l-27.9004 47.3994l55.2002 31.2998
@ -2912,11 +2934,12 @@ c-4.99023 7.56934 -2.20996 17.9297 5.64062 22.4697l27.75 16.0703c7.40918 4.29004
s96 -42.9805 96 -96c0 -16.6299 -4.61035 -32.0303 -12.0596 -45.6602l51.79 -89.71c-23.0508 -23.1699 -51.3809 -39.96 -82.6104 -48.9199l-51.0898 88.5c-0.69043 -0.0195312 -1.33984 -0.209961 -2.04004 -0.209961s-1.33984 0.19043 -2.04004 0.209961
l-67.3604 -116.68c22.1797 -7.28027 45.4805 -11.5303 69.4102 -11.5303c76.25 0 147.01 38.8496 188.12 102.38c4.64941 7.17969 13.7803 9.87012 21.2598 5.71973l28.0703 -15.5693c7.93945 -4.40039 10.9102 -14.7207 6.0498 -22.3906zM256 384
c-17.6699 0 -32 -14.3301 -32 -32s14.3301 -32 32 -32s32 14.3301 32 32s-14.3301 32 -32 32z" />
<glyph glyph-name="drum" unicode="&#xf569;" horiz-adv-x="576"
d="M458.08 327.12c71.3799 -23.29 117.91 -60.75 117.92 -103.13v-160.83c0 -30.46 -24.0303 -58.4004 -64 -80.3701v96.3701c0 17.5996 -14.4004 32 -32 32s-32 -14.4004 -32 -32v-122.41c-37.4004 -11.1299 -81 -18.4404 -128 -20.75v111.16c0 17.5996 -14.4004 32 -32 32
s-32 -14.4004 -32 -32v-111.15c-47 2.31055 -90.5996 9.62012 -128 20.75v122.41c0 17.5996 -14.4004 32 -32 32s-32 -14.4004 -32 -32v-96.3701c-39.9697 21.9697 -64 49.9102 -64 80.3701v160.83c0 70.6904 128.94 128 288 128
c21.8467 -0.00585938 57.167 -2.2373 78.8398 -4.98047l160.69 96.4102c15.1699 9.10059 34.8096 4.18066 43.9102 -10.9697c9.08984 -15.1602 4.18945 -34.8203 -10.9707 -43.9102zM288 144c132.54 0 240 35.8096 240 79.9902c0 30.2695 -50.4502 56.5996 -124.82 70.1895
l-162.71 -97.6201c-14.3994 -8.63965 -34.3496 -4.95996 -43.9102 10.9707c-9.08984 15.1602 -4.18945 34.8193 10.9707 43.9102l87.4102 52.4395c-2.32031 0.0205078 -4.60059 0.120117 -6.94043 0.120117c-132.55 0 -240 -35.8203 -240 -80s107.45 -80 240 -80z" />
<glyph glyph-name="drum" unicode="&#xf569;"
d="M431.34 325.95c44.9004 -16.3398 80.6602 -42.7803 80.6602 -86.1006v-160.229c0 -30.2705 -27.5 -57.6797 -72 -77.8604v101.9c0 13.248 -10.752 24 -24 24s-24 -10.752 -24 -24v-118.93c-33.0498 -9.11035 -71.0703 -15.0605 -112 -16.7305v103.61
c0 13.248 -10.752 24 -24 24s-24 -10.752 -24 -24v-103.61c-40.9297 1.66992 -78.9502 7.62012 -112 16.7305v118.93c0 13.248 -10.752 24 -24 24s-24 -10.752 -24 -24v-101.9c-44.5 20.1807 -72 47.5898 -72 77.8604v160.229c0 107.601 219.55 112.15 256 112.15
c15.2197 0 62.4297 -0.910156 112.19 -9.69043l110.06 71c2.22461 1.4834 6.20117 2.6875 8.875 2.6875c4.72852 0 10.6934 -3.19238 13.3154 -7.12695l8.86914 -13.3105c1.4834 -2.22461 2.6875 -6.20117 2.6875 -8.875c0 -4.72754 -3.19238 -10.6924 -7.12695 -13.3145z
M256 175.76c114.87 0 208 28.6904 208 64.0898c0 21.3105 -33.9102 40.1504 -85.8604 51.75l-118.64 -76.5195c-2.22461 -1.4834 -6.20117 -2.6875 -8.875 -2.6875c-4.72852 0 -10.6934 3.19336 -13.3154 7.12695l-8.86914 13.3105
c-1.48535 2.22559 -2.69043 6.2041 -2.69043 8.87988c0 4.72461 3.18945 10.6875 7.12012 13.3096l72.8096 47c-15.9492 1.2002 -32.5293 1.91016 -49.6797 1.91016c-114.88 0 -208 -28.6797 -208 -64.0801c0 -35.3994 93.1201 -64.0898 208 -64.0898z" />
<glyph glyph-name="drum-steelpan" unicode="&#xf56a;" horiz-adv-x="576"
d="M288 416c159.06 0 288 -57.3096 288 -128v-192c0 -70.6904 -128.94 -128 -288 -128s-288 57.3096 -288 128v192c0 70.6904 128.94 128 288 128zM205.01 257.64c5.11035 19.0605 2.49023 38.96 -7.37012 56.0508l-25.5996 44.3398
c-73.9297 -13.6406 -124.04 -39.8701 -124.04 -70.0303c0 -30.7803 52.2305 -57.46 128.7 -70.8398c13.7695 9.91016 23.8594 23.8701 28.3096 40.4795zM288 208c21.0801 0 41.4102 1 60.8896 2.7002c-8.05957 26.1299 -32.1494 45.2998 -60.8896 45.2998
@ -3341,11 +3364,10 @@ c-4.41992 0 -8 -3.58008 -8 -8v-16c0 -4.41992 3.58008 -8 8 -8h240c4.41992 0 8 3.5
<glyph glyph-name="surprise" unicode="&#xf5c2;" horiz-adv-x="496"
d="M248 440c137 0 248 -111 248 -248s-111 -248 -248 -248s-248 111 -248 248s111 248 248 248zM136 240c0 -17.7002 14.2998 -32 32 -32s32 14.2998 32 32s-14.2998 32 -32 32s-32 -14.2998 -32 -32zM248 32c35.2998 0 64 28.7002 64 64s-28.7002 64 -64 64
s-64 -28.7002 -64 -64s28.7002 -64 64 -64zM328 208c17.7002 0 32 14.2998 32 32s-14.2998 32 -32 32s-32 -14.2998 -32 -32s14.2998 -32 32 -32z" />
<glyph glyph-name="swatchbook" unicode="&#xf5c3;" horiz-adv-x="511"
d="M479.06 128c17.6406 0 31.9404 -14.3301 31.9404 -32v-128c0 -17.6699 -14.2998 -32 -31.9404 -32h-299.579c2.17969 1.91016 4.60938 3.41992 6.66992 5.49023l186.14 186.51h106.77zM434.56 280.9c12.4707 -12.4902 12.4707 -32.7607 0 -45.2607l-211.869 -212.279
c0.199219 2.90918 0.869141 5.67969 0.869141 8.63965v263.76l75.5 75.6504c12.4805 12.5 32.7002 12.5 45.1709 0zM191.62 416v-384c0 -53.0195 -42.9004 -96 -95.8105 -96c-52.9092 0 -95.8096 42.9805 -95.8096 96v384c0 17.6699 14.2998 32 31.9404 32h127.739
c17.6406 0 31.9404 -14.3301 31.9404 -32zM95.8096 8c13.2305 0 23.96 10.75 23.9502 24c0 13.2598 -10.7295 24 -23.9502 24c-13.2197 0 -23.9492 -10.7402 -23.9492 -24c0 -13.25 10.7197 -24 23.9492 -24zM127.75 192l0.00976562 64h-63.8799v-64h63.8701zM127.75 320
l0.00976562 64h-63.8799v-64h63.8701z" />
<glyph glyph-name="swatchbook" unicode="&#xf5c3;"
d="M434.66 280.29c5.15527 -5.1709 9.33984 -15.293 9.33984 -22.5947s-4.18457 -17.4248 -9.33984 -22.5957l-210.66 -211.1v271.12l75.4297 75.5195l0.0703125 0.0703125v0c5.14258 5.12305 15.2061 9.28027 22.4648 9.28027c7.29102 0 17.3867 -4.18848 22.5352 -9.35059
l90.1602 -90.3496v0zM480 128c17.6641 0 32 -14.3359 32 -32v-128c0 -17.6641 -14.3359 -32 -32 -32h-300c2.17969 1.91016 4.62012 3.41992 6.67969 5.49023l186.41 186.51h106.91zM192 416v-384c0 -52.9922 -43.0078 -96 -96 -96s-96 43.0078 -96 96v384
c0 17.6641 14.3359 32 32 32h128c17.6641 0 32 -14.3359 32 -32zM96 8c13.248 0 24 10.752 24 24s-10.752 24 -24 24s-24 -10.752 -24 -24s10.752 -24 24 -24zM128 192v64h-64v-64h64zM128 320v64h-64v-64h64z" />
<glyph glyph-name="swimmer" unicode="&#xf5c4;" horiz-adv-x="640"
d="M189.61 137.42c-5.04004 4.65039 -10.3906 8.34961 -15.8604 11.5801l68.6299 98.04c7.36035 10.5 16.3398 19.5498 26.7197 26.9404l80.0205 57.1699c25.54 18.2598 57.8301 24.96 88.5596 18.3799l100.351 -21.5303c25.9297 -5.55957 42.4297 -31.0801 36.8799 -57
c-5.56055 -25.9102 -31.0898 -42.4102 -57 -36.8799l-100.351 21.5303c-4.33984 0.90918 -8.97949 -0.0302734 -12.6191 -2.61035l-18 -12.8604l112.84 -80.5996c-17.5107 -1.04004 -34.5303 -8.4502 -49.3906 -22.1602
@ -3405,16 +3427,15 @@ c-5.32031 28.6699 -5.66992 57.3301 -1 86c5.32031 31.3301 15.3096 57.3301 29.96 7
c16.6494 9.33008 36.96 17.3301 60.9297 24c27.9795 7.33008 49.96 9.66992 65.9395 7zM295.91 360c-9.32031 -8.66992 -21.6504 -15 -36.96 -19c-10.6602 -3.33008 -22.2998 -5 -34.96 -5l-14.9805 1c-1.33008 9.33008 -1.33008 20 0 32
c2.66992 24 10.3203 42.3301 22.9707 55c9.31934 8.66992 21.6494 15 36.96 19c10.6592 3.33008 22.2998 5 34.96 5l14.9795 -1l1 -15c0 -12.6699 -1.66992 -24.3301 -4.99023 -35c-3.98926 -15.3301 -10.3096 -27.6699 -18.9795 -37z" />
<glyph glyph-name="atom" unicode="&#xf5d2;" horiz-adv-x="448"
d="M413.03 192c40.1396 -54.9102 41.5195 -98.5996 25.1396 -128c-29.2197 -52.3398 -101.689 -43.5801 -116.33 -41.8799c-21.4697 -51.2197 -54.2002 -86.1201 -97.8398 -86.1201s-76.3701 34.9004 -97.8398 86.1201c-14.6504 -1.7002 -87.1201 -10.46 -116.33 41.8799
c-16.3701 29.3799 -14.9902 73.1104 25.1396 128c-40.1396 54.9102 -41.5195 98.5996 -25.1396 128c10.9004 19.5195 40.5996 50.6602 116.33 41.8799c21.4795 51.2305 54.2002 86.1201 97.8398 86.1201s76.3604 -34.8896 97.8398 -86.1201
c75.79 8.85059 105.42 -22.3604 116.33 -41.8799c16.3701 -29.3799 14.9902 -73.1104 -25.1396 -128zM63.3799 96c3.69043 -6.59961 19.0205 -11.8604 43.5801 -10.9697c-2.75977 13 -5.0498 26.3701 -6.75977 40.0801c-7.66992 6.29004 -14.9102 12.6494 -21.8701 19.1797
c-15.1396 -23.4902 -18.9805 -41.0801 -14.9502 -48.29zM100.2 258.88c1.39355 11.1816 4.43555 29.2002 6.79004 40.2197c-1.82031 0.0703125 -3.98047 0.370117 -5.69043 0.370117c-21.5303 0 -34.5098 -5.33008 -37.9199 -11.4697
c-4.01953 -7.20996 -0.179688 -24.7998 14.9502 -48.2998c6.96973 6.53027 14.21 12.8896 21.8701 19.1797zM224 384c-9.46973 0 -22.2002 -13.5195 -33.8604 -37.2598c11.1904 -3.7002 22.4404 -8 33.8604 -12.8604c11.4199 4.86035 22.6699 9.16016 33.8604 12.8604
c-11.6602 23.7402 -24.3906 37.2598 -33.8604 37.2598zM224 0c9.46973 0 22.2002 13.5195 33.8604 37.2598c-11.1904 3.7002 -22.4404 8 -33.8604 12.8604c-11.4199 -4.86035 -22.6699 -9.16016 -33.8604 -12.8604c11.6602 -23.7402 24.3906 -37.2598 33.8604 -37.2598z
M286.5 157.33c1.99023 27.7998 1.98047 41.5498 0 69.3301c-26.6396 19.04 -46.1104 29.3096 -62.5 37.4795c-16.3701 -8.15918 -35.8301 -18.4297 -62.5 -37.4795c-1.99023 -27.79 -1.99023 -41.54 0 -69.3301c26.7002 -19.0703 46.1504 -29.3398 62.5 -37.4805
c16.3604 8.15039 35.7998 18.4004 62.5 37.4805zM384.62 96c4.01953 7.20996 0.179688 24.7998 -14.9502 48.29c-6.96973 -6.53027 -14.21 -12.8896 -21.8701 -19.1797c-1.70996 -13.6904 -4 -27.0605 -6.75977 -40.0605c24.5801 -0.870117 39.9102 4.33008 43.5801 10.9502
zM369.67 239.71c15.1299 23.4902 18.9697 41.0801 14.9502 48.2998c-3.41016 6.12988 -16.4004 11.4707 -37.9199 11.4707c-1.71973 0 -3.87012 -0.300781 -5.69043 -0.370117c2.35254 -11.0205 5.39453 -29.0391 6.79004 -40.2207
c7.66992 -6.29004 14.9102 -12.6494 21.8701 -19.1797zM224 224c17.6699 0 32 -14.3301 32 -32s-14.3301 -32 -32 -32s-32 14.3301 -32 32s14.3301 32 32 32z" />
d="M223.999 224c17.6328 -0.03125 31.9727 -14.3672 32.0078 -32c0 -17.6641 -14.3359 -32 -32 -32s-32 14.3359 -32 32c0 17.6602 14.333 31.9961 31.9922 32zM438.171 320c16.3789 -29.375 15.0039 -73.125 -25.1309 -128c40.1348 -54.875 41.5098 -98.625 25.1309 -128
c-29.1309 -52.375 -101.646 -43.625 -116.275 -41.875c-21.5039 -51.25 -54.2617 -86.125 -97.8965 -86.125s-76.3906 34.875 -97.8965 86.125c-14.627 -1.75 -87.1426 -10.5 -116.273 41.875c-16.3789 29.375 -15.0039 73.125 25.1289 128
c-40.1328 54.875 -41.5078 98.625 -25.1289 128c10.877 19.5 40.5078 50.625 116.273 41.875c21.5059 51.25 54.2617 86.125 97.8965 86.125s76.3926 -34.875 97.8965 -86.125c75.7656 8.875 105.398 -22.375 116.275 -41.875zM63.3389 96
c3.75195 -6.625 19.0059 -11.875 43.6348 -11c-2.75 13 -5.125 26.375 -6.75 40.125c-7.75195 6.25 -15.0039 12.625 -21.8809 19.125c-15.1289 -23.5 -19.0039 -41 -15.0039 -48.25zM100.224 258.875c1.625 13.5 3.875 26.875 6.75 40.25c-1.875 0 -4 0.375 -5.75 0.375
c-21.5059 0 -34.5078 -5.375 -37.8848 -11.5c-4 -7.25 -0.125 -24.75 15.0039 -48.25c6.87695 6.5 14.1289 12.875 21.8809 19.125zM223.999 384c-9.50195 0 -22.2539 -13.5 -33.8828 -37.25c11.2539 -3.75 22.5059 -8 33.8828 -12.875
c11.3789 4.875 22.6309 9.125 33.8828 12.875c-11.627 23.75 -24.3809 37.25 -33.8828 37.25zM223.999 0c9.50195 0 22.2559 13.5 33.8828 37.25c-11.252 3.75 -22.5039 8 -33.8828 12.875c-11.377 -4.875 -22.6289 -9.125 -33.8828 -12.875
c11.6289 -23.75 24.3809 -37.25 33.8828 -37.25zM223.999 112c44.1602 0 80 35.8398 80 80s-35.8398 80 -80 80s-80 -35.8398 -80 -80s35.8398 -80 80 -80zM384.659 96c4 7.25 0.125 24.75 -15.0039 48.25c-6.875 -6.5 -14.127 -12.875 -21.8789 -19.125
c-1.625 -13.75 -4 -27.125 -6.75195 -40.125c24.6309 -0.875 40.0098 4.375 43.6348 11zM369.655 239.75c15.1289 23.5 19.0039 41 15.0039 48.25c-3.375 6.125 -16.3789 11.5 -37.8828 11.5c-1.75 0 -3.87695 -0.375 -5.75195 -0.375
c2.87695 -13.375 5.12695 -26.75 6.75195 -40.25c7.75195 -6.25 15.0039 -12.625 21.8789 -19.125z" />
<glyph glyph-name="bone" unicode="&#xf5d7;" horiz-adv-x="640"
d="M598.88 203.44c-9.42969 -4.70996 -9.42969 -18.1709 -0.00976562 -22.8809c25.2002 -12.5996 41.1201 -38.3496 41.1201 -66.5293v-7.64062c0 -41.0898 -33.2998 -74.3896 -74.3799 -74.3896c-32.0107 0 -60.4404 20.4902 -70.5703 50.8604
c-6.53027 19.5996 -10.7305 45.1396 -38.1104 45.1396h-273.87c-26.5098 0 -30.4297 -22.1104 -38.1094 -45.1396c-10.1299 -30.3701 -38.5498 -50.8604 -70.5703 -50.8604c-41.0801 0 -74.3799 33.2998 -74.3799 74.3896v7.64062
@ -3485,6 +3506,13 @@ d="M12.4102 299.98c-16.5498 7.50977 -16.5498 32.5293 0 40.0391l232.95 105.671c2.
c-6.7998 -3.08984 -14.4893 -3.08984 -21.29 0zM499.59 211.7c16.5498 -7.5 16.5498 -32.5 0 -40l-232.95 -105.59c-6.7998 -3.08008 -14.4893 -3.08008 -21.29 0l-232.939 105.59c-16.5498 7.5 -16.5498 32.5 0 40l58.0996 26.3301l161.63 -73.2705
c7.57031 -3.42969 15.5908 -5.16992 23.8604 -5.16992s16.2998 1.74023 23.8604 5.16992l161.64 73.2705zM499.59 83.9004c16.5498 -7.5 16.5498 -32.5 0 -40l-232.95 -105.591c-6.7998 -3.0791 -14.4893 -3.0791 -21.29 0l-232.939 105.591
c-16.5498 7.5 -16.5498 32.5 0 40l57.8799 26.2295l161.85 -73.3701c7.57031 -3.42969 15.5908 -5.16992 23.8604 -5.16992s16.2998 1.74023 23.8604 5.16992l161.859 73.3701z" />
<glyph glyph-name="lungs" unicode="&#xf604;" horiz-adv-x="640"
d="M636.11 57.8496c2.58984 -9.68945 3.88965 -19.6396 3.88965 -29.6299c0 -61.2295 -62.4805 -105.439 -125.24 -88.6201l-59.5 15.9502c-42.1797 11.3105 -71.2598 47.4697 -71.2598 88.6201v87.4902l85.8398 -57.2305
c1.1123 -0.741211 3.09961 -1.34375 4.43652 -1.34375c2.36328 0 5.34375 1.59668 6.65332 3.56445l8.87988 13.3096c0.742188 1.1123 1.34375 3.09961 1.34375 4.43555c0 2.36328 -1.5957 5.34473 -3.56348 6.6543l-167.59 111.72l-167.59 -111.72
c-1.96777 -1.30957 -3.56445 -4.29004 -3.56445 -6.65332c0 -1.33691 0.602539 -3.32422 1.34473 -4.43652l8.87988 -13.3096c1.30859 -1.96777 4.29004 -3.56445 6.65332 -3.56445c1.33691 0 3.32422 0.601562 4.43652 1.34375l85.8398 57.2305v-87.4902
c0 -41.1504 -29.0801 -77.3203 -71.2598 -88.6201l-59.5 -15.9502c-62.7598 -16.8193 -125.24 27.3906 -125.24 88.6201c0 9.99023 1.2998 19.9404 3.88965 29.6299c21.6699 81.3008 56.04 159.15 102.011 231.021c22.1191 34.5703 36.0693 63.1299 80.0498 63.1299
c38.6895 0 70.0498 -29.4199 70.0498 -65.71v-60.1104l32.8799 21.9199c4.4502 2.9707 7.12012 7.95996 7.12012 13.3105v170.59c0 8.83984 7.16016 16 16 16h16c8.83984 0 16 -7.16016 16 -16v-170.59v-0.00292969c0 -4.72363 3.18945 -10.6855 7.12012 -13.3076
l32.8799 -21.9199v60.1104c0 36.29 31.3604 65.71 70.0498 65.71c43.9805 0 57.9307 -28.5596 80.0498 -63.1299c45.9707 -71.8701 80.3408 -149.72 102.011 -231.021z" />
<glyph glyph-name="microscope" unicode="&#xf610;"
d="M160 128c-17.6699 0 -32 14.3301 -32 32v224c0 17.6699 14.3301 32 32 32v16c0 8.83984 7.16016 16 16 16h64c8.83984 0 16 -7.16016 16 -16v-16c17.6699 0 32 -14.3301 32 -32v-224c0 -17.6699 -14.3301 -32 -32 -32h-12v-16c0 -8.83984 -7.16016 -16 -16 -16h-40
c-8.83984 0 -16 7.16016 -16 16v16h-12zM464 0c26.5098 0 48 -21.4902 48 -48c0 -8.83984 -7.16016 -16 -16 -16h-480c-8.83984 0 -16 7.16016 -16 16c0 26.5098 21.4902 48 48 48h272c70.5801 0 128 57.4199 128 128s-57.4199 128 -128 128v64
@ -3499,8 +3527,8 @@ d="M451.36 78.8604c34.3301 -5.48047 60.6396 -34.9805 60.6396 -70.8604c0 -39.7598
c0 39.7695 32.2402 72 72 72h14.0703c-13.4199 11.7305 -22.0703 28.7803 -22.0703 48c0 35.3496 28.6504 64 64 64h16c44.1797 0 80 35.8203 80 80c0 17.3799 -5.69043 33.3604 -15.1104 46.4805c4.95996 0.779297 9.94043 1.51953 15.1104 1.51953
c53.0195 0 96 -42.9805 96 -96c0 -11.2803 -2.30957 -21.9502 -5.87988 -32h5.87988c35.3496 0 64 -28.6504 64 -64c0 -19.2197 -8.65039 -36.2695 -22.0703 -48h14.0703c39.7598 0 72 -32.2305 72 -72c0 -23.4102 -11.3398 -43.9902 -28.6396 -57.1396z" />
<glyph glyph-name="shapes" unicode="&#xf61f;"
d="M512 128v-160c0 -17.6699 -14.3301 -32 -32 -32h-160c-17.6699 0 -32 14.3301 -32 32v160c0 17.6699 14.3301 32 32 32h160c17.6699 0 32 -14.3301 32 -32zM128 192c70.6904 0 128 -57.3096 128 -128s-57.3096 -128 -128 -128s-128 57.3096 -128 128s57.3096 128 128 128
zM479.03 224h-190.061c-25.3398 0 -41.1797 26.6699 -28.5098 48l95.0303 160c12.6699 21.3301 44.3496 21.3301 57.0195 0l95.0303 -160c12.6699 -21.3301 -3.16992 -48 -28.5098 -48z" />
d="M128 192c70.6562 0 128 -57.3438 128 -128s-57.3438 -128 -128 -128s-128 57.3438 -128 128s57.3438 128 128 128zM507 246.86c14.2402 -24.3799 -3.58008 -54.8604 -32.0898 -54.8604h-213.82c-28.5098 0 -46.3301 30.4805 -32.0898 54.8604l106.93 182.85
c5.97266 10.0967 20.3398 18.291 32.0703 18.291s26.0977 -8.19434 32.0703 -18.291zM480 160c17.6641 0 32 -14.3359 32 -32v-160c0 -17.6641 -14.3359 -32 -32 -32h-160c-17.6641 0 -32 14.3359 -32 32v160c0 17.6641 14.3359 32 32 32h160z" />
<glyph glyph-name="star-of-life" unicode="&#xf621;" horiz-adv-x="480"
d="M471.99 113.57c7.66016 -4.41992 10.2793 -14.2002 5.85938 -21.8506l-32.0195 -55.4297c-4.41992 -7.66016 -14.21 -10.2803 -21.8701 -5.86035l-135.93 78.4307v-156.86c0 -8.83984 -7.16992 -16 -16.0107 -16h-64.0391c-8.84082 0 -16.0107 7.16016 -16.0107 16
v156.85l-135.93 -78.4297c-7.66016 -4.41016 -17.4502 -1.79004 -21.8701 5.86035l-32.0195 55.4297c-4.41992 7.65039 -1.80078 17.4404 5.85938 21.8604l135.931 78.4297l-135.931 78.4297c-7.66016 4.41992 -10.2793 14.21 -5.85938 21.8604l32.0195 55.4199
@ -3626,8 +3654,8 @@ c26.5098 0 48 -21.4902 48 -48v-44.1396c12.3701 -9.34082 20.7598 -15.8701 29.6104
d="M464 320c26.5098 0 48 -21.4902 48 -48v-224c0 -26.5098 -21.4902 -48 -48 -48h-416c-26.5098 0 -48 21.4902 -48 48v288c0 26.5098 21.4902 48 48 48h160l64 -64h192zM368 152v16c0 8.83984 -7.16016 16 -16 16h-192c-8.83984 0 -16 -7.16016 -16 -16v-16
c0 -8.83984 7.16016 -16 16 -16h192c8.83984 0 16 7.16016 16 16z" />
<glyph glyph-name="folder-plus" unicode="&#xf65e;"
d="M464 320c26.5098 0 48 -21.4902 48 -48v-224c0 -26.5098 -21.4902 -48 -48 -48h-416c-26.5098 0 -48 21.4902 -48 48v288c0 26.5098 21.4902 48 48 48h160l64 -64h192zM368 152v16c0 8.83984 -7.16016 16 -16 16h-72v72c0 8.83984 -7.16016 16 -16 16h-16
c-8.83984 0 -16 -7.16016 -16 -16v-72h-72c-8.83984 0 -16 -7.16016 -16 -16v-16c0 -8.83984 7.16016 -16 16 -16h72v-72c0 -8.83984 7.16016 -16 16 -16h16c8.83984 0 16 7.16016 16 16v72h72c8.83984 0 16 7.16016 16 16z" />
d="M464 320c26.4961 0 48 -21.5039 48 -48v-224c0 -26.4961 -21.5039 -48 -48 -48h-416c-26.4961 0 -48 21.5039 -48 48v288c0 26.4961 21.5039 48 48 48h160l64 -64h192zM359.5 152v16c0 8.83203 -7.16797 16 -16 16h-64v64c0 8.83203 -7.16797 16 -16 16h-16
c-8.83203 0 -16 -7.16797 -16 -16v-64h-64c-8.83203 0 -16 -7.16797 -16 -16v-16c0 -8.83203 7.16797 -16 16 -16h64v-64c0 -8.83203 7.16797 -16 16 -16h16c8.83203 0 16 7.16797 16 16v64h64c8.83203 0 16 7.16797 16 16z" />
<glyph glyph-name="funnel-dollar" unicode="&#xf662;" horiz-adv-x="640"
d="M433.46 282.06c-83.4102 -20.8896 -145.46 -96.2695 -145.46 -186.06c0 -54.3496 22.7998 -103.38 59.21 -138.35c-10.75 -20.54 -38.3604 -29.21 -59.2197 -13.5703l-79.9902 60c-10.0703 7.55957 -16 19.4102 -16 32v155.92l-182.66 201.93
c-19.9502 19.9502 -5.82031 54.0703 22.4004 54.0703h480.52c28.2207 0 42.3506 -34.1201 22.4004 -54.0703zM480 256c88.3701 0 160 -71.6299 160 -160s-71.6299 -160 -160 -160s-160 71.6299 -160 160s71.6299 160 160 160zM496 16.1201
@ -3646,38 +3674,41 @@ d="M509.34 140.75c1.46875 -3.37012 2.66016 -9.08984 2.66016 -12.7656c0 -6.95703
c-4.74707 5.08496 -8.59961 14.8574 -8.59961 21.8145c0 3.67578 1.19141 9.39551 2.66016 12.7656c5.05957 11.6904 16.5898 19.25 29.3398 19.25h64v208c0 22 18 40 40 40s40 -18 40 -40v-134c0 -5.51953 4.48047 -10 10 -10h20c5.51953 0 10 4.48047 10 10v174
c0 22 18 40 40 40s40 -18 40 -40v-174c0 -5.51953 4.48047 -10 10 -10h20c5.51953 0 10 4.48047 10 10v134c0 22 18 40 40 40s40 -18 40 -40v-208h64c12.75 0 24.2803 -7.55957 29.3398 -19.25zM256 32c53.0195 0 96 64 96 64s-42.9805 64 -96 64s-96 -64 -96 -64
s42.9805 -64 96 -64zM256 128c17.6699 0 32 -14.3301 32 -32s-14.3301 -32 -32 -32s-32 14.3301 -32 32s14.3301 32 32 32z" />
<glyph glyph-name="haykal" unicode="&#xf666;"
<glyph glyph-name="bahai" unicode="&#xf666;"
d="M496.25 245.48c17.54 -2.46094 21.6797 -26.2705 6.04004 -34.6602l-98.1602 -52.6602l74.4805 -83.54c11.8594 -13.29 0.00976562 -34.25 -17.3506 -30.4902l-108.569 23.6504l4.10938 -112.55c0.430664 -11.6504 -8.87012 -19.2207 -18.4102 -19.2207
c-5.15918 0 -10.3896 2.20996 -14.1992 7.18066l-68.1807 88.8994l-68.1797 -88.8994c-3.81055 -4.9707 -9.0498 -7.18066 -14.2002 -7.18066c-9.54004 0 -18.8398 7.57031 -18.4102 19.2207l4.11035 112.55l-108.57 -23.6504
c-1.39941 -0.30957 -2.75977 -0.450195 -4.06934 -0.450195c-15.0107 0 -24.21 18.6807 -13.29 30.9307l74.4795 83.54l-98.1602 52.6592c-15.6494 8.40039 -11.5098 32.21 6.03027 34.6709l110 15.4297l-41.8203 104.34c-6.66016 16.6396 11.6006 32.1797 26.5898 22.6299
l94.04 -59.8896l34.0908 107.189c2.70996 8.55078 10.0293 12.8203 17.3496 12.8203s14.6396 -4.26953 17.3496 -12.8203l34.0908 -107.18l94.04 59.8896c14.9893 9.55078 33.2598 -5.98926 26.5898 -22.6299l-41.8203 -104.34zM338.51 136.32l-35.6094 39.9297
l46.9199 25.1699l-52.5703 7.37988l19.9902 49.8701l-44.9502 -28.6201l-16.29 51.2305l-16.3096 -51.2305l-44.9502 28.6201l19.9902 -49.8701l-52.5703 -7.37988l46.9199 -25.1699l-35.5996 -39.9297l51.8896 11.2998l-1.95996 -53.79l32.5898 42.4902l32.5898 -42.4902
l-1.96973 53.79z" />
<glyph glyph-name="jedi" unicode="&#xf669;" horiz-adv-x="544"
d="M479.99 96h39.96c-42.6299 -94.1699 -137.641 -160 -247.98 -160c-4.25977 0 -8.5498 0.0898438 -12.8496 0.290039c-103.97 4.76953 -193.851 69.4795 -235.101 159.71h39.9102l-58.5996 58.5996c-2.57031 12.8809 -4.49023 25.9805 -5.11035 39.4102
c-0.469727 10.0801 -0.129883 20.0703 0.5 29.9902h47.21l-41.3799 41.3799c14.3701 64.7002 52.1006 122.55 107.97 162.07c2.77051 1.95996 5.9707 3 9.27051 3c5.37988 0 10.4297 -2.70996 13.5098 -7.25c3.0498 -4.5 3.64062 -10 1.62012 -15.0898
c-6.53027 -16.4502 -9.83984 -33.7002 -9.83984 -51.2607c0 -45.1191 21.04 -86.5801 57.71 -113.739c4.00977 -2.9707 6.4502 -7.48047 6.69043 -12.3799c0.239258 -4.90039 -1.76074 -9.65039 -5.48047 -13.0107c-26.5498 -23.9795 -41.1699 -56.5 -41.1699 -91.5801
c0 -60.0293 42.9502 -110.279 99.8896 -121.92l2.5 65.2607l-27.1602 -18.4805c-2.96973 -2 -7.40918 -1.7002 -10 0.75c-2.72949 2.61035 -3.30957 6.70996 -1.38965 9.94043l20.1299 33.7695l-42.0693 8.71973c-3.71094 0.75 -6.38086 4.05078 -6.38086 7.83008
c0 3.78027 2.68066 7.08008 6.38086 7.83008l42.0693 8.73047l-20.1094 33.7295c-1.94043 3.27051 -1.36035 7.35059 1.35938 9.94043c2.73047 2.60938 6.86035 2.89941 10 0.779297l30.3906 -20.6592l11.5195 287.97c0.160156 4.29004 3.66992 7.66992 8 7.66992h0.0400391
c4.25293 0 7.81934 -3.44922 7.95996 -7.7002l11.5303 -287.93l30.3896 20.6699c3.03027 2.08984 7.2998 1.75 10 -0.799805c2.71973 -2.60059 3.2998 -6.68066 1.37988 -9.91016l-20.1299 -33.7705l42.0703 -8.72949c3.68945 -0.770508 6.37988 -4.06055 6.37988 -7.83008
c0 -3.78027 -2.67969 -7.08008 -6.37988 -7.83008l-42.0703 -8.71973l20.1104 -33.7305c0.631836 -1.05078 1.14453 -2.89844 1.14453 -4.12402c0 -1.89355 -1.11328 -4.49023 -2.48438 -5.7959c-2.63086 -2.49023 -7.04004 -2.85938 -10.0205 -0.799805l-27.1699 18.4697
l2.5 -65.3398c48.4697 9.40039 87.5703 48.1504 97.3096 96.5c8.78027 43.5605 -5.63965 87.3203 -38.5693 117.07c-3.73047 3.37012 -5.73047 8.10938 -5.49023 13.0303c0.240234 4.89941 2.67969 9.41992 6.7002 12.3994c36.6602 27.1602 57.6895 68.6104 57.6895 113.73
c0 17.5801 -3.30957 34.8496 -9.85938 51.3096c-2.03027 5.09961 -1.44043 10.5996 1.60938 15.0898c3.08008 4.53027 8.12012 7.24023 13.4902 7.24023c3.28027 0 6.48047 -1.03027 9.25 -2.99023c55.4805 -39.2197 93.4102 -97.4795 107.91 -162.27l-41.25 -41.2402
h46.9502c0.370117 -5.75977 1.0498 -11.46 1.0498 -17.2695c0 -17.7402 -1.83984 -35.0605 -5.12988 -51.8604z" />
<glyph glyph-name="jedi" unicode="&#xf669;" horiz-adv-x="576"
d="M535.953 96c-42.6406 -94.1719 -137.641 -160 -247.984 -160c-4.26562 0 -8.54688 0.0986328 -12.8447 0.296875c-103.969 4.76562 -193.859 69.4688 -235.109 159.703h39.9219l-58.6094 58.5938c-2.22949 10.7744 -4.51758 28.4355 -5.10938 39.4219
c-0.109375 2.87891 -0.199219 7.55469 -0.199219 10.4365c0 5.40234 0.313477 14.1592 0.699219 19.5479h47.2188l-41.3906 41.375c12.4873 56.2656 60.8574 128.877 107.969 162.078c2.29785 1.64453 6.45605 2.98828 9.28125 3
c4.78613 -0.0263672 10.835 -3.27441 13.5 -7.25c1.54883 -2.25977 2.80566 -6.31836 2.80566 -9.05762c0 -1.72949 -0.529297 -4.43359 -1.18066 -6.03613c-5.43359 -13.626 -9.84375 -36.5908 -9.84375 -51.2598v-0.00585938
c0 -45.1094 21.0469 -86.5781 57.7188 -113.734c3.70312 -2.69531 6.70801 -8.59863 6.70801 -13.1787c0 -4.05469 -2.46582 -9.52637 -5.50488 -12.2119c-26.5469 -23.9844 -41.1719 -56.5 -41.1719 -91.5781c0 -60.0312 42.9531 -110.281 99.8906 -121.922l2.5 65.2656
l-27.1562 -18.4844c-1.13477 -0.728516 -3.15234 -1.31934 -4.50098 -1.31934c-1.73242 0 -4.19629 0.926758 -5.49902 2.06934c-1.38965 1.31152 -2.5166 3.92578 -2.5166 5.83691c0 1.2168 0.504883 3.05469 1.12598 4.10059l20.125 33.7656l-42.0625 8.73438
c-3.52734 0.720703 -6.39062 4.22754 -6.39062 7.82812s2.86328 7.10742 6.39062 7.82812l42.0625 8.71875l-20.1094 33.7344c-0.632812 1.05078 -1.14648 2.89844 -1.14648 4.12598c0 4.41113 3.58008 7.99121 7.99121 7.99121
c1.36523 0 3.38867 -0.626953 4.51465 -1.39844l30.3906 -20.6562l11.5166 287.969c0.15918 4.23535 3.72754 7.67188 7.96484 7.67188h0.0351562h0.046875c4.22266 -0.0322266 7.78516 -3.4834 7.95312 -7.70312l11.5312 -287.922l30.3906 20.6719
c1.12402 0.75 3.13477 1.35938 4.48633 1.35938c1.75781 0 4.22754 -0.972656 5.51367 -2.17188c1.38672 -1.30762 2.5127 -3.91504 2.5127 -5.82129c0 -1.21191 -0.50293 -3.04199 -1.12207 -4.08496l-20.1406 -33.7656l42.0781 -8.73438
c3.51855 -0.727539 6.375 -4.23438 6.375 -7.82812s-2.85645 -7.10059 -6.375 -7.82812l-42.0781 -8.71875l20.1094 -33.7344c0.637695 -1.05273 1.15625 -2.90625 1.15625 -4.13672c0 -1.8916 -1.11328 -4.48242 -2.48438 -5.78516
c-1.30176 -1.1748 -3.78125 -2.12891 -5.53418 -2.12891c-1.35059 0 -3.36523 0.59668 -4.49707 1.33203l-27.1719 18.4688l2.5 -65.3438c48.4844 9.40625 87.5781 48.1562 97.3125 96.5c1.41602 6.84082 2.56641 18.0625 2.56641 25.0488
c0 30.4727 -18.4258 71.7021 -41.1289 92.0293c-3.04688 2.6875 -5.52051 8.16602 -5.52051 12.2285c0 4.58691 3.0127 10.498 6.72363 13.1934c36.6562 27.1719 57.6875 68.6094 57.6875 113.734v0.0839844c0 14.6631 -4.41699 37.6133 -9.85938 51.2285
c-0.658203 1.60645 -1.19238 4.31934 -1.19238 6.05566c0 2.73438 1.25488 6.7832 2.80176 9.03809c2.66895 3.96875 8.7168 7.20996 13.5 7.23438c2.81445 -0.0107422 6.95898 -1.34863 9.25 -2.98438c47.0215 -33.3271 95.3633 -106.028 107.906 -162.281l-41.25 -41.2344
h46.9531c0.359375 -5.76562 1.04688 -11.4531 1.04688 -17.2656c-0.0273438 -14.4502 -2.32324 -37.6836 -5.125 -51.8594l-58.8906 -58.875h39.9688z" />
<glyph glyph-name="journal-whills" unicode="&#xf66a;" horiz-adv-x="448"
d="M448 89.5996c0 -9.59961 -3.2002 -16 -9.59961 -19.1992c-3.2002 -12.8008 -3.2002 -57.6006 0 -73.6006c6.39941 -6.39941 9.59961 -12.7998 9.59961 -19.2002v-16c0 -16 -12.7998 -25.5996 -25.5996 -25.5996h-326.4c-54.4004 0 -96 41.5996 -96 96v320
c0 54.4004 41.5996 96 96 96h326.4c16 0 25.5996 -9.59961 25.5996 -25.5996v-332.801zM133.08 303.61c-2.98047 -10.0908 -5.08008 -20.5605 -5.07031 -31.6201c0 -0.520508 0.140625 -0.990234 0.150391 -1.50977l37.1094 -32.4707
c3.33008 -2.89941 3.6709 -7.9502 0.75 -11.2793c-1.5791 -1.81055 -3.7998 -2.73047 -6.01953 -2.73047h-0.0175781c-1.65527 0 -4.00879 0.886719 -5.25195 1.98047l-23.5908 20.6396c11.54 -49.5801 55.7705 -86.6201 108.86 -86.6201s97.3203 37.04 108.87 86.6299
l-23.5898 -20.6396c-1.52051 -1.32031 -3.39062 -1.98047 -5.27051 -1.98047h-0.0146484c-2 0 -4.69043 1.22363 -6.00488 2.73047c-1.09668 1.24707 -1.98633 3.60645 -1.98633 5.2666c0 2.00293 1.22559 4.69727 2.73633 6.0127l37.1094 32.4707
c0.0107422 0.519531 0.150391 0.990234 0.150391 1.50977c0 11.0498 -2.09961 21.5195 -5.07031 31.5996l-21.2598 -21.2598c-1.57031 -1.55957 -3.61035 -2.33984 -5.66016 -2.33984s-4.09961 0.780273 -5.66016 2.33984c-3.11914 3.12012 -3.11914 8.19043 0 11.3105
l26.4199 26.4199c-10 20.8994 -26.2393 37.9795 -46.3691 49.2598c5.97949 -9.73047 9.59961 -21.0703 9.59961 -33.3301c0 -19.96 -9.33008 -37.5703 -23.6602 -49.3096c9.65039 -10.0605 15.6602 -23.6504 15.6602 -38.6904c0 -26.9404 -19.04 -49.4004 -44.3701 -54.7402
l-1.42969 34.2803l12.6797 -8.62012c0.69043 -0.459961 1.46973 -0.689453 2.25 -0.689453c0.980469 0 1.98047 0.369141 2.75 1.08984c1.36035 1.2793 1.63965 3.33984 0.69043 4.94922l-8.54004 14.3105l17.9102 3.71973
c1.85938 0.390625 3.18945 2.03027 3.18945 3.91992c0 1.89062 -1.33008 3.53027 -3.18945 3.91992l-17.9102 3.7207l8.54004 14.3096c0.308594 0.521484 0.55957 1.43652 0.55957 2.04297c0 0.950195 -0.55957 2.25293 -1.25 2.90723
c-0.645508 0.59668 -1.88281 1.08105 -2.76172 1.08105c-0.672852 0 -1.67578 -0.300781 -2.23828 -0.670898l-14.2002 -9.65039l-4.67969 112.29c-0.0898438 2.13965 -1.86035 3.83008 -4 3.83008s-3.91016 -1.69043 -4 -3.83008l-4.62012 -110.81l-12.0098 8.15918
c-1.56055 1.03027 -3.63965 0.890625 -5 -0.40918c-1.36035 -1.28027 -1.63965 -3.34082 -0.69043 -4.9502l8.54004 -14.3105l-17.9102 -3.71973c-1.85938 -0.389648 -3.18945 -2.03027 -3.18945 -3.91992s1.33008 -3.53027 3.18945 -3.91992l17.9102 -3.71973
l-8.54004 -14.3105c-0.308594 -0.521484 -0.55957 -1.43652 -0.55957 -2.04297c0 -0.950195 0.55957 -2.25293 1.25 -2.90723c0.769531 -0.709961 1.75 -1.08984 2.75 -1.08984c0.780273 0 1.55957 0.240234 2.25 0.69043l10.3701 7.04004l-1.36035 -32.71
c-25.3398 5.35938 -44.3799 27.8193 -44.3799 54.7598c0 15.04 6.00977 28.6299 15.6602 38.6904c-14.3301 11.7393 -23.6602 29.3496 -23.6602 49.3096c0 12.2598 3.62012 23.5996 9.61035 33.3398c-20.1299 -11.29 -36.3701 -28.3594 -46.3701 -49.2598l26.4199 -26.4199
c3.12012 -3.12012 3.12012 -8.19043 0 -11.3105c-1.57031 -1.55957 -3.61035 -2.33984 -5.66016 -2.33984s-4.09961 0.780273 -5.66016 2.33984zM380.8 0v64h-284.8c-16 0 -32 -12.7998 -32 -32s12.7998 -32 32 -32h284.8z" />
d="M438.406 70.4062c-3.20312 -12.8125 -3.20312 -57.6094 0 -73.6094c6.39062 -6.39062 9.58887 -12.792 9.59375 -19.2031v-16c0 -16 -12.7969 -25.5938 -25.5938 -25.5938h-326.406c-54.4062 0 -96 41.5938 -96 96v320c0 54.4062 41.5938 96 96 96h326.406
c16 0 25.5938 -9.59375 25.5938 -25.5938v-332.812c0 -9.59375 -3.19824 -15.9893 -9.59375 -19.1875zM380.797 64h-284.797c-16 0 -32 -12.7969 -32 -32s12.7969 -32 32 -32h284.797v64zM128.016 271.984c0 -0.515625 0.140625 -0.984375 0.140625 -1.5l37.1094 -32.4688
c1.50488 -1.31934 2.72656 -4.01465 2.72656 -6.01562c0 -4.41211 -3.58008 -7.99609 -7.99219 -8h-0.015625c-1.625 0.0820312 -3.97656 0.97168 -5.25 1.98438l-23.5938 20.6406c11.5469 -49.5781 55.7656 -86.625 108.859 -86.625s97.3125 37.0469 108.875 86.625
l-23.5938 -20.6406c-1.25 -1.08691 -3.60938 -1.96875 -5.26562 -1.96875v0h-0.015625c-1.9502 0.108398 -4.64551 1.32617 -6.01562 2.71875c-1.01074 1.27832 -1.89941 3.6377 -1.98438 5.26562c0.107422 1.9541 1.33203 4.64941 2.73438 6.01562l37.1094 32.4688
c0.015625 0.53125 0.15625 1 0.15625 1.51562c0 11.0469 -2.09375 21.5156 -5.0625 31.5938l-21.2656 -21.25c-1.29492 -1.2959 -3.83105 -2.34766 -5.66309 -2.34766c-4.41895 0 -8.00488 3.58594 -8.00488 8.00488c0 1.82812 1.04883 4.36133 2.33984 5.65527
l26.4219 26.4062c-8.47949 17.6582 -29.249 39.7295 -46.3594 49.2656c5.2959 -8.46484 9.59375 -23.4395 9.59375 -33.4248c0 -16.7217 -10.5977 -38.7705 -23.6562 -49.2158c8.64258 -8.95605 15.6562 -26.3262 15.6562 -38.7725
c0 -25.0283 -19.8799 -49.5117 -44.375 -54.6494l-1.42188 34.2812l12.6719 -8.625c0.557617 -0.379883 1.55762 -0.6875 2.23242 -0.6875h0.0175781h0.0253906c2.19727 0 3.98145 1.7832 3.98145 3.98047c0 0.609375 -0.254883 1.52832 -0.569336 2.05078l-8.53125 14.3125
l17.9062 3.71875c1.75977 0.367188 3.1875 2.12402 3.1875 3.92188s-1.42773 3.55469 -3.1875 3.92188l-17.9062 3.71875l8.53125 14.3125c0.314453 0.522461 0.569336 1.44141 0.569336 2.05078c0 2.19727 -1.78418 3.98047 -3.98145 3.98047h-0.0253906
c-0.668945 -0.0263672 -1.67676 -0.327148 -2.25 -0.671875l-14.1875 -9.65625l-4.6875 112.297c-0.0927734 2.11328 -1.88477 3.82812 -4 3.82812s-3.90723 -1.71484 -4 -3.82812l-4.625 -110.812l-12 8.15625c-0.561523 0.380859 -1.56836 0.69043 -2.24707 0.69043
c-2.20996 0 -4.00293 -1.79297 -4.00293 -4.00293c0 -0.607422 0.251953 -1.52441 0.5625 -2.04688l8.53125 -14.3125l-17.9062 -3.71875c-1.75977 -0.364258 -3.1875 -2.11719 -3.1875 -3.91406s1.42773 -3.5498 3.1875 -3.91406l17.9062 -3.73438l-8.53125 -14.2969
c-0.285156 -0.529297 -0.537109 -1.44629 -0.5625 -2.04688c0.0507812 -0.928711 0.611328 -2.23047 1.25 -2.90625c0.639648 -0.603516 1.87109 -1.09277 2.75 -1.09375c0.677734 0.00292969 1.68555 0.311523 2.25 0.6875l10.3594 7.04688l-1.35938 -32.7188
c-24.4951 5.14746 -44.375 29.6396 -44.375 54.6699c0 12.4482 7.01367 29.8232 15.6562 38.7832c-13.0586 10.4434 -23.6562 32.4893 -23.6562 49.21c0 9.99316 4.30469 24.9775 9.60938 33.4463c-17.1104 -9.53906 -37.8867 -31.6104 -46.375 -49.2656l26.4219 -26.4219
c1.28516 -1.29199 2.3291 -3.81934 2.3291 -5.64258c0 -4.41504 -3.58398 -7.99902 -7.99902 -7.99902c-1.82324 0 -4.35059 1.04395 -5.64258 2.3291l-21.2656 21.2656c-2.98438 -10.0938 -5.07812 -20.5625 -5.0625 -31.625z" />
<glyph glyph-name="kaaba" unicode="&#xf66b;" horiz-adv-x="576"
d="M554.12 364.49c13.0703 -4.36035 21.8799 -16.5898 21.8799 -30.3604v-49.0098l-265 79.5098c-15.0596 4.5 -30.9502 4.5 -45.9805 0l-265.02 -79.5098v49.0098c0.000976562 12.7314 9.80273 26.332 21.8799 30.3604l235.771 78.5801
c8.15723 2.71973 21.7559 4.92676 30.3545 4.92676s22.1982 -2.20703 30.3555 -4.92676zM274.22 333.97c9 2.7207 18.5498 2.7207 27.5898 0l274.2 -82.2598v-228.39c0 -15 -10.4199 -27.9902 -25.0596 -31.2402l-242.12 -53.7998
@ -3889,10 +3920,10 @@ l-100.43 175.75h100.43z" />
d="M422.19 338.05c5.3291 -3.24023 5.2998 -11.2695 -0.0507812 -14.46l-198.14 -118.14l-198.13 118.14c-5.35059 3.19043 -5.37988 11.2305 -0.0605469 14.46l165.971 100.88c19.9102 12.1006 44.5195 12.1006 64.4297 0zM436.03 293.42
c5.33008 3.17969 11.9697 -0.839844 11.9697 -7.25v-197.7c0 -23.7598 -12.1104 -45.7393 -31.79 -57.7002l-152.16 -92.4795c-10.6602 -6.48047 -24.0498 1.5498 -24.0498 14.4297v223.82zM0 286.17c0 6.41016 6.63965 10.4297 11.9697 7.25l196.03 -116.88v-223.81
c0 -12.8906 -13.3799 -20.9102 -24.0498 -14.4307l-152.16 92.4697c-19.6797 11.9609 -31.79 33.9307 -31.79 57.7002v197.7z" />
<glyph glyph-name="dog" unicode="&#xf6d3;"
d="M496 352c8.83984 0 16 -7.16016 16 -16v-32c0 -35.3496 -28.6504 -64 -64 -64h-32v-35.5801l-128 45.71v149.84c0 14.25 17.2305 21.3906 27.3203 11.3105l27.2793 -27.2803h53.6201c10.917 -0.000976562 23.7383 -7.92578 28.6201 -17.6904l7.16016 -14.3096h64z
M384 304c8.83984 0 16 7.16016 16 16s-7.16016 16 -16 16s-16 -7.16016 -16 -16s7.16016 -16 16 -16zM96 224h170.05l149.95 -53.5498v-218.45c0 -8.83984 -7.16016 -16 -16 -16h-64c-8.83984 0 -16 7.16016 -16 16v112h-160v-112c0 -8.83984 -7.16016 -16 -16 -16h-64
c-8.83984 0 -16 7.16016 -16 16v213.9c-37.1699 13.25 -64 48.4395 -64 90.0996c0 17.6699 14.3301 32 32 32s32 -14.3301 32 -32c0 -17.6396 14.3604 -32 32 -32z" />
<glyph glyph-name="dog" unicode="&#xf6d3;" horiz-adv-x="576"
d="M298.06 224l149.94 -53.5498v-218.45c0 -8.83203 -7.16797 -16 -16 -16h-64c-8.83203 0 -16 7.16797 -16 16v112h-160v-112c0 -8.83203 -7.16797 -16 -16 -16h-64c-8.83203 0 -16 7.16797 -16 16v213.91c-37.1602 13.25 -64 48.4297 -64 90.0898
c0 17.6641 14.3359 32 32 32s32 -14.3359 32 -32c0.0332031 -17.6309 14.3691 -31.9668 32 -32h170.06zM544 336v-32c0 -35.3281 -28.6719 -64 -64 -64h-32v-35.5801l-128 45.71v149.87c0 14.25 17.2197 21.3896 27.3096 11.3096l27.2803 -27.3096h53.6299
c10.9102 0 23.75 -7.91992 28.6201 -17.6904l7.16016 -14.3096h64c8.83203 0 16 -7.16797 16 -16zM432 336c0 8.83203 -7.16797 16 -16 16s-16 -7.16797 -16 -16s7.16797 -16 16 -16s16 7.16797 16 16z" />
<glyph glyph-name="dragon" unicode="&#xf6d5;" horiz-adv-x="640"
d="M18.3203 192.22c-15.96 -2.2793 -24.8906 17.8105 -12.5107 28.1406l117.4 116.34c21.7705 18.5996 53.2402 20.4697 77.0596 4.58984l119.73 -87.5996v-42.2705c0 -28.9102 5.29004 -56.9795 14.7305 -83.3799h-222.7c-14.25 0 -21.3906 17.2295 -11.3105 27.3096
l91.2803 68.6904zM575.19 158.12c41.9092 -20.96 67.1592 -64.0801 64.6396 -111.36c-3.37988 -63.2002 -59.7002 -110.77 -122.99 -110.76h-499.08c-9.80957 0 -17.7598 8 -17.7598 17.7998c0 8.32031 5.78027 15.5303 13.9004 17.3301
@ -4131,10 +4162,13 @@ c22.6006 11.5 49.4004 -1.5 49.4004 -26.5996v-30.7998c-105.2 -49.1006 -150.8 -35.
c0 8.89941 -7.2002 16 -16 16s-16 -7.2002 -16 -16c0 -8.90039 7.2002 -16 16 -16zM224 327.8c8.7998 0 16 7.2002 16 16c0 8.90039 -7.2002 16 -16 16s-16 -7.2002 -16 -16c0 -8.89941 7.2002 -16 16 -16zM224 383.7c8.7998 0 16 7.2002 16 16c0 8.89941 -7.2002 16 -16 16
s-16 -7.2002 -16 -16c0 -8.90039 7.2002 -16 16 -16z" />
<glyph glyph-name="meteor" unicode="&#xf753;"
d="M491.2 447.3c12.3994 3.7002 23.7998 -7.7002 20.2002 -20.0996c-11.6006 -38.7002 -34.3008 -111.7 -61.3008 -187.7c7 -2.09961 13.4004 -4 18.6006 -5.59961c9.7002 -3 14.2002 -13.9004 9.5 -22.9004c-22.1006 -42.2998 -82.7002 -152.8 -142.5 -214.4
c-1 -1.09961 -2 -2.5 -3 -3.5c-38.1006 -38.0996 -88 -57.0996 -137.9 -57.0996c-49.8994 -0.0996094 -99.7998 19 -137.8 57c-38 38.0996 -57 88 -57 137.8c0 49.9004 19 99.7998 57.0996 137.8c1 1 2.40039 2 3.5 3c61.6006 59.9004 172 120.4 214.4 142.5
c9 4.7002 19.9004 0.200195 22.9004 -9.5c1.59961 -5.09961 3.5 -11.5996 5.59961 -18.5996c75.9004 27 149 49.7002 187.7 61.2998zM192 0c70.7002 0 128 57.2998 128 128s-57.2998 128 -128 128s-128 -57.2998 -128 -128s57.2998 -128 128 -128zM160 192
c17.7002 0 32 -14.2998 32 -32s-14.2998 -32 -32 -32s-32 14.2998 -32 32s14.2998 32 32 32zM208 96c8.7998 0 16 -7.2002 16 -16s-7.2002 -16 -16 -16s-16 7.2002 -16 16s7.2002 16 16 16z" />
d="M511.328 427.197c-11.6074 -38.7021 -34.3076 -111.702 -61.3037 -187.701c6.99902 -2.09375 13.4043 -4 18.6074 -5.59277c6.28125 -1.91504 11.3789 -8.79785 11.3789 -15.3643c0 -2.21094 -0.842773 -5.58984 -1.88086 -7.54199
c-22.1055 -42.2969 -82.6904 -152.795 -142.479 -214.403c-0.999023 -1.09375 -1.99902 -2.5 -2.99902 -3.5c-31.501 -31.5098 -93.2285 -57.083 -137.784 -57.083c-107.546 0 -194.83 87.2842 -194.83 194.831c0 44.5391 25.5566 106.25 57.0469 137.748
c1 1 2.40625 2 3.49902 3c61.6006 59.9053 171.975 120.405 214.374 142.498c1.95215 1.03809 5.33008 1.88086 7.54102 1.88086c6.56641 0 13.4492 -5.09863 15.3613 -11.3809c1.59375 -5.09375 3.5 -11.5928 5.59277 -18.5928
c75.8955 26.999 148.978 49.7021 187.675 61.2959c1.26465 0.382812 3.36426 0.692383 4.68555 0.692383c8.93262 0 16.1826 -7.25 16.1826 -16.1826c0 -1.29785 -0.298828 -3.35938 -0.667969 -4.60352zM319.951 127.998
c-0.00976562 70.6348 -57.3457 127.962 -127.98 127.962c-70.6455 0 -127.98 -57.335 -127.98 -127.98c0 -70.6445 57.335 -127.979 127.98 -127.979h0.00488281c70.6426 0 127.976 57.333 127.976 127.976v0.0224609zM191.971 159.997
c-0.00292969 -17.6582 -14.3359 -31.9902 -31.9951 -31.9902c-17.6611 0 -31.9951 14.334 -31.9951 31.9951s14.334 31.9951 31.9951 31.9951h0.0361328c17.6416 0 31.959 -14.3174 31.959 -31.959v-0.0410156zM223.966 79.998
c-0.000976562 -8.8291 -7.16797 -15.9951 -15.998 -15.9951s-15.9971 7.16699 -15.9971 15.998c0 8.83008 7.16699 15.9971 15.9971 15.9971c8.80371 -0.0283203 15.9707 -7.19629 15.998 -16z" />
<glyph glyph-name="person-booth" unicode="&#xf756;" horiz-adv-x="576"
d="M192 -48v176h64v-176c0 -8.7998 -7.2002 -16 -16 -16h-32c-8.7998 0 -16 7.2002 -16 16zM224 224c17.7002 0 32 -14.2998 32 -32s-14.2998 -32 -32 -32h-57.5c-12.7998 0 -24.7998 5 -33.9004 14.0996l-20.8994 20.9004v-80.5996l41.2002 -61.3008
c4.39941 -8.7998 6.69922 -18.6992 6.69922 -28.5996v-56.5c0 -17.7002 -14.2998 -32 -32 -32c-17.6992 0 -32 14.2998 -32 32v56l-29.0996 43c-0.900391 0.400391 -1.59961 1.2002 -2.5 1.7002l-0.0996094 -100.7c0 -17.7002 -14.4004 -32 -32 -32
@ -4298,10 +4332,11 @@ c0 8.7998 7.2002 16 16 16h480z" />
d="M96 -48c0 -8.7998 -7.2002 -16 -16 -16h-32c-8.7998 0 -16 7.2002 -16 16v480c0 8.7998 7.2002 16 16 16h32c8.7998 0 16 -7.2002 16 -16v-480zM224 -48c0 -8.7998 -7.2002 -16 -16 -16h-32c-8.7998 0 -16 7.2002 -16 16v480c0 8.7998 7.2002 16 16 16h32
c8.7998 0 16 -7.2002 16 -16v-480z" />
<glyph glyph-name="guitar" unicode="&#xf7a6;"
d="M502.6 393.4c12.5 -12.5 12.5 -32.8008 0.100586 -45.2002l-67.9004 -67.9004c-12.5 -12.5 -32.7998 -12.5 -45.2998 0l-54.2002 -54.2002c28.9004 -45.3994 28.9004 -100.399 -4.2002 -133.5c-9.69922 -9.69922 -21.1992 -16.3994 -33.8994 -20.5
c-18.7998 -6.09961 -33.1006 -23.5996 -34.9004 -42.6992c-2.2998 -24.1006 -11.5996 -46.4004 -28.7998 -63.5c-46.0996 -46.1006 -129.1 -37.9004 -185.3 18.2998s-64.5 139.2 -18.2998 185.3c17.0996 17.2002 39.3994 26.5 63.3994 28.7998
c19.2002 1.7998 36.6006 16.1006 42.7002 34.9004c4.09961 12.7002 10.7998 24.2002 20.5 33.8994c33.0996 33.1006 88.0996 33.2002 133.5 4.2002l54.2002 54.1006c-12.5 12.5 -12.5 32.7998 0 45.2998l67.8994 67.8994c12.5 12.5 32.8008 12.5 45.3008 0zM208 96
c26.5 0 48 21.5 48 48s-21.5 48 -48 48s-48 -21.5 -48 -48s21.5 -48 48 -48z" />
d="M502.63 409c5.15625 -5.1709 9.33984 -15.293 9.33984 -22.5947c0 -7.31543 -4.19727 -17.4521 -9.37012 -22.625l-46.3301 -46.3203c-3.24707 -3.25684 -9.4248 -7.07812 -13.7891 -8.53027l-36.4805 -12.1602l-76.2402 -76.2393
c8.79004 -12.2002 15.7705 -25.5605 19.1602 -40.2002c7.74023 -33.3896 0.870117 -66.8701 -22 -89.75c-7.87793 -7.8418 -22.877 -16.9141 -33.4795 -20.25c-18.54 -6.00977 -32.6709 -23.29 -34.4307 -42.1396c-2.29004 -23.8105 -11.4502 -45.8301 -28.4502 -62.71
c-45.5596 -45.4805 -127.5 -37.3809 -182.979 18.0693c-55.4805 55.4502 -63.6904 137.45 -18.0498 182.96c16.8799 16.9902 38.9102 26.1699 62.6094 28.4404c18.9404 1.76953 36.1504 15.8994 42.1504 34.46c3.33105 10.6016 12.3984 25.5957 20.2402 33.4697
c22.8799 22.8799 56.4297 29.7803 89.8799 22c14.5996 -3.39941 27.9395 -10.3799 40.0996 -19.1396l76.2598 76.2598l12.1602 36.5098c1.45215 4.36426 5.27344 10.542 8.53027 13.79l46.2803 46.3301c5.17383 5.1748 15.3115 9.375 22.6299 9.375
c7.31738 0 17.4561 -4.2002 22.6299 -9.375zM208 96c26.4961 0 48 21.5039 48 48s-21.5039 48 -48 48s-48 -21.5039 -48 -48s21.5039 -48 48 -48z" />
<glyph glyph-name="heart-broken" unicode="&#xf7a9;"
d="M473.7 374.2c48.7002 -49.7998 50.7998 -129.101 7.2998 -182.101l-212.2 -218.699c-7.09961 -7.30078 -18.5996 -7.30078 -25.7002 0l-212.1 218.6c-43.5 53.0996 -41.4004 132.4 7.2998 182.2l2.40039 2.39941c46.2998 47.4004 119 51.8008 170.7 14l28.5996 -86.5
l-96 -64l144 -144l-48 128l96 64l-34.2998 103.4c51.5996 36.9004 123.6 32.2002 169.6 -14.7998z" />
@ -4352,16 +4387,20 @@ c14.2998 -1.2002 26.5 -10.7002 29.7998 -24.2002zM336 448c8.7998 0 16 -7.2002 16
c0 -13.2998 -10.7002 -24 -24 -24h-8v-136c0 -13.2998 -10.7002 -24 -24 -24h-80c-13.2998 0 -24 10.7002 -24 24v136h-8c-13.2998 0 -24 10.7002 -24 24v136c0 25.0996 19.2998 45.5 43.9004 47.5996c15 -9.7998 32.8994 -15.5996 52.0996 -15.5996
s37.0996 5.7998 52.0996 15.5996z" />
<glyph glyph-name="satellite" unicode="&#xf7bf;"
d="M502.7 183c12.3994 -12.4004 12.3994 -32.5996 -0.100586 -45l-96.6992 -96.7002c-6.2002 -6.2002 -14.4004 -9.2998 -22.5 -9.2998c-8.10059 0 -16.3008 3.09961 -22.5 9.2998l-80.3008 80.4004l-9.89941 -9.90039c24.2998 -53.7002 22.7002 -116.2 -5.40039 -168.5
c-4.5 -8.5 -16.3994 -9.59961 -23.2002 -2.7998l-107.5 107.5l-17.7998 -17.7998c0.700195 -2.60059 1.60059 -5 1.60059 -7.7998c0 -17.7002 -14.3008 -32 -32 -32c-17.7002 0 -32 14.2998 -32 32c0 17.6992 14.2998 32 32 32c2.7998 0 5.19922 -0.900391 7.7998 -1.60059
l17.7998 17.7998l-107.5 107.5c-6.7998 6.80078 -5.7002 18.6006 2.7998 23.2002c52.2998 28.1006 114.8 29.7002 168.5 5.40039l9.7998 9.7998l-80.2998 80.4004c-12.3994 12.5 -12.3994 32.6992 0 45.0996l96.7002 96.7002c6.2002 6.2002 14.2998 9.2998 22.5 9.2998
s16.2998 -3.09961 22.5996 -9.2998l80.3008 -80.2998l47.7998 47.8994c13.0996 13.1006 34.3994 13.1006 47.5 0l47.5 -47.5c13.0996 -13.0996 13.0996 -34.3994 0 -47.5l-47.7998 -47.8994zM150.7 319.5l68.8994 -68.9004l73.8008 73.8008l-68.9004 68.8994zM383.5 86.7002
l73.7998 73.7998l-68.8994 68.9004l-73.8008 -73.8008z" />
d="M502.609 137.958l-96.7041 -96.7168c-5.15039 -5.13184 -15.2324 -9.29785 -22.5029 -9.29785c-7.27148 0 -17.3535 4.16602 -22.5039 9.29785l-80.3262 80.418l-9.89258 -9.9082c9.41016 -20.7256 17.0469 -56.0186 17.0469 -78.7803
c0 -26.3193 -10.0596 -66.5244 -22.4541 -89.7422c-4.50098 -8.50098 -16.3936 -9.59473 -23.207 -2.79785l-107.519 107.515l-17.7998 -17.7988c0.703125 -2.60938 1.60938 -5.00098 1.60938 -7.79785v-0.000976562c0 -17.667 -14.3379 -32.0059 -32.0049 -32.0059
s-32.0059 14.3389 -32.0059 32.0059s14.3389 32.0049 32.0059 32.0049c2.79688 0 5.18848 -0.90625 7.79785 -1.60938l17.7998 17.7998l-107.518 107.515c-6.79883 6.8125 -5.7041 18.6113 2.79688 23.2061c23.2197 12.3936 63.4248 22.4531 89.7451 22.4531
c22.7627 0 58.0576 -7.63672 78.7832 -17.0469l9.79883 9.79883l-80.3105 80.417c-5.13086 5.16602 -9.29395 15.2686 -9.29395 22.5498s4.16309 17.3838 9.29395 22.5498l96.7197 96.7168c5.11621 5.13281 15.1514 9.29785 22.3984 9.29785h0.105469h0.0449219
c7.28223 0 17.3857 -4.16602 22.5527 -9.29785l80.3262 -80.3076l47.8047 47.8965c5.43262 5.42773 16.0742 9.83398 23.7539 9.83398s18.3213 -4.40625 23.7539 -9.83398l47.5088 -47.5059c5.42188 -5.43555 9.82129 -16.0771 9.82129 -23.7539
s-4.39941 -18.3184 -9.82129 -23.7529l-47.8057 -47.8975l80.3105 -80.417c5.12305 -5.13672 9.28125 -15.1934 9.28125 -22.4482c0 -7.30469 -4.20703 -17.4111 -9.39062 -22.5576zM219.562 250.567l73.8252 73.8223l-68.918 68.8994l-73.8096 -73.8066zM457.305 160.461
l-68.9023 68.916l-73.8242 -73.8232l68.918 -68.8994z" />
<glyph glyph-name="satellite-dish" unicode="&#xf7c0;"
d="M188.8 102.1l116.601 -116.6c7.39941 -7.2998 6.19922 -20.0996 -3 -25c-77.7002 -41.7998 -176.7 -29.9004 -242.301 35.7002c-65.5996 65.5996 -77.5 164.5 -35.6992 242.3c4.89941 9.09961 17.6992 10.2998 25 3l116.8 -116.8l27.3994 27.3994
c-0.699219 2.60059 -1.59961 5 -1.59961 7.80078c0 17.6992 14.2998 32 32 32s32 -14.3008 32 -32c0 -17.7002 -14.2998 -32 -32 -32c-2.7998 0 -5.2002 0.899414 -7.7998 1.59961zM209 448c163.2 -8.59961 294.4 -139.8 302.9 -303c0.5 -9.2002 -6.80078 -17 -16 -17
h-32.1006c-8.39941 0 -15.3994 6.59961 -15.8994 15c-7.5 129.5 -111.5 234.5 -240.9 241.5c-8.40039 0.400391 -15 7.40039 -15 15.9004v31.5996c0 9.2002 7.7998 16.5 17 16zM209.3 352c110.101 -8.5 198.2 -96.5996 206.601 -206.7
c0.699219 -9.2998 -6.80078 -17.2998 -16.1006 -17.2998h-32.2002c-8.2998 0 -15.0996 6.40039 -15.8994 14.7002c-6.90039 77 -68.1006 138.899 -144.9 145.2c-8.2998 0.599609 -14.7998 7.5 -14.7998 15.8994v32.1006c0 9.39941 8 16.7998 17.2998 16.0996z" />
d="M305.449 -14.5898c7.3916 -7.29785 6.18848 -20.0967 -3 -25.0039c-77.7129 -41.8027 -176.726 -29.9102 -242.344 35.708c-65.6016 65.6035 -77.5098 164.523 -35.6914 242.332c4.89062 9.09473 17.6895 10.2979 25.0029 3l116.812 -116.813l27.3945 27.3945
c-0.6875 2.60938 -1.59375 5.00098 -1.59375 7.81348c0 17.666 14.3379 32.0039 32.0039 32.0039s32.0039 -14.3379 32.0039 -32.0039s-14.3379 -32.0039 -32.0039 -32.0039c-2.79785 0 -5.2041 0.890625 -7.79785 1.59375l-27.4102 -27.4102zM511.976 144.933
c0.0136719 -0.248047 0.0253906 -0.650391 0.0253906 -0.899414c0 -8.84668 -7.18066 -16.0615 -16.0273 -16.1025h-32.1133c-8.27148 0.0244141 -15.3916 6.74512 -15.8926 15.002c-7.50098 129.519 -111.515 234.533 -240.937 241.534
c-8.28125 0.441406 -15.0029 7.5293 -15.0029 15.8223c0 0.0234375 0 0.0625 0.000976562 0.0859375v31.5986c0.0361328 8.84766 7.24609 16.0273 16.0938 16.0273c0.250977 0 0.657227 -0.0107422 0.908203 -0.0253906c163.224 -8.59473 294.443 -139.816 302.944 -303.043
zM415.964 145.229c0.0195312 -0.299805 0.0361328 -0.788086 0.0361328 -1.08887c0 -8.91309 -7.23438 -16.1758 -16.1475 -16.21h-32.208c-8.08594 0.0585938 -15.2061 6.64648 -15.8926 14.7051c-6.90625 77.0107 -68.1172 138.91 -144.924 145.224
c-8.16602 0.585938 -14.7959 7.70605 -14.7988 15.8926v32.1143v0.00390625c0 8.90625 7.22754 16.1338 16.1338 16.1338c0.322266 0 0.84375 -0.0185547 1.16504 -0.0419922c110.123 -8.50098 198.229 -96.6074 206.636 -206.732z" />
<glyph glyph-name="sd-card" unicode="&#xf7c2;" horiz-adv-x="384"
d="M320 448c35.2998 0 64 -28.7002 64 -64v-384c0 -35.2998 -28.7002 -64 -64 -64h-256c-35.2998 0 -64 28.7002 -64 64v320l128 128h192zM160 288v96h-48v-96h48zM240 288v96h-48v-96h48zM320 288v96h-48v-96h48z" />
<glyph glyph-name="sim-card" unicode="&#xf7c4;" horiz-adv-x="384"
@ -4475,6 +4514,11 @@ c-2.58789 2.58691 -4.6875 7.65625 -4.6875 11.3154s2.09961 8.72852 4.6875 11.3154
c-10.7441 -10.748 -31.4814 -22.2393 -46.29 -25.6494l-120.25 -27.75l-102 -102c-2.58691 -2.58789 -7.65625 -4.6875 -11.3154 -4.6875s-8.72754 2.09961 -11.3154 4.6875l-22.6191 22.6191c-2.58789 2.58789 -4.6875 7.65625 -4.6875 11.3154
s2.09961 8.72852 4.6875 11.3154l102 102l27.7393 120.26c3.4248 14.8057 14.9248 35.5439 25.6699 46.29l109.671 109.67l45.25 -45.25l-55.1006 -55.1006zM273.2 141.31l9.30957 9.31055l-67.8896 67.8896l-9.31055 -9.30957
c-3.57715 -3.59082 -7.41211 -10.5127 -8.55957 -15.4502l-18.2998 -79.2998l79.2998 18.3193c4.94043 1.13379 11.8623 4.95996 15.4502 8.54004z" />
<glyph glyph-name="disease" unicode="&#xf7fa;"
d="M472.29 252.1c48.54 -16.6191 53.8301 -73.8301 8.99023 -96.79l-62 -31.7393c-17.8301 -9.12988 -29.2803 -25.2002 -30.6299 -43l-4.7002 -61.8604c-3.4502 -44.79 -65.1299 -66.7803 -104.45 -37.2197l-54.3203 40.8301
c-15.6201 11.7295 -36.96 16.1201 -57.0693 11.7295l-70 -15.2803c-50.6504 -11.0596 -94.1104 32.5605 -73.46 73.8008l28.4297 57c8.17969 16.3799 6.43945 35.1699 -4.63965 50.2393l-38.54 52.4209c-27.9307 37.9492 7 86.9092 59 82.8398l71.8994 -5.62012
c20.6602 -1.62012 40.9404 5.59961 54.2002 19.3096l46.0898 47.7207c33.4297 34.5098 98.4199 21.1494 110 -22.6201l16 -60.4502c4.60059 -17.3906 18.8604 -31.71 38.1406 -38.3105zM160 192c17.6641 0 32 14.3359 32 32s-14.3359 32 -32 32s-32 -14.3359 -32 -32
s14.3359 -32 32 -32zM288 96c17.6641 0 32 14.3359 32 32s-14.3359 32 -32 32s-32 -14.3359 -32 -32s14.3359 -32 32 -32zM304 224c8.83203 0 16 7.16797 16 16s-7.16797 16 -16 16s-16 -7.16797 -16 -16s7.16797 -16 16 -16z" />
<glyph glyph-name="egg" unicode="&#xf7fb;" horiz-adv-x="384"
d="M192 448c106 0 192 -214 192 -320s-86 -192 -192 -192s-192 86 -192 192s86 320 192 320z" />
<glyph glyph-name="hamburger" unicode="&#xf805;"
@ -4490,6 +4534,15 @@ l38.3994 -6.40039c13.46 -2.25 23.1504 -12.0996 23.1504 -23.54v-49.5898l35.6504 -
<glyph glyph-name="hard-hat" unicode="&#xf807;"
d="M480 160v-64h-448v64c0 80.25 49.2803 148.92 119.19 177.62l40.8096 -81.6201v112c0 8.83203 7.16797 16 16 16h96c8.83203 0 16 -7.16797 16 -16v-112l40.8096 81.6201c69.9102 -28.7002 119.19 -97.3701 119.19 -177.62zM496 64c8.83203 0 16 -7.16797 16 -16v-32
c0 -8.83203 -7.16797 -16 -16 -16h-480c-8.83203 0 -16 7.16797 -16 16v32c0 8.83203 7.16797 16 16 16h480z" />
<glyph glyph-name="hospital-user" unicode="&#xf80d;" horiz-adv-x="640"
d="M480 128c-52.9922 0 -96 43.0078 -96 96s43.0078 96 96 96s96 -43.0078 96 -96s-43.0078 -96 -96 -96zM528 96c61.8242 0 112.002 -50.1758 112.002 -112c0 -0.170898 -0.000976562 -0.449219 -0.00195312 -0.620117c-0.139648 -26.2598 -21.7305 -47.3799 -48 -47.3799
h-224c-26.2695 0 -47.8604 21.1201 -48 47.3799c-0.000976562 0.170898 -0.00195312 0.449219 -0.00195312 0.620117c0 61.8242 50.1758 112 112 112h0.00195312h0.0810547c1.9707 0 5.09277 -0.488281 6.96875 -1.08984
c10.9795 -3.81445 29.3223 -6.91016 40.9453 -6.91016s29.9658 3.0957 40.9453 6.91016c1.87891 0.601562 5.00488 1.08984 6.97754 1.08984h0.0820312zM329.91 85.5498c-23.1367 -23.1309 -41.915 -68.4561 -41.915 -101.172
c0 -0.322266 0.00195312 -0.845703 0.00488281 -1.16797c0.136719 -14.5381 7.44336 -35.6885 16.3096 -47.21h-288.31c-8.83203 0 -16 7.16797 -16 16v368c0 17.6641 14.3359 32 32 32h32v64c0 17.6641 14.3359 32 32 32h160c17.6641 0 32 -14.3359 32 -32v-64h32
c17.6641 0 32 -14.3359 32 -32v-216.62c-6.58008 -4.32227 -16.4766 -12.3096 -22.0898 -17.8301zM144 44v40c0 6.62402 -5.37598 12 -12 12h-40c-6.62402 0 -12 -5.37598 -12 -12v-40c0 -6.62402 5.37598 -12 12 -12h40c6.62402 0 12 5.37598 12 12zM144 172v40
c0 6.62402 -5.37598 12 -12 12h-40c-6.62402 0 -12 -5.37598 -12 -12v-40c0 -6.62402 5.37598 -12 12 -12h40c6.62402 0 12 5.37598 12 12zM192 294v26h26c3.31152 0 6 2.68848 6 6v20c0 3.31152 -2.68848 6 -6 6h-26v26c0 3.31152 -2.68848 6 -6 6h-20
c-3.31152 0 -6 -2.68848 -6 -6v-26h-26c-3.31152 0 -6 -2.68848 -6 -6v-20c0 -3.31152 2.68848 -6 6 -6h26v-26c0 -3.31152 2.68848 -6 6 -6h20c3.31152 0 6 2.68848 6 6zM272 44v40c0 6.62402 -5.37598 12 -12 12h-40c-6.62402 0 -12 -5.37598 -12 -12v-40
c0 -6.62402 5.37598 -12 12 -12h40c6.62402 0 12 5.37598 12 12zM272 172v40c0 6.62402 -5.37598 12 -12 12h-40c-6.62402 0 -12 -5.37598 -12 -12v-40c0 -6.62402 5.37598 -12 12 -12h40c6.62402 0 12 5.37598 12 12z" />
<glyph glyph-name="hotdog" unicode="&#xf80f;"
d="M488.56 424.56c12.9297 -12.9326 23.4238 -38.2715 23.4238 -56.5596s-10.4941 -43.627 -23.4238 -56.5596l-352 -352c-13.0205 -13.4824 -38.7998 -24.4238 -57.543 -24.4238c-44.1592 0 -80 35.8408 -80 80c0 18.7432 10.9414 44.5225 24.4238 57.543l352 352
c12.9326 12.9297 38.2715 23.4238 56.5596 23.4238s43.627 -10.4941 56.5596 -23.4238zM438.63 329.37c2.58691 2.58691 4.68652 7.65625 4.68652 11.3145c0 8.83301 -7.16797 16.002 -16.001 16.002c-3.65918 0 -8.72852 -2.09961 -11.3154 -4.68652
@ -4528,11 +4581,10 @@ d="M32 -16v336h384v-336c0 -26.4961 -21.5039 -48 -48 -48h-288c-26.4961 0 -48 21.5
c14.2598 0 21.3994 18.1797 11.3203 28.7998l-89.3809 94.2598c-2.52441 2.72949 -7.5918 4.94336 -11.3096 4.94336s-8.78516 -2.21387 -11.3096 -4.94336zM432 416c8.83203 0 16 -7.16797 16 -16v-32c0 -8.83203 -7.16797 -16 -16 -16h-416c-8.83203 0 -16 7.16797 -16 16
v32c0 8.83203 7.16797 16 16 16h120l9.40039 18.7002c3.58984 7.3418 13.1357 13.2998 21.3086 13.2998h0.0908203h114.3h0.0175781c8.20215 0 17.8262 -5.95801 21.4824 -13.2998l9.40039 -18.7002h120z" />
<glyph glyph-name="user-nurse" unicode="&#xf82f;" horiz-adv-x="448"
d="M57.7803 160c-8.82227 0.00976562 -15.9814 7.17773 -15.9814 16c0 2.09277 0.761719 5.30957 1.70117 7.17969c15.2305 29.8203 31.2803 62.2305 42.1699 95.54c7.58008 23.1904 10.3301 47.6904 10.3301 72.0801v49.2002l128 48l128 -48v-49.2002
c0 -24.3896 2.78027 -48.8896 10.3496 -72.0801c10.8701 -33.3096 26.9199 -65.6895 42.1504 -95.54c0.939453 -1.87012 1.70117 -5.08691 1.70117 -7.17969c0 -8.82227 -7.15918 -15.9902 -15.9814 -16h-82.3594c-22.5107 -19.6797 -51.6201 -32 -83.8604 -32
s-61.3496 12.3203 -83.8604 32h-82.3594zM184 376.33v-16.6602c0 -2.75977 2.24023 -5 5 -5h21.6699v-21.6699c0 -2.75977 2.24023 -5 5 -5h16.6602c2.75977 0 5 2.24023 5 5v21.6699h21.6699c2.75977 0 5 2.24023 5 5v16.6602c0 2.75977 -2.24023 5 -5 5h-21.6699v21.6699
c0 2.75977 -2.24023 5 -5 5h-16.6602c-2.75977 0 -5 -2.24023 -5 -5v-21.6699h-21.6699c-2.75977 0 -5 -2.24023 -5 -5zM144 288v-32c0 -44.1602 35.8398 -80 80 -80s80 35.8398 80 80v32h-160zM319.41 128c71.4902 -3.09961 128.59 -61.5996 128.59 -133.79
c0 -32.1318 -26.0781 -58.21 -58.21 -58.21v0h-331.58c-32.1318 0 -58.21 26.0781 -58.21 58.21c0 72.1904 57.0996 130.69 128.59 133.79l95.4102 -95.3896z" />
d="M319.41 128c71.4902 -3.09961 128.59 -61.5996 128.59 -133.79c0 -32.1318 -26.0781 -58.21 -58.21 -58.21h-331.58c-32.1318 0 -58.21 26.0781 -58.21 58.21c0 72.1904 57.0996 130.69 128.59 133.79l95.4102 -95.3896zM224 144c-70.6562 0 -128 57.3438 -128 128
v110.18c0 12.2393 9.30078 25.6611 20.7598 29.96l84.7705 31.79c5.99707 2.24902 16.0645 4.07422 22.4697 4.07422s16.4727 -1.8252 22.4697 -4.07422l84.7705 -31.75c11.459 -4.29883 20.7598 -17.7217 20.7598 -29.9609v-0.0390625v-110.18
c0 -70.6562 -57.3438 -128 -128 -128zM184 376.33v-16.6602c0 -2.75977 2.24023 -5 5 -5h21.6699v-21.6699c0 -2.75977 2.24023 -5 5 -5h16.6602c2.75977 0 5 2.24023 5 5v21.6699h21.6699c2.75977 0 5 2.24023 5 5v16.6602c0 2.75977 -2.24023 5 -5 5h-21.6699v21.6699
c0 2.75977 -2.24023 5 -5 5h-16.6602c-2.75977 0 -5 -2.24023 -5 -5v-21.6699h-21.6699c-2.75977 0 -5 -2.24023 -5 -5zM144 288v-16c0 -44.1602 35.8398 -80 80 -80s80 35.8398 80 80v16h-160z" />
<glyph glyph-name="wave-square" unicode="&#xf83e;" horiz-adv-x="640"
d="M476 -32h-152c-19.8721 0 -36 16.1279 -36 36v348h-96v-156c0 -19.8721 -16.1279 -36 -36 -36h-140c-8.83203 0 -16 7.16797 -16 16v32c0 8.83203 7.16797 16 16 16h112v156c0 19.8721 16.1279 36 36 36h152c19.8721 0 36 -16.1279 36 -36v-348h96v156
c0 19.8721 16.1279 36 36 36h140c8.83203 0 16 -7.16797 16 -16v-32c0 -8.83203 -7.16797 -16 -16 -16h-112v-156c0 -19.8721 -16.1279 -36 -36 -36z" />
@ -4645,5 +4697,242 @@ c2.57324 2.60352 7.63379 4.71777 11.2949 4.71777s8.72168 -2.11426 11.2949 -4.717
d="M496 320c79.4883 0 144 -64.5117 144 -144s-64.5117 -144 -144 -144h-352c-79.4844 0.00390625 -143.993 64.5156 -143.993 144c0 79.4883 64.5117 144 144 144s144 -64.5117 144 -144c0 -24.1113 -10.8711 -59.9512 -24.2666 -80h112.52
c-13.3955 20.0488 -24.2666 55.8887 -24.2666 80c0 79.4883 64.5117 144 144 144h0.00683594zM64 176c0 -44.1602 35.8398 -80 80 -80s80 35.8398 80 80s-35.8398 80 -80 80s-80 -35.8398 -80 -80zM496 96c44.1602 0 80 35.8398 80 80s-35.8398 80 -80 80
s-80 -35.8398 -80 -80s35.8398 -80 80 -80z" />
<glyph glyph-name="hat-cowboy" unicode="&#xf8c0;" horiz-adv-x="640"
d="M490 151.1c-38.7695 -12.5898 -93.7305 -23.0996 -170 -23.0996s-131.19 10.5303 -169.99 23.1201c9.50977 57.4102 39.5098 232.88 97.71 232.88c14 0 26.4902 -6 37 -14c8.62988 -6.57812 24.4395 -11.917 35.29 -11.917s26.6611 5.33887 35.29 11.917
c10.5098 8.07031 23 14 37 14c58.21 0 88.21 -175.51 97.7002 -232.9zM632.9 188.28c3.90625 -2.625 7.08594 -8.57422 7.08594 -13.2803c0 -1.5752 -0.442383 -4.05273 -0.986328 -5.53027c-0.730469 -2.01953 -77.3203 -201.47 -319 -201.47s-318.27 199.45 -319 201.47
c-0.537109 1.46973 -0.973633 3.93164 -0.973633 5.49512c0 8.83203 7.16797 16 16 16c3.39844 0 8.20215 -1.84766 10.7236 -4.125c1.01953 -0.899414 102.42 -90.8398 293.24 -90.8398c191.89 0 292.16 89.8799 293.16 90.7803
c2.53418 2.3291 7.38477 4.21875 10.8262 4.21875c2.69141 0 6.68945 -1.21777 8.92383 -2.71875z" />
<glyph glyph-name="hat-cowboy-side" unicode="&#xf8c1;" horiz-adv-x="640"
d="M260.8 156.94l98.0098 -84.4805c78.1904 -67.3896 129.98 -104.46 233.19 -104.46h-546.12c-14.0498 0 -27.1299 7.53027 -35.8799 20.6396c-9 13.4707 -12.1201 30.7002 -8.57031 47.3008c20.04 93.3398 85.5703 156.06 162.971 156.06
c34.3994 0 67.7695 -12.1201 96.3994 -35.0596zM495.45 175.23c114.95 -7.90039 144.55 -101.841 144.55 -127.23c0 -26.4961 -21.5039 -48 -48 -48c-97.0996 0 -141.24 35.46 -212.31 96.7002l-98 84.4795c-35.29 28.2705 -75.5 42.8203 -117.29 42.8203
c-7.09082 0 -13.8906 -1.16992 -20.79 -2l6.88965 65.21c2.72852 25.4766 25.2852 50.4707 50.3496 55.79l191.15 40.5898c3.63574 0.773438 9.60254 1.40137 13.3193 1.40137c29.7891 0 58.0498 -23.8301 63.0811 -53.1914z" />
<glyph glyph-name="mouse" unicode="&#xf8cc;" horiz-adv-x="384"
d="M0 96v128h384v-128c0 -88.3203 -71.6797 -160 -160 -160h-64c-88.3203 0 -160 71.6797 -160 160zM176 448v-192h-176v32c0 88.3203 71.6797 160 160 160h16zM224 448c88.3203 0 160 -71.6797 160 -160v-32h-176v192h16z" />
<glyph glyph-name="record-vinyl" unicode="&#xf8d9;"
d="M256 296c57.4082 0 104 -46.5918 104 -104s-46.5918 -104 -104 -104s-104 46.5918 -104 104s46.5918 104 104 104zM256 168c13.248 0 24 10.752 24 24s-10.752 24 -24 24s-24 -10.752 -24 -24s10.752 -24 24 -24zM256 440c137 0 248 -111 248 -248s-111 -248 -248 -248
s-248 111 -248 248s111 248 248 248zM256 64c70.6562 0 128 57.3438 128 128s-57.3438 128 -128 128s-128 -57.3438 -128 -128s57.3438 -128 128 -128z" />
<glyph glyph-name="caravan" unicode="&#xf8ff;" horiz-adv-x="640"
d="M416 240c8.83203 0 16 -7.16797 16 -16s-7.16797 -16 -16 -16s-16 7.16797 -16 16s7.16797 16 16 16zM624 128c8.83203 0 16 -7.16797 16 -16v-32c0 -8.83203 -7.16797 -16 -16 -16h-336c0 -52.9922 -43.0078 -96 -96 -96s-96 43.0078 -96 96h-32
c-35.3281 0 -64 28.6719 -64 64v256c0 35.3281 28.6719 64 64 64h352c88.3203 0 160 -71.6797 160 -160v-160h48zM192 16c26.4688 0.0273438 47.9727 21.5312 48 48c0 26.4961 -21.5039 48 -48 48s-48 -21.5039 -48 -48s21.5039 -48 48 -48zM256 256v64
c0 17.6641 -14.3359 32 -32 32h-128c-17.6641 0 -32 -14.3359 -32 -32v-64c0 -17.6641 14.3359 -32 32 -32h128c17.6641 0 32 14.3359 32 32zM448 128v192c0 17.6641 -14.3359 32 -32 32h-64c-17.6641 0 -32 -14.3359 -32 -32v-192h128z" />
<glyph glyph-name="faucet" unicode="&#xf905;"
d="M352 192c88.3203 0 160 -71.6797 160 -160c0 -17.6641 -14.3359 -32 -32 -32h-64c-17.6641 0 -32 14.3359 -32 32s-14.3359 32 -32 32h-12.79c-20.5898 -37.7305 -64.21 -64 -115.21 -64s-94.6201 26.2695 -115.21 64h-92.79c-8.83203 0 -16 7.16797 -16 16v96
c0 8.83203 7.16797 16 16 16h118.61c15.71 13.4004 35.46 23 57.3896 28v47.5596l32 3.38086l32 -3.38086v-47.5596c21.9297 -4.92969 41.6797 -14.5596 57.3896 -28h38.6104zM81.5898 288.09c-9.41992 -1 -17.5898 6.81055 -17.5898 16.7998v30.2207
c0 9.98926 8.16992 17.7998 17.5898 16.8096l110.41 -11.6602v27.7402c0 8.83203 7.16797 16 16 16h32c8.83203 0 16 -7.16797 16 -16v-27.7402l110.41 11.6602c9.41992 0.990234 17.5898 -6.80957 17.5898 -16.8096v-30.2207
c0 -9.98926 -8.16992 -17.7998 -17.5898 -16.7998l-142.41 15z" />
<glyph glyph-name="trailer" unicode="&#xf941;" horiz-adv-x="640"
d="M624 128c8.83203 0 16 -7.16797 16 -16v-32c0 -8.83203 -7.16797 -16 -16 -16h-337.61c-7.83008 54.21 -54 96 -110.39 96s-102.56 -41.79 -110.39 -96h-49.6104c-8.83203 0 -16 7.16797 -16 16v288c0 8.83203 7.16797 16 16 16h512c8.83203 0 16 -7.16797 16 -16v-240
h80zM96 204.32v107.68c0 4.41602 -3.58398 8 -8 8h-16c-4.41602 0 -8 -3.58398 -8 -8v-128.39c8.20996 6.67578 22.5469 15.9541 32 20.71zM192 222.86v89.1396c0 4.41602 -3.58398 8 -8 8h-16c-4.41602 0 -8 -3.58398 -8 -8v-89.1396
c5.30957 0.489258 10.5703 1.13965 16 1.13965s10.6904 -0.650391 16 -1.13965zM288 183.61v128.39c0 4.41602 -3.58398 8 -8 8h-16c-4.41602 0 -8 -3.58398 -8 -8v-107.68c9.45312 -4.75586 23.79 -14.0342 32 -20.71zM384 128v184c0 4.41602 -3.58398 8 -8 8h-16
c-4.41602 0 -8 -3.58398 -8 -8v-184h32zM480 128v184c0 4.41602 -3.58398 8 -8 8h-16c-4.41602 0 -8 -3.58398 -8 -8v-184h32zM176 128c44.1602 0 80 -35.8398 80 -80s-35.8398 -80 -80 -80s-80 35.8398 -80 80s35.8398 80 80 80zM176 16c17.6641 0 32 14.3359 32 32
s-14.3359 32 -32 32s-32 -14.3359 -32 -32s14.3359 -32 32 -32z" />
<glyph glyph-name="box-tissue" unicode="&#xf95b;"
d="M383.88 160.18h-256l-64 288h141.4c27.9277 -0.00195312 57.7646 -21.5059 66.5996 -48c8.83105 -26.4932 38.6641 -47.9971 66.5898 -48h109.41zM-0.120117 -31.8203v64h512v-64c0 -17.6641 -14.3359 -32 -32 -32h-448c-17.6641 0 -32 14.3359 -32 32zM479.88 224.18
c17.6582 -0.00488281 31.9902 -14.3408 31.9902 -32v0v-128h-512v128c0 17.6641 14.3359 32 32 32h49l14.2197 -64h-15.21c-8.83203 0 -16 -7.16797 -16 -16s7.16797 -16 16 -16h352c8.83203 0 16 7.16797 16 16s-7.16797 16 -16 16h-14.2695l21.3301 64h40.9395z" />
<glyph glyph-name="hand-holding-medical" unicode="&#xf95c;" horiz-adv-x="576"
d="M159.88 272.18c-8.83203 0 -16 7.16797 -16 16v64c0 8.83203 7.16797 16 16 16h64v64c0 8.83203 7.16797 16 16 16h64c8.83203 0 16 -7.16797 16 -16v-64h64c8.83203 0 16 -7.16797 16 -16v-64c0 -8.83203 -7.16797 -16 -16 -16h-64v-64c0 -8.83203 -7.16797 -16 -16 -16
h-64c-8.83203 0 -16 7.16797 -16 16v64h-64zM568.07 111.87c4.28906 -5.83496 7.77051 -16.4492 7.77051 -23.6914c0 -11.1436 -7.27637 -25.5596 -16.2412 -32.1787l-135.029 -99.5703c-15.2061 -11.1436 -42.8477 -20.2246 -61.7002 -20.2695h-347
c-8.77246 0.0595703 -15.9404 7.22754 -16 16v96c0.0595703 8.77246 7.22754 15.9404 16 16h55.3604l46.5 37.7402c17.8828 14.4893 51.0781 26.25 74.0957 26.25h0.0234375h160h0.00488281c17.6973 0 32.0596 -14.3633 32.0596 -32.0605
c0 -1.47852 -0.198242 -3.86133 -0.444336 -5.32031c-2.62012 -15.7393 -17.3701 -26.6094 -33.3701 -26.6094h-78.2393c-8.83203 0 -16 -7.16797 -16 -16s7.16797 -16 16 -16h120.609l119.67 88.1797c5.8418 4.3252 16.4814 7.83496 23.749 7.83496
c11.1621 0 25.5791 -7.30469 32.1816 -16.3047z" />
<glyph glyph-name="hand-sparkles" unicode="&#xf95d;" horiz-adv-x="640"
d="M106.66 277.36l-20.7402 -49.6201c-1.01074 -2.04297 -3.68066 -3.7002 -5.95996 -3.7002s-4.94922 1.65723 -5.95996 3.7002l-20.6602 49.6602h-0.0703125l-49.5898 20.5996c-1.92383 1.09863 -3.57227 3.78711 -3.67969 6v0c0.106445 2.21973 1.76367 4.9082 3.7002 6
l49.6299 20.6904h0.0498047l20.7002 49.6299c1.01465 2.03516 3.68555 3.6875 5.95996 3.6875s4.94434 -1.65234 5.95996 -3.6875l20.6602 -49.6406h0.0703125l49.5693 -20.6699c1.92871 -1.0957 3.57715 -3.78418 3.68066 -6v0
c-0.108398 -2.21289 -1.75684 -4.90039 -3.68066 -6l-49.5498 -20.6494h-0.0898438zM471.38 -19.4102l37.4902 -15.6299l0.0703125 -0.169922c-7.59082 -17.0596 -24 -28.79 -43.2402 -28.79h-197.61c-13.4805 0.0224609 -30.8584 8.88867 -38.79 19.79l-125.6 172.61
c-4.22852 5.81055 -7.66016 16.3584 -7.66016 23.5449c0 22.0879 17.9268 40.0146 40.0146 40.0146c11.2441 0 25.7393 -7.37891 32.3555 -16.4697l23.5898 -32.4902v241c0 17.6641 14.3359 32 32 32s32 -14.3359 32 -32v-152c0 -4.41602 3.58398 -8 8 -8h16
c4.41602 0 8 3.58398 8 8v184c0 17.6641 14.3359 32 32 32s32 -14.3359 32 -32v-184c0 -4.41602 3.58398 -8 8 -8h16c4.41602 0 8 3.58398 8 8v152c0 17.6641 14.3359 32 32 32s32 -14.3359 32 -32v-152c0 -4.41602 3.58398 -8 8 -8h16c4.41602 0 8 3.58398 8 8v72
c0 17.6641 14.3359 32 32 32s32 -14.3359 32 -32v-176.03c-0.0195312 -1.30957 -0.269531 -2.66992 -0.269531 -4c-7.77051 -3.70996 -14.5 -9.59961 -18.3506 -17.3398l-0.469727 -0.950195l-0.410156 -1l-15.6299 -37.4795l-37.4902 -15.6299l-1 -0.430664l-1 -0.489258
c-11.7803 -5.90527 -21.3408 -21.3926 -21.3408 -34.5703s9.56055 -28.665 21.3408 -34.5703l1 -0.5zM349.79 108.48c1.22266 0.609375 2.21582 2.21289 2.21582 3.5791c0 1.36719 -0.993164 2.9707 -2.21582 3.58008l-29.79 12.4199l-12.4297 29.7803
c-0.611328 1.21777 -2.21289 2.20605 -3.5752 2.20605s-2.96387 -0.988281 -3.5752 -2.20605l-12.4199 -29.7803l-29.79 -12.4199c-1.22266 -0.609375 -2.21582 -2.21289 -2.21582 -3.58008c0 -1.36621 0.993164 -2.96973 2.21582 -3.5791l29.79 -12.4102l12.4297 -29.7803
c0.611328 -1.21777 2.21289 -2.20605 3.5752 -2.20605s2.96387 0.988281 3.5752 2.20605l12.4199 29.7803zM640 16.0898l-0.0703125 -0.0703125v0c-0.117188 -2.19727 -1.76562 -4.86328 -3.67969 -5.94922l-49.5498 -20.6602h-0.0898438v0l-20.6904 -49.6201
c-1.01074 -2.04297 -3.68066 -3.7002 -5.95996 -3.7002s-4.94922 1.65723 -5.95996 3.7002l-20.6602 49.5898h-0.0703125l-49.5693 20.6699c-1.91406 1.08691 -3.5625 3.75293 -3.68066 5.9502v0c0.101562 2.2168 1.75 4.90527 3.68066 6l49.6299 20.7402h0.0498047
l20.7002 49.6299c1.01465 2.03516 3.68555 3.6875 5.95996 3.6875s4.94434 -1.65234 5.95996 -3.6875l20.6797 -49.6104h0.0703125l49.5703 -20.6699c1.92969 -1.09473 3.57812 -3.7832 3.67969 -6z" />
<glyph glyph-name="hands-wash" unicode="&#xf95e;" horiz-adv-x="576"
d="M496 224c-26.4961 0 -48 21.5039 -48 48s21.5039 48 48 48s48 -21.5039 48 -48s-21.5039 -48 -48 -48zM311.47 269.55l-16.0801 -4.96973l20.9004 66.1699c3.5 11.0703 14.1797 18.8604 25.71 17.5098c11.8564 -1.25195 21.4785 -11.9453 21.4785 -23.8672
c0 -2.05566 -0.505859 -5.31348 -1.12891 -7.27246l-15.3496 -48.6104c-5.0752 1.88184 -13.5869 3.44531 -19 3.49023h-0.0322266c-4.6543 0 -12.0449 -1.09766 -16.498 -2.4502zM93.6504 61.6699c-33.4609 19.3945 -61.0801 66.5195 -61.6504 105.19v112.729
c0.179688 13.3203 11.6699 23.9102 24.9004 23.8604c13.1709 -0.0771484 23.8604 -10.8281 23.8604 -24c0 -0.0410156 0 -0.108398 -0.000976562 -0.150391l2.06055 -50.0498l60 189.85c3.5 11.0703 14.1797 18.9004 25.71 17.46
c11.8398 -1.26465 21.4492 -11.9561 21.4492 -23.8633c0 -2.04785 -0.500977 -5.29395 -1.11914 -7.24609l-38.5605 -122c-0.205078 -0.649414 -0.371094 -1.72949 -0.371094 -2.41016c0 -4.41699 3.58398 -8.00195 8.00098 -8.00195
c3.2373 0 6.65527 2.50586 7.62988 5.5918l47.9307 151.71c3.50977 11.0605 14.1797 18.8506 25.71 17.5098c11.8398 -1.26465 21.4502 -11.9561 21.4502 -23.8633c0 -2.04785 -0.501953 -5.29395 -1.12012 -7.24609l-43.3701 -137.79
c-0.206055 -0.650391 -0.373047 -1.73242 -0.373047 -2.41504c0 -4.41797 3.58496 -8.00293 8.00293 -8.00293c3.23535 0 6.65332 2.50293 7.62988 5.58789l33.4502 106.42c3.5 11.0703 14.1895 18.8604 25.7197 17.5195
c11.8408 -1.26465 21.4502 -11.9561 21.4502 -23.8633c0 -2.04785 -0.501953 -5.29395 -1.12012 -7.24609l-34.1602 -108.12l-73.7002 -22.7598c-59.0469 -19.5098 -107.01 -85.8135 -107.06 -148v-25.6904c-0.80957 -0.169922 -1.5498 -0.519531 -2.34961 -0.709961z
M519.1 112c11.6104 0 22.25 -7.83984 24.4404 -19.2402c0.262695 -1.30078 0.476562 -3.43262 0.476562 -4.75977c0 -13.248 -10.752 -24 -24 -24h-0.0166016h-160c-4.41602 0 -8 -3.58398 -8 -8s3.58398 -8 8 -8h127.1c11.6104 0 22.25 -7.83984 24.4404 -19.2402
c0.262695 -1.30078 0.476562 -3.43262 0.476562 -4.75977c0 -13.248 -10.752 -24 -24 -24h-0.0166016h-128c-4.41602 0 -8 -3.58398 -8 -8s3.58398 -8 8 -8h95.0996c11.6104 0 22.25 -7.83984 24.4404 -19.2402c0.262695 -1.30078 0.476562 -3.43262 0.476562 -4.75977
c0 -13.248 -10.752 -24 -24 -24h-0.0166016h-208c-18.4902 0.0703125 -46.2656 8.00879 -62 17.7197c3.32715 8.06641 6.02734 21.6953 6.02734 30.4209c0 36.0527 -28.6846 71.0908 -64.0273 78.209v25.6504v0.00683594c0 49.501 38.165 102.223 85.1904 117.684
l107.72 33.25c1.91211 0.59082 5.08887 1.07031 7.08984 1.07031c13.2539 0 24.0107 -10.7568 24.0107 -24.0107c0 -9.77637 -7.58008 -20.0537 -16.9209 -22.9404l-47.0898 -17.0596h199.1c11.6104 0 22.25 -7.83984 24.4404 -19.2402
c0.262695 -1.30078 0.476562 -3.43262 0.476562 -4.75977c0 -13.248 -10.752 -24 -24 -24h-0.0166016h-128c-4.41602 0 -8 -3.58398 -8 -8s3.58398 -8 8 -8h159.1zM416 384c-17.6641 0 -32 14.3359 -32 32s14.3359 32 32 32s32 -14.3359 32 -32s-14.3359 -32 -32 -32z
M112 32c26.4961 0 48 -21.5039 48 -48s-21.5039 -48 -48 -48s-48 21.5039 -48 48s21.5039 48 48 48z" />
<glyph glyph-name="handshake-alt-slash" unicode="&#xf95f;" horiz-adv-x="640"
d="M358.59 252.4l26.1104 23.8896c2.86914 2.62598 5.19824 7.91504 5.19824 11.8047c0 8.83398 -7.16992 16.0039 -16.0039 16.0039c-3.43164 0 -8.27246 -1.88086 -10.8047 -4.19824l-27 -24.7002l-32.6895 -29.9199l330.43 -255.38
c3.41016 -2.65234 6.17773 -8.31055 6.17773 -12.6309c0 -3.0293 -1.50879 -7.42773 -3.36816 -9.81934l-19.6396 -25.2705c-2.65234 -3.41211 -8.31152 -6.18262 -12.6338 -6.18262c-3.03125 0 -7.43359 1.51172 -9.82617 3.37305l-588.35 454.72
c-3.41016 2.65234 -6.17773 8.31055 -6.17773 12.6309c0 3.02832 1.50781 7.42773 3.36719 9.81934l19.6201 25.2695c2.65234 3.41602 8.31348 6.1875 12.6377 6.1875c3.03418 0 7.43848 -1.5127 9.83203 -3.37695l116.891 -90.3301l20.3398 20.2998
c5.16211 5.17969 15.2871 9.39551 22.5996 9.41016h83.79l-75.5996 -69.2402l25.6895 -19.8496l88.1201 80.6797c5.0625 4.63965 14.7432 8.40723 21.6104 8.41016h85.8896c7.31641 -0.0126953 17.4453 -4.22852 22.6104 -9.41016l54.5898 -54.5898h112v0
c8.78223 0 15.9502 -7.12793 16 -15.9102v-191.8c-0.0273438 -8.80469 -7.19531 -15.9727 -16 -16h-97.5898c-2.26465 12.7275 -12.2148 29.7109 -22.21 37.9102zM16 320h7.55957l382.44 -295.59l-8.7998 -10.8203c-6.15723 -7.57617 -19.0762 -13.7246 -28.8389 -13.7246
c-7.29004 0 -17.7959 3.73438 -23.4512 8.33496l-17.9102 15.5l-0.200195 -0.200195c-10.6025 -13.0381 -32.8477 -23.6201 -49.6533 -23.6201c-12.5381 0 -30.6133 6.41602 -40.3467 14.3203l-90.5 81.8896h-130.3c-8.83203 0 -16 7.16797 -16 16v191.91
c0.0273438 8.80469 7.19531 15.9727 16 16z" />
<glyph glyph-name="handshake-slash" unicode="&#xf960;" horiz-adv-x="640"
d="M0 319.79h23.8301l72.1699 -55.79v-168c0 -17.6641 -14.3359 -32 -32 -32h-64v255.79zM48 127.9c-8.83203 0 -16 -7.16797 -16 -16s7.16797 -16 16 -16s16 7.16797 16 16s-7.16797 16 -16 16zM128 96.0898v143.19l278 -214.87l-8.7998 -10.8203
c-6.15723 -7.57617 -19.0762 -13.7246 -28.8389 -13.7246c-7.29004 0 -17.7959 3.73438 -23.4512 8.33496l-17.9102 15.5l-0.200195 -0.200195c-10.6025 -13.0381 -32.8477 -23.6201 -49.6533 -23.6201c-12.5381 0 -30.6133 6.41602 -40.3467 14.3203l-90.5 81.8896
h-18.2998zM544 319.79h96v-255.89h-64c-17.6641 0 -32 14.3359 -32 32v223.89zM592 95.9004c8.83203 0 16 7.16797 16 16s-7.16797 16 -16 16s-16 -7.16797 -16 -16s7.16797 -16 16 -16zM303.33 245.33l330.5 -255.43c3.41309 -2.65234 6.18359 -8.3125 6.18359 -12.6357
c0 -3.02734 -1.50684 -7.42383 -3.36328 -9.81445l-19.6504 -25.2705c-2.65234 -3.41504 -8.31348 -6.1875 -12.6377 -6.1875c-3.03418 0 -7.43848 1.51367 -9.83203 3.37793l-588.34 454.72c-3.41016 2.65234 -6.17773 8.31055 -6.17773 12.6309
c0 3.02832 1.50781 7.42773 3.36719 9.81934l19.6201 25.2695c2.65234 3.41602 8.31348 6.1875 12.6377 6.1875c3.03418 0 7.43848 -1.5127 9.83203 -3.37695l116.891 -90.3398l20.3398 20.3096c5.16211 5.17969 15.2871 9.39551 22.5996 9.41016h83.79l-75.5996 -69.2402
l25.6396 -19.8096l88.0703 80.6396c5.05566 4.64258 14.7305 8.41016 21.5947 8.41016h0.00488281h85.9004h0.0351562c7.31055 0 17.4199 -4.21582 22.5645 -9.41016l54.6104 -54.5898v-193.5c-2.02246 2.29102 -5.56641 5.74023 -7.91016 7.7002l-145.59 118.2
l26.0898 23.8896c2.73828 2.61035 4.95996 7.79883 4.95996 11.5811c0 8.83203 -7.16797 16 -16 16c-3.32422 0 -8.05078 -1.7793 -10.5498 -3.9707z" />
<glyph glyph-name="head-side-cough" unicode="&#xf961;" horiz-adv-x="640"
d="M616 144c-13.248 0 -24 10.752 -24 24s10.752 24 24 24s24 -10.752 24 -24s-10.752 -24 -24 -24zM552 32c13.248 0 24 -10.752 24 -24s-10.752 -24 -24 -24s-24 10.752 -24 24s10.752 24 24 24zM488 88c13.248 0 24 -10.752 24 -24s-10.752 -24 -24 -24
s-24 10.752 -24 24s10.752 24 24 24zM616 -16c13.248 0 24 -10.752 24 -24s-10.752 -24 -24 -24s-24 10.752 -24 24s10.752 24 24 24zM616 88c13.248 0 24 -10.752 24 -24s-10.752 -24 -24 -24s-24 10.752 -24 24s10.752 24 24 24zM552 128c13.248 0 24 -10.752 24 -24
s-10.752 -24 -24 -24s-24 10.752 -24 24s10.752 24 24 24zM477.22 173c1.52344 -3.42676 2.75977 -9.25 2.75977 -13c0 -17.6523 -14.3271 -31.9883 -31.9795 -32h-32v-32h-96c-17.6641 0 -32 -14.3359 -32 -32s14.3359 -32 32 -32h96c0 -35.3281 -28.6719 -64 -64 -64h-64
v-32h-224v177.12c-39.25 35.2598 -64 86.1299 -64 142.88c0 106 86 192 192 192h42.0996c59.5439 -0.0390625 135.704 -39.5752 170 -88.25c24.6201 -35 52.1201 -139.63 73.1201 -186.75zM288 224c17.626 0.0380859 31.9619 14.374 32 32c0 17.6641 -14.3359 32 -32 32
s-32 -14.3359 -32 -32s14.3359 -32 32 -32z" />
<glyph glyph-name="head-side-cough-slash" unicode="&#xf962;" horiz-adv-x="640"
d="M454.11 128.79l179.72 -138.89c3.41016 -2.65234 6.17773 -8.31055 6.17773 -12.6309c0 -3.0293 -1.50879 -7.42773 -3.36816 -9.81934l-19.6396 -25.2705c-2.65234 -3.41504 -8.31348 -6.1875 -12.6377 -6.1875c-3.03418 0 -7.43848 1.51367 -9.83203 3.37793
l-588.351 454.72c-3.41016 2.65234 -6.17773 8.31055 -6.17773 12.6309c0 3.02832 1.50879 7.42773 3.36816 9.81934l19.6299 25.2695c2.65234 3.41309 8.31152 6.18262 12.6338 6.18262c3.03125 0 7.43359 -1.51074 9.82617 -3.37207l38.7197 -29.9199
c26.8672 18.3818 75.0928 33.2998 107.646 33.2998h0.173828h42.0996c59.5439 -0.0390625 135.704 -39.5752 170 -88.25c24.6201 -35 52.1201 -139.63 73.1201 -186.75c8.51074 -19.21 -3.5498 -40.4004 -23.1094 -44.21zM313.39 237.55
c3.85059 5.28027 6.61035 11.4502 6.58008 18.4502c-0.0322266 17.6309 -14.3691 31.9668 -32 32c-9.92969 0 -18.4795 -4.86035 -24.3594 -12zM616 144c-13.248 0 -24 10.752 -24 24s10.752 24 24 24s24 -10.752 24 -24s-10.752 -24 -24 -24zM552 80
c-13.248 0 -24 10.752 -24 24s10.752 24 24 24s24 -10.752 24 -24s-10.752 -24 -24 -24zM288 64c0 -17.6641 14.3359 -32 32 -32h96c0 -35.3281 -28.6719 -64 -64 -64h-64v-32h-224v177.12c-39.25 35.2598 -64 86.1299 -64 142.88
c0.0126953 25.2188 9.2998 63.9307 20.7305 86.4102l318.81 -246.41h-19.54c-17.6641 0 -32 -14.3359 -32 -32zM616 88c13.248 0 24 -10.752 24 -24s-10.752 -24 -24 -24s-24 10.752 -24 24s10.752 24 24 24z" />
<glyph glyph-name="head-side-mask" unicode="&#xf963;"
d="M0.150391 263.58c0.364258 7.85059 1.94043 20.4707 3.51953 28.1699l220.33 -160.26v-195.49h-160v177.12c-41 36.8203 -66.1699 90.6699 -63.8496 150.46zM509.22 173c1.40625 -3.27148 2.54688 -8.81543 2.54688 -12.376
c0 -0.171875 -0.00292969 -0.452148 -0.00683594 -0.624023h-272.55l-225.96 164.35c29.2305 73.0801 103.75 123.65 186.75 123.65h66.1104c59.541 -0.0390625 135.697 -39.5752 169.989 -88.25c24.6201 -35 52.1201 -139.63 73.1201 -186.75zM320 224
c17.626 0.0380859 31.9619 14.374 32 32c0 17.6641 -14.3359 32 -32 32s-32 -14.3359 -32 -32s14.3359 -32 32 -32zM336 80c-8.83203 0 -16 -7.16797 -16 -16s7.16797 -16 16 -16h149.34l-10.6699 -32h-138.67c-8.83203 0 -16 -7.16797 -16 -16s7.16797 -16 16 -16h128
l-1.41016 -4.24023c-8.05176 -24.1533 -35.25 -43.7578 -60.71 -43.7598h-145.88v192h256l-16 -48h-160z" />
<glyph glyph-name="head-side-virus" unicode="&#xf964;"
d="M272 208c8.83203 0 16 -7.16797 16 -16s-7.16797 -16 -16 -16s-16 7.16797 -16 16s7.16797 16 16 16zM208 272c8.83203 0 16 -7.16797 16 -16s-7.16797 -16 -16 -16s-16 7.16797 -16 16s7.16797 16 16 16zM509.2 173c1.52344 -3.42676 2.75977 -9.25 2.75977 -13
c0 -17.6416 -14.3184 -31.9775 -31.96 -32h-32v-64c0 -35.3281 -28.6719 -64 -64 -64h-64v-64h-256v177.19c-35.3281 31.4834 -64 95.4414 -64 142.763v0.046875c0 106 86 192 192 192h74.0898h0.0214844c59.5684 0 135.736 -39.5361 170.019 -88.25
c24.6396 -35.0195 52.1396 -139.63 73.0703 -186.75zM368 208c8.83203 0 16 7.16797 16 16s-7.16797 16 -16 16h-12.1201c-28.5098 0 -42.79 34.4697 -22.6299 54.6299l8.58008 8.57031c2.58691 2.58691 4.68652 7.65625 4.68652 11.3145
c0 8.83301 -7.16895 16.002 -16.002 16.002c-3.6582 0 -8.72754 -2.09961 -11.3145 -4.68652l-8.57031 -8.58008c-20.1602 -20.1602 -54.6299 -5.87988 -54.6299 22.6299v12.1201c0 8.83203 -7.16797 16 -16 16s-16 -7.16797 -16 -16v-12.1201
c0 -28.5098 -34.4697 -42.79 -54.6299 -22.6299l-8.57031 8.58008c-2.58691 2.58691 -7.65625 4.68652 -11.3145 4.68652c-8.83301 0 -16.002 -7.16895 -16.002 -16.002c0 -3.6582 2.09961 -8.72754 4.68652 -11.3145l8.58008 -8.57031
c20.1602 -20.1602 5.87988 -54.6299 -22.6299 -54.6299h-12.1201c-8.83203 0 -16 -7.16797 -16 -16s7.16797 -16 16 -16h12.1201c28.5098 0 42.79 -34.4697 22.6299 -54.6299l-8.58008 -8.57031c-2.58691 -2.58691 -4.68652 -7.65625 -4.68652 -11.3145
c0 -8.83301 7.16895 -16.002 16.002 -16.002c3.6582 0 8.72754 2.09961 11.3145 4.68652l8.57031 8.58008c20.1602 20.1602 54.6299 5.87988 54.6299 -22.6299v-12.1201c0 -8.83203 7.16797 -16 16 -16s16 7.16797 16 16v12.1201c0 28.5098 34.4697 42.79 54.6299 22.6299
l8.57031 -8.58008c2.58691 -2.58691 7.65625 -4.68652 11.3145 -4.68652c8.83301 0 16.002 7.16895 16.002 16.002c0 3.6582 -2.09961 8.72754 -4.68652 11.3145l-8.58008 8.57031c-20.1602 20.1602 -5.87988 54.6299 22.6299 54.6299h12.1201z" />
<glyph glyph-name="house-user" unicode="&#xf965;" horiz-adv-x="576"
d="M570.69 211.73c2.54004 -2.81152 4.91895 -8.15137 5.30957 -11.9209c-0.319336 -3.25977 -2.15234 -8.04883 -4.08984 -10.6895l-21.4102 -23.8105c-2.7959 -2.53809 -8.11426 -4.91699 -11.8701 -5.30957c-3.2666 0.334961 -8.06934 2.18066 -10.7197 4.12012
l-15.9102 14v-210.12c0 -17.6641 -14.3359 -32 -32 -32h-383.91c-17.6641 0 -32 14.3359 -32 32v210.11l-15.8994 -14c-2.63965 -1.94336 -7.42871 -3.78418 -10.6904 -4.11035c-3.78906 0.381836 -9.16504 2.75586 -12 5.2998l-21.4102 23.79
c-2.08398 2.59082 -3.91602 7.38965 -4.08984 10.71c0.200195 3.83789 2.55664 9.16895 5.25977 11.9004l256 226c6.28027 5.68945 18.21 10.2998 26.7402 10.2998s20.5 -4.61035 26.7803 -10.2998l101.22 -89.3701v51.6699c0 8.83203 7.16797 16 16 16h64
c8.83203 0 16 -7.16797 16 -16v-136.44zM288 272c-35.3281 0 -64 -28.6719 -64 -64s28.6719 -64 64 -64s64 28.6719 64 64s-28.6719 64 -64 64zM400 0c8.83203 0 16 7.16797 16 16c0 52.9922 -43.0078 96 -96 96h-64c-52.9922 0 -96 -43.0078 -96 -96
c0 -8.83203 7.16797 -16 16 -16h224z" />
<glyph glyph-name="laptop-house" unicode="&#xf966;" horiz-adv-x="640"
d="M272 160v-128h-176c-17.6641 0 -32 14.3359 -32 32v164.12l-21.6602 -19.1201c-2.27344 -1.77637 -6.45801 -3.33594 -9.33984 -3.48047c-3.45117 0.183594 -8.22754 2.3252 -10.6602 4.78027l-18.79 21.3105c-1.8125 2.27637 -3.40332 6.4834 -3.5498 9.38965
c0.194336 3.42871 2.33594 8.16797 4.78027 10.5801l211.8 187.5c5.54004 4.91992 16.0703 8.91992 23.4697 8.91992c7.40039 0 17.9502 -4 23.4502 -8.91992l88.5 -78.3799v39.2998c0 8.83203 7.16797 16 16 16h32c8.83203 0 16 -7.16797 16 -16v-96l59.25 -52.3896
c2.42773 -2.42871 4.55566 -7.18164 4.75 -10.6104c-0.15332 -2.93457 -1.77051 -7.17773 -3.61035 -9.46973l-6.64941 -7.53027h-136.94c-17.7998 0 -33.6895 -8.24023 -44.7998 -21.1201v37.1201c0 8.83203 -7.16797 16 -16 16h-64c-8.83203 0 -16 -7.16797 -16 -16v-64
c0 -8.83203 7.16797 -16 16 -16h64zM629.33 0c5.88965 0 10.6699 -4.78027 10.6699 -10.6699v-10.6602c-0.0820312 -23.4336 -19.167 -42.5498 -42.5996 -42.6699h-298.801c-23.4326 0.120117 -42.5176 19.2363 -42.5996 42.6699v10.6602
c0 5.88965 4.78027 10.6699 10.6699 10.6699v0h37.3301v160c0 17.6699 12.8896 32 28.7998 32h230.4c15.9102 0 28.7998 -14.3301 28.7998 -32v-160h37.3301zM544 0v144h-192v-144h192z" />
<glyph glyph-name="lungs-virus" unicode="&#xf967;" horiz-adv-x="640"
d="M344 297.32c-6.11035 3.6875 -16.8623 6.68066 -24 6.68066s-17.8896 -2.99316 -24 -6.68066v134.68c0 8.83203 7.16797 16 16 16h16c8.83203 0 16 -7.16797 16 -16v-134.68zM195.54 3.54004c7.55664 -7.76367 22.4814 -14.0645 33.3154 -14.0645
c2.33594 0 6.09668 0.342773 8.39453 0.764648c-11.2559 -14.4775 -34.7754 -30.0459 -52.5 -34.75l-59.5 -15.8701c-62.75 -16.8799 -125.25 27.3799 -125.25 88.6299v0.241211c0 8.25 1.73828 21.4121 3.87988 29.3789c18.2109 68.1455 63.9072 171.634 102 231
c22.1201 34.6299 36.1201 63.1299 80.1201 63.1299c38.6201 0 70 -29.3799 70 -65.75v-27.6797c-6.68359 4.46582 -18.6309 8.08984 -26.6689 8.08984c-26.4961 0 -48 -21.5039 -48 -48c0 -11.043 6.36523 -26.3154 14.209 -34.0898l8.58008 -8.57031h-12.1201
c-26.4961 0 -48 -21.5039 -48 -48s21.5039 -48 48 -48h12.1201l-8.58008 -8.58008c-7.74609 -7.76562 -14.0332 -22.9707 -14.0332 -33.9395c0 -10.9697 6.28711 -26.1748 14.0332 -33.9404zM421.83 26.1699c-2.58691 -2.58789 -7.65625 -4.6875 -11.3154 -4.6875
c-3.6582 0 -8.72754 2.09961 -11.3145 4.6875l-8.57031 8.57031c-20.1602 20.1602 -54.6299 5.87988 -54.6299 -22.6201v-12.1201c0 -8.83203 -7.16797 -16 -16 -16s-16 7.16797 -16 16v12.1201c0 28.5 -34.4697 42.7803 -54.6299 22.6201l-8.57031 -8.57031
c-2.60156 -2.67969 -7.74512 -4.85547 -11.4805 -4.85547c-8.83203 0 -16 7.16797 -16 16c0 3.7334 2.17285 8.87402 4.85059 11.4756l8.58008 8.58008c20.1602 20.1602 5.87988 54.6299 -22.6299 54.6299h-12.1201c-8.83203 0 -16 7.16797 -16 16s7.16797 16 16 16h12.1201
c28.5098 0 42.79 34.4697 22.6299 54.6201l-8.58008 8.58008c-2.58691 2.58691 -4.68652 7.65625 -4.68652 11.3145c0 8.83301 7.16895 16.002 16.002 16.002c3.6582 0 8.72754 -2.09961 11.3145 -4.68652l8.57031 -8.58008
c20.1602 -20.1602 54.6299 -5.87988 54.6299 22.6299v12.1201c0 8.83203 7.16797 16 16 16s16 -7.16797 16 -16v-12.1201c0 -28.5098 34.4697 -42.79 54.6299 -22.6299l8.57031 8.58008c2.58691 2.58691 7.65625 4.68652 11.3145 4.68652
c8.83301 0 16.002 -7.16895 16.002 -16.002c0 -3.6582 -2.09961 -8.72754 -4.68652 -11.3145l-8.58008 -8.58008c-20.1602 -20.1504 -5.87988 -54.6201 22.6299 -54.6201h12.1201c8.83203 0 16 -7.16797 16 -16s-7.16797 -16 -16 -16h-12.1201
c-28.5098 0 -42.79 -34.4697 -22.6299 -54.6299l8.58008 -8.58008c2.58496 -2.58691 4.68262 -7.65332 4.68262 -11.3096c0 -3.65723 -2.09766 -8.72363 -4.68262 -11.3105zM288 144c8.83203 0 16 7.16797 16 16s-7.16797 16 -16 16s-16 -7.16797 -16 -16
s7.16797 -16 16 -16zM352 80c8.83203 0 16 7.16797 16 16s-7.16797 16 -16 16s-16 -7.16797 -16 -16s7.16797 -16 16 -16zM636.12 57.8701c2.1416 -7.9668 3.87988 -21.1289 3.87988 -29.3789v-0.241211c0 -61.25 -62.5 -105.51 -125.25 -88.6299l-59.5 15.8701
c-17.7246 4.7041 -41.2441 20.2725 -52.5 34.75c2.32812 -0.421875 6.1377 -0.764648 8.50391 -0.764648c26.3311 0 47.7002 21.3701 47.7002 47.7002c0 11.1445 -6.49316 26.4863 -14.4941 34.2441l-8.58008 8.58008h12.1201c26.4961 0 48 21.5039 48 48
s-21.5039 48 -48 48h-12.1201l8.58008 8.53027c7.84375 7.77441 14.209 23.0469 14.209 34.0898c0 26.4961 -21.5039 48 -48 48c-8.03809 0 -19.9854 -3.62402 -26.6689 -8.08984v27.7197c0 36.3701 31.3799 65.75 70 65.75c44 0 58 -28.5 80.1201 -63.1299
c38.0928 -59.3662 83.7891 -162.854 102 -231z" />
<glyph glyph-name="people-arrows" unicode="&#xf968;" horiz-adv-x="576"
d="M96 320c-35.3281 0 -64 28.6719 -64 64s28.6719 64 64 64s64 -28.6719 64 -64s-28.6719 -64 -64 -64zM96 143.92v-0.118164c0 -10.4102 6.11035 -24.6934 13.6396 -31.8818l50.3604 -47.5303v-96.3896c0 -17.6641 -14.3359 -32 -32 -32h-64
c-17.6641 0 -32 14.3359 -32 32v128c-17.6641 0 -32 14.3359 -32 32v96c0 35.3281 28.6719 64 64 64h64c23.9707 -0.0224609 50.5732 -18.1357 59.3799 -40.4297c-1.83984 -1.26074 -3.95996 -2.02051 -5.61035 -3.57031l-72.1299 -68.0801
c-7.5293 -7.19336 -13.6396 -21.4814 -13.6396 -31.8945v-0.105469zM480 320c-35.3281 0 -64 28.6719 -64 64s28.6719 64 64 64s64 -28.6719 64 -64s-28.6719 -64 -64 -64zM512 288c35.3281 0 64 -28.6719 64 -64v-96c0 -17.6641 -14.3359 -32 -32 -32v-128
c0 -17.6641 -14.3359 -32 -32 -32h-64c-17.6641 0 -32 14.3359 -32 32v96.3799l50.3604 47.5498c7.52539 7.22949 13.6338 21.5654 13.6338 32c0 10.4355 -6.1084 24.7715 -13.6338 32l-72.1201 68.0605c-1.62012 1.58984 -3.78027 2.31934 -5.62012 3.58984
c8.80957 22.291 35.4111 40.3984 59.3799 40.4199h64zM444.4 152.66c1.98633 -2.00195 3.59863 -5.91504 3.59863 -8.73535s-1.6123 -6.7334 -3.59863 -8.73438l-72.1201 -68.0703c-1.91895 -1.83008 -5.62891 -3.31445 -8.28027 -3.31445c-6.62402 0 -12 5.37598 -12 12
v0.0546875v36.1396h-128v-36.1396v-0.0546875c0 -6.62402 -5.37598 -12 -12 -12c-2.65137 0 -6.36133 1.48438 -8.28027 3.31445l-72.1201 68.0703c-1.98633 2.00098 -3.59863 5.91406 -3.59863 8.73438s1.6123 6.7334 3.59863 8.73535l72.1201 68.0703
c1.91895 1.8291 5.62891 3.31348 8.28027 3.31348c6.62402 0 12 -5.37598 12 -12v-0.0439453v-36h128v36v0.0341797c0 6.62402 5.37598 12 12 12c2.65137 0 6.36133 -1.48438 8.28027 -3.31445z" />
<glyph glyph-name="plane-slash" unicode="&#xf969;" horiz-adv-x="640"
d="M32.4805 300.12c-0.21875 0.947266 -0.396484 2.50586 -0.396484 3.47852c0 2.40137 1.01465 6.0127 2.26562 8.06152l324.841 -251.061l-66.6006 -116.54c-2.54297 -4.44824 -8.76562 -8.05957 -13.8896 -8.05957h-65.5
c-8.81543 0.0166016 -15.9697 7.18457 -15.9697 16c0 1.24121 0.277344 3.2168 0.619141 4.41016l49 171.59h-102.85l-43.2002 -57.5898c-2.64746 -3.53613 -8.38184 -6.4082 -12.7998 -6.41016h-40c-8.8291 0.00292969 -15.9951 7.1709 -15.9951 16
c0 1.08398 0.212891 2.81836 0.475586 3.87012l31.5195 108.13zM633.82 -10.0898c3.41602 -2.65234 6.18848 -8.31445 6.18848 -12.6387c0 -3.03027 -1.50879 -7.42969 -3.36914 -9.82129l-19.6396 -25.2598c-2.65234 -3.41699 -8.31445 -6.18945 -12.6387 -6.18945
c-3.03027 0 -7.42969 1.50977 -9.82129 3.36914l-588.36 454.72c-3.41211 2.65234 -6.18262 8.3125 -6.18262 12.6338c0 3.03223 1.51172 7.43359 3.37305 9.82617l19.6299 25.2598c2.65234 3.41309 8.31152 6.18262 12.6338 6.18262
c3.03125 0 7.43359 -1.51074 9.82617 -3.37207l189.3 -146.3l-36.9395 129.29c-0.338867 1.1875 -0.614258 3.1543 -0.614258 4.38965c0 8.8291 7.16504 15.9971 15.9941 16h65.5098c5.12988 0 11.3496 -3.61035 13.9004 -8.05957l105.09 -183.94h114.3
c35.3398 0 96 -28.6602 96 -64s-60.6602 -64 -96 -64h-56.8604z" />
<glyph glyph-name="pump-medical" unicode="&#xf96a;" horiz-adv-x="384"
d="M235.51 288.18c32.2471 -0.00195312 60.7979 -26.0664 63.7305 -58.1797l20.3701 -224c0.145508 -1.59766 0.262695 -4.19629 0.262695 -5.7998c0 -35.3242 -28.6689 -63.9961 -63.9932 -64h-192h-0.00292969c-35.3281 0 -64 28.6719 -64 64
c0 1.60352 0.117188 4.20215 0.262695 5.7998l20.3701 224c2.93262 32.1133 31.4834 58.1777 63.7305 58.1797h151.27zM239.88 114.85v26.6602c0 7.36426 -5.97656 13.3398 -13.3398 13.3398v0h-40v40c0 7.3584 -5.97168 13.3301 -13.3301 13.3301v0h-26.6699
c-7.3584 0 -13.3301 -5.97168 -13.3301 -13.3301v-40h-40c-7.3584 0 -13.3301 -5.97168 -13.3301 -13.3301v-0.00976562v-26.6602c0 -7.35742 5.97168 -13.334 13.3301 -13.3398h40v-40c0 -7.3584 5.97168 -13.3301 13.3301 -13.3301v0h26.6699
c7.3584 0 13.3301 5.97168 13.3301 13.3301v40h40c7.3584 0.00585938 13.334 5.98242 13.3398 13.3398zM379.19 354.12c2.58691 -2.58691 4.6875 -7.65625 4.6875 -11.3154c0 -3.6582 -2.10059 -8.72754 -4.6875 -11.3145l-22.6201 -22.6201
c-2.58691 -2.58789 -7.65625 -4.6875 -11.3154 -4.6875s-8.72754 2.09961 -11.3145 4.6875l-43.3105 43.3096h-66.75v-32h-128v96c0 17.6641 14.3359 32 32 32h64c17.6641 0 32 -14.3359 32 -32h66.75c14.6279 -0.00195312 34.8955 -8.39746 45.2402 -18.7393z" />
<glyph glyph-name="pump-soap" unicode="&#xf96b;" horiz-adv-x="384"
d="M235.63 288c32.2637 0 60.8311 -26.0781 63.75 -58.21l20.3604 -224c0.144531 -1.59473 0.262695 -4.18848 0.262695 -5.79004c0 -35.3281 -28.6729 -64 -64 -64h-0.00292969h-192c-35.3242 0.00390625 -63.9922 28.6758 -63.9922 64
c0 1.60156 0.117188 4.19531 0.261719 5.79004l20.3604 224c2.91895 32.1318 31.4736 58.21 63.7373 58.21h0.00292969h151.26zM160 32c33.1201 0 60 26.3301 60 58.7305c0 25 -35.6699 75.4697 -52 97.2695c-1.65625 2.21387 -5.24316 4.00977 -8.00781 4.00977
c-2.75586 0 -6.33594 -1.78711 -7.99219 -3.99023c-16.2998 -21.7998 -52 -72.2695 -52 -97.2695c0 -32.4199 26.8799 -58.75 60 -58.75zM379.31 353.94c2.58789 -2.58691 4.68848 -7.65625 4.68848 -11.3154s-2.10059 -8.72852 -4.68848 -11.3154l-22.6191 -22.6191
c-2.58691 -2.58789 -7.65625 -4.68848 -11.3154 -4.68848s-8.72852 2.10059 -11.3154 4.68848l-43.3096 43.3096h-66.75v-32h-128v96c0 17.6641 14.3359 32 32 32h64c17.6641 0 32 -14.3359 32 -32h66.75v0c14.6309 0 34.9033 -8.39551 45.25 -18.7402z" />
<glyph glyph-name="shield-virus" unicode="&#xf96c;"
d="M224 256c8.83203 0 16 -7.16797 16 -16s-7.16797 -16 -16 -16s-16 7.16797 -16 16s7.16797 16 16 16zM466.5 364.32c16.2842 -6.80176 29.5 -26.6445 29.5 -44.292v-0.0283203c0 -221.3 -135.91 -344.61 -221.59 -380.32
c-4.89062 -2.03223 -13.1592 -3.68164 -18.4551 -3.68164c-5.29688 0 -13.5645 1.64941 -18.4551 3.68164c-107 44.6006 -221.5 181.82 -221.5 380.32v0.0478516c0 17.6787 13.2559 37.5176 29.5898 44.2822l192 80c4.92676 1.85938 13.1973 3.50391 18.46 3.66992
c5.26074 -0.169922 13.5264 -1.81836 18.4502 -3.67969zM384 192c8.83203 0 16 7.16797 16 16s-7.16797 16 -16 16h-12.1201c-28.5098 0 -42.79 34.4697 -22.6299 54.6299l8.58008 8.57031c2.58691 2.58691 4.68652 7.65625 4.68652 11.3145
c0 8.83301 -7.16895 16.002 -16.002 16.002c-3.6582 0 -8.72754 -2.09961 -11.3145 -4.68652l-8.57031 -8.58008c-20.1602 -20.1602 -54.6299 -5.87988 -54.6299 22.6299v12.1201c0 8.83203 -7.16797 16 -16 16s-16 -7.16797 -16 -16v-12.1201
c0 -28.5098 -34.4697 -42.79 -54.6299 -22.6299l-8.57031 8.58008c-2.58691 2.58691 -7.65625 4.68652 -11.3145 4.68652c-8.83301 0 -16.002 -7.16895 -16.002 -16.002c0 -3.6582 2.09961 -8.72754 4.68652 -11.3145l8.58008 -8.57031
c20.1602 -20.1602 5.87988 -54.6299 -22.6299 -54.6299h-12.1201c-8.83203 0 -16 -7.16797 -16 -16s7.16797 -16 16 -16h12.1201c28.5098 0 42.79 -34.4697 22.6299 -54.6299l-8.58008 -8.57031c-2.58691 -2.58691 -4.68652 -7.65625 -4.68652 -11.3145
c0 -8.83301 7.16895 -16.002 16.002 -16.002c3.6582 0 8.72754 2.09961 11.3145 4.68652l8.57031 8.58008c20.1602 20.1602 54.6299 5.87988 54.6299 -22.6299v-12.1201c0 -8.83203 7.16797 -16 16 -16s16 7.16797 16 16v12.1201c0 28.5098 34.4697 42.79 54.6299 22.6299
l8.57031 -8.58008c2.58691 -2.58691 7.65625 -4.68652 11.3145 -4.68652c8.83301 0 16.002 7.16895 16.002 16.002c0 3.6582 -2.09961 8.72754 -4.68652 11.3145l-8.58008 8.57031c-20.1602 20.1602 -5.87988 54.6299 22.6299 54.6299h12.1201zM288 192
c8.83203 0 16 -7.16797 16 -16s-7.16797 -16 -16 -16s-16 7.16797 -16 16s7.16797 16 16 16z" />
<glyph glyph-name="soap" unicode="&#xf96e;"
d="M416 256c52.9922 0 96 -43.0078 96 -96v-128c0 -52.9922 -43.0078 -96 -96 -96h-320c-52.9922 0 -96 43.0078 -96 96v128c0 52.9922 43.0078 96 96 96h128c0.0517578 -20.3193 11.2119 -48.9912 24.9102 -64h-88.9102c-52.9922 0 -96 -43.0078 -96 -96
s43.0078 -96 96 -96h192h0.206055c52.8809 0 95.7998 42.918 95.7998 95.7998c0 36.9893 -28.2002 77.3047 -62.9463 89.9902c17.0488 15.6279 30.9092 47.082 30.9404 70.21zM320 192c-35.3281 0 -64 28.6719 -64 64s28.6719 64 64 64s64 -28.6719 64 -64
s-28.6719 -64 -64 -64zM208 352c-26.4961 0 -48 21.5039 -48 48s21.5039 48 48 48s48 -21.5039 48 -48s-21.5039 -48 -48 -48zM384 384c-17.6641 0 -32 14.3359 -32 32s14.3359 32 32 32s32 -14.3359 32 -32s-14.3359 -32 -32 -32zM160 160h192
c35.3281 0 64 -28.6719 64 -64s-28.6719 -64 -64 -64h-192c-35.3281 0 -64 28.6719 -64 64s28.6719 64 64 64z" />
<glyph glyph-name="stopwatch-20" unicode="&#xf96f;" horiz-adv-x="448"
d="M398.5 257.09c18.4922 -28.3281 33.501 -78.7754 33.501 -112.605c0 -0.133789 -0.000976562 -0.350586 -0.000976562 -0.484375c0 -116 -94.8701 -209.77 -211.28 -208c-113.96 1.78027 -208.08 100.5 -204.63 214.43c2.92773 95.2598 81.7354 184.443 175.91 199.07
v34.5h-32c-8.80469 0.0273438 -15.9727 7.19531 -16 16v32c0.0273438 8.80469 7.19531 15.9727 16 16h128c8.83203 0 16 -7.16797 16 -16v-32c0 -8.83203 -7.16797 -16 -16 -16h-32v-34.5c30.8857 -4.76953 75.5469 -24.7461 99.6904 -44.5898l24.6797 24.6797
c2.58691 2.58789 7.65625 4.6875 11.3145 4.6875c3.65918 0 8.72852 -2.09961 11.3154 -4.6875l22.6797 -22.6797c2.58789 -2.58691 4.6875 -7.65625 4.6875 -11.3154c0 -3.6582 -2.09961 -8.72754 -4.6875 -11.3145l-26.5898 -26.5801zM204.37 70.4502l-49.1299 0.0400391
c1.7998 15.6299 14.8496 36.2002 26.4102 51.2002c21.9092 30.0996 34.3496 45.7295 34.3496 81.3096c0 35.1504 -12.5703 61 -55.5703 61c-47.9492 0 -56.4297 -32.9404 -56.4297 -60.2402v-4.06934c0.0703125 -4.45605 3.74316 -8.07129 8.19922 -8.07129
c0.0361328 0 0.0947266 0 0.130859 0.000976562h24.9004c0.0361328 -0.000976562 0.0947266 -0.000976562 0.130859 -0.000976562c4.45508 0 8.12891 3.61523 8.19824 8.07129v5.22949c0 15.2803 3.30078 22.6797 12.6904 22.6797c10.4199 0 12.21 -7.34961 12.21 -24.2695
c0 -25.0205 -6.67969 -33.1504 -27.0996 -62.3398c-23.7803 -33.96 -35.6699 -56.1504 -38.4502 -91.3701c-0.0224609 -0.320312 -0.0410156 -0.84082 -0.0410156 -1.16113c0 -9.08594 7.37402 -16.46 16.46 -16.46c0.0527344 0 0.137695 0 0.19043 0.000976562h82.8506
c0.0332031 -0.000976562 0.0878906 -0.000976562 0.121094 -0.000976562c4.45508 0 8.12891 3.61621 8.19922 8.07129v22.3096c-0.0703125 4.45508 -3.74414 8.07129 -8.19922 8.07129c-0.0332031 0 -0.0878906 -0.000976562 -0.121094 -0.000976562zM344 95.6797v107.021
c0 38.6602 -19 61.2998 -55.7998 61.2998c-36.6201 0 -56.2002 -22.4902 -56.2002 -63.2197v-105.33c0 -33.9307 11.1904 -63.4502 54.7695 -63.4502c44.9307 0 57.2305 28.5195 57.2305 63.6797zM287.87 226.27c10.0098 0 13.0195 -8.05957 13 -19.3291v-115.94
c0 -13.2695 -3.36035 -21.2695 -13 -21.2695s-13.2305 7.47949 -13.2305 20.5898v115.949c0 12.5 3.82031 20 13.2305 20z" />
<glyph glyph-name="store-alt-slash" unicode="&#xf970;" horiz-adv-x="640"
d="M17.8896 324.38l88.4707 -68.3799h-74.2607c-25.5898 0 -40.79 28.5 -26.5898 49.7998zM576 34.5801l57.8301 -44.6797c3.41016 -2.65234 6.17773 -8.31055 6.17773 -12.6309c0 -3.0293 -1.50879 -7.42773 -3.36816 -9.81934l-19.6396 -25.2598
c-2.65234 -3.41895 -8.31543 -6.19434 -12.6426 -6.19434c-3.03223 0 -7.43457 1.51172 -9.82715 3.37402l-588.351 454.72c-3.41016 2.65234 -6.17773 8.31055 -6.17773 12.6309c0 3.02832 1.50879 7.42773 3.36816 9.81934l19.6299 25.2695
c2.65234 3.41309 8.31152 6.18262 12.6338 6.18262c3.03125 0 7.43359 -1.51074 9.82617 -3.37207l34.6904 -26.8203l10.6592 16c5.22266 7.83887 17.1045 14.2002 26.5234 14.2002h0.0869141h405.18h0.0117188c9.45117 0 21.4082 -6.36133 26.6885 -14.2002l85.29 -128
c14.1104 -21.2998 -1.08984 -49.7998 -26.5898 -49.7998h-318.48l41.4004 -32h53.0801v-41l128 -99v140h64v-189.42zM320 64v26.8799l64 -49.4697v-73.4102c0 -17.6641 -14.3359 -32 -32 -32h-256c-17.6641 0 -32 14.3359 -32 32v256h64v-160h192z" />
<glyph glyph-name="store-slash" unicode="&#xf971;" horiz-adv-x="640"
d="M121.51 64h226.91l157.33 -128h-414.52c-16.8105 0 -30.4004 14.2998 -30.4004 32v196.8c4.23047 -1.29297 11.2109 -2.90625 15.5801 -3.59961c4.69629 -0.660156 12.3574 -1.19727 17.0996 -1.2002c7.85352 0.12793 20.3975 1.83008 28 3.7998v-99.7998z
M93.5098 192.09h-0.21875c-3.54883 0 -9.28418 0.385742 -12.8008 0.860352c-58.9404 8.46973 -87.0098 81.6094 -56.4902 135l133.51 -108.62c-16.71 -16.5205 -38.8994 -27.2402 -64 -27.2402zM602.13 -10.0898c3.24316 -2.74219 5.875 -8.41406 5.875 -12.6611
c0 -2.99414 -1.43555 -7.38379 -3.20508 -9.79883l-18.6602 -25.2598c-2.42383 -3.41309 -7.78906 -6.18359 -11.9756 -6.18359c-2.91602 0 -7.10645 1.50684 -9.35449 3.36328l-558.939 454.72c-3.24316 2.74219 -5.875 8.41406 -5.875 12.6611
c0 2.99414 1.43555 7.38379 3.20508 9.79883l18.6602 25.2598c2.42188 3.41211 7.78516 6.18164 11.9697 6.18164c2.91797 0 7.11133 -1.51074 9.36035 -3.37109l33.6895 -27.4004l9.38965 15.7803c4.74609 8.18066 16.2734 14.9014 25.7305 15h383.81
c9.46289 -0.09375 20.9941 -6.81445 25.7402 -15l61.6602 -103.6c31.9404 -53.6006 3.59961 -127.99 -56.0596 -136.4c-3.57129 -0.5 -9.39453 -0.907227 -13 -0.910156c-28.0303 0 -52.9199 13 -70.1104 33.1104c-17.1104 -20.1104 -42 -33.1104 -70.1104 -33.1104
c-7.18164 0.106445 -18.5654 1.96094 -25.4102 4.14062l137.82 -112.11v79.6797c7.59863 -2.00586 20.1426 -3.70898 28 -3.7998c4.79492 0.00585938 12.541 0.542969 17.29 1.2002c4.38281 0.625 11.3584 2.2373 15.5703 3.59961v-130.21z" />
<glyph glyph-name="toilet-paper-slash" unicode="&#xf972;" horiz-adv-x="640"
d="M64 256c0 10.8096 0.530273 21.3398 1.41992 31.6699l316 -244.25c-4.17969 -32.2002 -12.8701 -57.7197 -22.1797 -85.5498c-3.98926 -12.0723 -17.5459 -21.8701 -30.2607 -21.8701h-0.119141h-280.86c-8.78906 0.0429688 -15.9209 7.21094 -15.9209 16
c0 1.41504 0.358398 3.65527 0.800781 5c21.3701 64.1201 31.1201 85.75 31.1201 126.87v172.13zM633.82 -10.0898c3.41602 -2.65234 6.18848 -8.31445 6.18848 -12.6387c0 -3.03027 -1.50879 -7.42969 -3.36914 -9.82129l-19.6396 -25.2598
c-2.65234 -3.41699 -8.31445 -6.18945 -12.6387 -6.18945c-3.03027 0 -7.42969 1.50977 -9.82129 3.36914l-588.36 454.72c-3.41211 2.65234 -6.18262 8.3125 -6.18262 12.6338c0 3.03223 1.51172 7.43359 3.37305 9.82617l19.6299 25.2598
c2.65234 3.41309 8.31152 6.18262 12.6338 6.18262c3.03125 0 7.43359 -1.51074 9.82617 -3.37207l53.2803 -41.1504c16.6299 27.7002 37.9297 44.5303 61.2598 44.5303h284.5c-36.8701 -38.5 -60.5 -108.38 -60.5 -192v-73l50.4297 -39
c-11.4297 31.5996 -18.4297 70 -18.4297 112c0 106 43 192 96 192s96 -86 96 -192c0 -92.3203 -32.7197 -168.91 -76.1797 -187.28zM512 192c17.6201 0 32 28.6299 32 64s-14.3701 64 -32 64s-32 -28.6201 -32 -64s14.3701 -64 32 -64z" />
<glyph glyph-name="virus" unicode="&#xf974;"
d="M483.55 220.45c0.147461 0.00292969 0.356445 0.00488281 0.503906 0.00488281c15.7041 0 28.4492 -12.7461 28.4492 -28.4502s-12.7451 -28.4502 -28.4492 -28.4502c-0.147461 0 -0.386719 0.00292969 -0.53418 0.00488281h-21.5391
c-50.6807 0 -76.0703 -61.2793 -40.2305 -97.1191l15.25 -15.2402c4.15039 -4.50879 7.51855 -13.1406 7.51855 -19.2686c0 -15.7051 -12.7451 -28.4502 -28.4502 -28.4502c-6.12793 0 -14.7598 3.36816 -19.2686 7.51855l-15.2402 15.2305
c-35.8398 35.8398 -97.1094 10.4492 -97.1094 -40.2305v-21.5195c0 -15.7051 -12.7461 -28.4502 -28.4502 -28.4502s-28.4502 12.7451 -28.4502 28.4502v21.5391c0 50.6807 -61.2695 76.0703 -97.1094 40.2305l-15.2402 -15.25
c-4.50879 -4.15039 -13.1406 -7.51855 -19.2686 -7.51855c-15.7051 0 -28.4502 12.7451 -28.4502 28.4502c0 6.12793 3.36816 14.7598 7.51855 19.2686l15.2305 15.2402c35.8398 35.8398 10.4492 97.1191 -40.2305 97.1191h-21.5498
c-0.147461 -0.00195312 -0.386719 -0.00488281 -0.533203 -0.00488281c-15.7051 0 -28.4502 12.7461 -28.4502 28.4502s12.7451 28.4502 28.4502 28.4502c0.146484 0 0.385742 -0.00195312 0.533203 -0.00488281h21.5693c50.6807 0 76.0703 61.2695 40.2305 97.1094
l-15.25 15.25c-4.21094 4.52148 -7.62793 13.2051 -7.62793 19.3828c0 15.6992 12.7412 28.4404 28.4404 28.4404c6.17969 0 14.8662 -3.41992 19.3877 -7.63281l15.2402 -15.2305c35.8398 -35.8291 97.1094 -10.4492 97.1094 40.2305v21.5596
c0 15.7051 12.7461 28.4502 28.4502 28.4502s28.4502 -12.7451 28.4502 -28.4502v-21.5498c0 -50.6797 61.2695 -76.0596 97.1094 -40.2295l15.2402 15.2197c4.52148 4.21289 13.208 7.63281 19.3877 7.63281c15.6992 0 28.4404 -12.7412 28.4404 -28.4404
c0 -6.17773 -3.41699 -14.8613 -7.62793 -19.3828l-15.2305 -15.25c-35.8398 -35.8398 -10.4492 -97.1094 40.2305 -97.1094h21.5498zM224 176c26.4961 0 48 21.5039 48 48s-21.5039 48 -48 48s-48 -21.5039 -48 -48s21.5039 -48 48 -48zM304 120c13.248 0 24 10.752 24 24
s-10.752 24 -24 24s-24 -10.752 -24 -24s10.752 -24 24 -24z" />
<glyph glyph-name="virus-slash" unicode="&#xf975;" horiz-adv-x="640"
d="M114 220.44c8.37207 0.0664062 20.9922 3.61914 28.1699 7.92969l244.5 -189c-21.2197 -7.45996 -38.2197 -26.7598 -38.2197 -53.3701v-21.5195c0 -15.7051 -12.7461 -28.4502 -28.4502 -28.4502s-28.4502 12.7451 -28.4502 28.4502v21.5391
c0 50.6807 -61.2695 76.0703 -97.1094 40.2305l-15.25 -15.25c-4.66113 -5.03711 -14.0127 -9.125 -20.875 -9.125c-15.6992 0 -28.4404 12.7412 -28.4404 28.4404c0 6.8623 4.08789 16.2139 9.125 20.875l15.2305 15.25c35.8291 35.8398 10.4492 97.1191 -40.2305 97.1191
h-21.5596c-15.6992 0 -28.4404 12.7412 -28.4404 28.4404s12.7412 28.4404 28.4404 28.4404h21.5596zM633.82 -10.0898c3.41602 -2.65234 6.18848 -8.31445 6.18848 -12.6387c0 -3.03027 -1.50879 -7.42969 -3.36914 -9.82129l-19.6396 -25.2598
c-2.65234 -3.41699 -8.31445 -6.18945 -12.6387 -6.18945c-3.03027 0 -7.42969 1.50977 -9.82129 3.36914l-588.36 454.72c-3.41211 2.65234 -6.18262 8.3125 -6.18262 12.6338c0 3.03223 1.51172 7.43359 3.37305 9.82617l19.6299 25.2598
c2.65234 3.41309 8.31152 6.18262 12.6338 6.18262c3.03125 0 7.43359 -1.51074 9.82617 -3.37207l93.2598 -72.0801c0.129883 0.139648 0.150391 0.320312 0.280273 0.459961c4.5957 4.5918 13.5986 8.31934 20.0947 8.31934c6.49707 0 15.5 -3.72754 20.0957 -8.31934
l15.25 -15.2305c35.8398 -35.8398 97.1094 -10.46 97.1094 40.2305v21.5498c0 15.7051 12.7461 28.4502 28.4502 28.4502s28.4502 -12.7451 28.4502 -28.4502v-21.54c0 -50.6895 61.2695 -76.0693 97.1094 -40.2295l15.25 15.2197
c4.51367 4.17578 13.167 7.56543 19.3154 7.56543c15.6992 0 28.4404 -12.7412 28.4404 -28.4404c0 -6.14844 -3.38965 -14.8018 -7.56543 -19.3154l-15.2305 -15.29c-35.8291 -35.8398 -10.4492 -97.1191 40.2305 -97.1191h21.5596
c15.6992 0 28.4404 -12.7412 28.4404 -28.4404s-12.7412 -28.4404 -28.4404 -28.4404v0h-21.5498c-30.4795 0 -51.2197 -22.1299 -55.3896 -47.5195zM335.43 220.52c0.0898438 1.19043 0.570312 2.26074 0.570312 3.48047c0 26.4961 -21.5039 48 -48 48
c-4.39844 -0.0683594 -11.3154 -1.36328 -15.4404 -2.88965z" />
<glyph glyph-name="viruses" unicode="&#xf976;" horiz-adv-x="640"
d="M624 96c8.83203 0 16 -7.16797 16 -16s-7.16797 -16 -16 -16h-12.1201c-28.5098 0 -42.79 -34.4697 -22.6299 -54.6299l8.58008 -8.57031c2.58691 -2.58691 4.68652 -7.65625 4.68652 -11.3145c0 -8.83301 -7.16895 -16.002 -16.002 -16.002
c-3.6582 0 -8.72754 2.09961 -11.3145 4.68652l-8.57031 8.58008c-20.1602 20.1602 -54.6299 5.87988 -54.6299 -22.6299v-12.1201c0 -8.83203 -7.16797 -16 -16 -16s-16 7.16797 -16 16v12.1201c0 28.5098 -34.4697 42.79 -54.6299 22.6299l-8.57031 -8.58008
c-2.58691 -2.58691 -7.65625 -4.68652 -11.3145 -4.68652c-8.83301 0 -16.002 7.16895 -16.002 16.002c0 3.6582 2.09961 8.72754 4.68652 11.3145l8.58008 8.57031c20.1602 20.1602 5.87988 54.6299 -22.6299 54.6299h-12.1201c-8.83203 0 -16 7.16797 -16 16
s7.16797 16 16 16h12.1201c28.5098 0 42.79 34.4697 22.6299 54.6299l-8.58008 8.57031c-2.58691 2.58691 -4.68652 7.65625 -4.68652 11.3145c0 8.83301 7.16895 16.002 16.002 16.002c3.6582 0 8.72754 -2.09961 11.3145 -4.68652l8.57031 -8.58008
c20.1602 -20.1602 54.6299 -5.87988 54.6299 22.6299v12.1201c0 8.83203 7.16797 16 16 16s16 -7.16797 16 -16v-12.1201c0 -28.5098 34.4697 -42.79 54.6299 -22.6299l8.57031 8.58008c2.58691 2.58691 7.65625 4.68652 11.3145 4.68652
c8.83301 0 16.002 -7.16895 16.002 -16.002c0 -3.6582 -2.09961 -8.72754 -4.68652 -11.3145l-8.58008 -8.57031c-20.1602 -20.1602 -5.87988 -54.6299 22.6299 -54.6299h12.1201zM480 64c17.6641 0 32 14.3359 32 32s-14.3359 32 -32 32s-32 -14.3359 -32 -32
s14.3359 -32 32 -32zM346.51 234.67c-38.0195 0 -57.0498 -45.96 -30.1699 -72.8398l11.4297 -11.4297c3.44922 -3.44922 6.24902 -10.208 6.24902 -15.085c0 -11.7764 -9.55762 -21.334 -21.334 -21.334c-4.87695 0 -11.6357 2.7998 -15.085 6.24902l-11.4297 11.4297
c-26.8398 26.8799 -72.8398 7.83008 -72.8398 -30.1699v-16.1602c0 -11.7744 -9.55566 -21.3301 -21.3301 -21.3301s-21.3301 9.55566 -21.3301 21.3301v16.1602c0 38.0195 -45.96 57.0498 -72.8398 30.1699l-11.4297 -11.4297
c-3.44922 -3.44922 -10.208 -6.24902 -15.085 -6.24902c-11.7764 0 -21.334 9.55762 -21.334 21.334c0 4.87695 2.7998 11.6357 6.24902 15.085l11.4297 11.4297c26.8799 26.8398 7.83008 72.8398 -30.1699 72.8398h-16.1602c-11.7744 0 -21.3301 9.55566 -21.3301 21.3301
s9.55566 21.3301 21.3301 21.3301h16.1602c38.0195 0 57.0498 45.96 30.1699 72.8398l-11.4297 11.4404c-3.41895 3.44336 -6.19434 10.1758 -6.19434 15.0283c0 11.7744 9.55566 21.3301 21.3301 21.3301c4.85449 0 11.5898 -2.77734 15.0342 -6.19922l11.4297 -11.4297
c26.8398 -26.8799 72.8398 -7.83008 72.8398 30.1699v16.1602c0 11.7744 9.55566 21.3301 21.3301 21.3301s21.3301 -9.55566 21.3301 -21.3301v-16.1602c0 -38.0195 45.96 -57.0498 72.8398 -30.1699l11.4297 11.4297c3.44434 3.42188 10.1797 6.19922 15.0342 6.19922
c11.7744 0 21.3301 -9.55566 21.3301 -21.3301c0 -4.85254 -2.77539 -11.585 -6.19434 -15.0283l-11.4297 -11.4404c-26.8799 -26.8398 -7.83008 -72.8398 30.1699 -72.8398h16.1602c11.7744 0 21.3301 -9.55566 21.3301 -21.3301s-9.55566 -21.3301 -21.3301 -21.3301
h-16.1602zM160 256c17.6641 0 32 14.3359 32 32s-14.3359 32 -32 32s-32 -14.3359 -32 -32s14.3359 -32 32 -32zM240 224c8.83203 0 16 7.16797 16 16s-7.16797 16 -16 16s-16 -7.16797 -16 -16s7.16797 -16 16 -16z" />
</font>
</defs></svg>

Before

Width:  |  Height:  |  Size: 820 KiB

After

Width:  |  Height:  |  Size: 876 KiB

File diff suppressed because one or more lines are too long

File diff suppressed because one or more lines are too long

View file

@ -59,6 +59,12 @@
<span>{{.UsersTitle}}</span></a>
</li>
<li class="nav-item {{if eq .CurrentURL .FoldersURL}}active{{end}}">
<a class="nav-link" href="{{.FoldersURL}}">
<i class="fas fa-folder"></i>
<span>{{.FoldersTitle}}</span></a>
</li>
<li class="nav-item {{if eq .CurrentURL .ConnectionsURL}}active{{end}}">
<a class="nav-link" href="{{.ConnectionsURL}}">
<i class="fas fa-exchange-alt"></i>

23
templates/folder.html Normal file
View file

@ -0,0 +1,23 @@
{{template "base" .}}
{{define "title"}}{{.Title}}{{end}}
{{define "page_body"}}
<h1 class="h5 mb-4 text-gray-800">Add a new folder</h1>
{{if .Error}}
<div class="card mb-4 border-left-warning">
<div class="card-body text-form-error">{{.Error}}</div>
</div>
{{end}}
<form id="folder_form" action="{{.CurrentURL}}" method="POST" autocomplete="off">
<div class="form-group row">
<label for="idMappedPath" class="col-sm-2 col-form-label">Absolute Path</label>
<div class="col-sm-10">
<input type="text" class="form-control" id="idMappedPath" name="mapped_path" placeholder=""
value="{{.Folder.MappedPath}}" maxlength="512" autocomplete="nope" required>
</div>
</div>
<button type="submit" class="btn btn-primary float-right mt-3 mb-5 px-5 px-3">Submit</button>
</form>
{{end}}

205
templates/folders.html Normal file
View file

@ -0,0 +1,205 @@
{{template "base" .}}
{{define "title"}}{{.Title}}{{end}}
{{define "extra_css"}}
<link href="/static/vendor/datatables/dataTables.bootstrap4.min.css" rel="stylesheet">
<link href="/static/vendor/datatables/select.bootstrap4.min.css" rel="stylesheet">
<link href="/static/vendor/datatables/buttons.bootstrap4.min.css" rel="stylesheet">
{{end}}
{{define "page_body"}}
<div id="errorMsg" class="card mb-4 border-left-warning" style="display: none;">
<div id="errorTxt" class="card-body text-form-error"></div>
</div>
<div id="successMsg" class="card mb-4 border-left-success" style="display: none;">
<div id="successTxt" class="card-body"></div>
</div>
<div class="card shadow mb-4">
<div class="card-header py-3">
<h6 class="m-0 font-weight-bold text-primary">View and manage folders</h6>
</div>
<div class="card-body">
<div class="table-responsive">
<table class="table table-striped table-bordered" id="dataTable" width="100%" cellspacing="0">
<thead>
<tr>
<th>Path</th>
<th>Quota</th>
<th>Used by</th>
</tr>
</thead>
<tbody>
{{range .Folders}}
<tr>
<td>{{.MappedPath}}</td>
<td>{{.GetQuotaSummary}}</td>
<td>{{.GetUsersAsString}}</td>
</tr>
{{end}}
</tbody>
</table>
</div>
</div>
</div>
{{end}}
{{define "dialog"}}
<div class="modal fade" id="deleteModal" tabindex="-1" role="dialog" aria-labelledby="deleteModalLabel"
aria-hidden="true">
<div class="modal-dialog" role="document">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="deleteModalLabel">
Confirmation required
</h5>
<button class="close" type="button" data-dismiss="modal" aria-label="Close">
<span aria-hidden="true">×</span>
</button>
</div>
<div class="modal-body">Do you want to delete the selected virtual folder and any users mapping?</div>
<div class="modal-footer">
<button class="btn btn-secondary" type="button" data-dismiss="modal">
Cancel
</button>
<a class="btn btn-warning" href="#" onclick="deleteAction()">
Delete
</a>
</div>
</div>
</div>
</div>
{{end}}
{{define "extra_js"}}
<script src="/static/vendor/datatables/jquery.dataTables.min.js"></script>
<script src="/static/vendor/datatables/dataTables.bootstrap4.min.js"></script>
<script src="/static/vendor/datatables/dataTables.select.min.js"></script>
<script src="/static/vendor/datatables/select.bootstrap4.min.js"></script>
<script src="/static/vendor/datatables/dataTables.buttons.min.js"></script>
<script src="/static/vendor/datatables/buttons.bootstrap4.min.js"></script>
<script type="text/javascript">
function deleteAction() {
var table = $('#dataTable').DataTable();
table.button(1).enable(false);
var folderPath = table.row({ selected: true }).data()[0];
var path = '{{.APIFoldersURL}}'.trimEnd("/") + "?folder_path=" + encodeURIComponent(folderPath);
$('#deleteModal').modal('hide');
$.ajax({
url: path,
type: 'DELETE',
dataType: 'json',
timeout: 15000,
success: function (result) {
table.button(1).enable(true);
window.location.href = '{{.FoldersURL}}';
},
error: function ($xhr, textStatus, errorThrown) {
console.log("delete error")
table.button(1).enable(true);
var txt = "Unable to delete the selected folder";
if ($xhr) {
var json = $xhr.responseJSON;
if (json) {
txt += ": " + json.error;
}
}
$('#errorTxt').text(txt);
$('#errorMsg').show();
setTimeout(function () {
$('#errorMsg').hide();
}, 5000);
}
});
}
$(document).ready(function () {
$.fn.dataTable.ext.buttons.add = {
text: 'Add',
action: function (e, dt, node, config) {
window.location.href = '{{.FolderURL}}';
}
};
$.fn.dataTable.ext.buttons.delete = {
text: 'Delete',
action: function (e, dt, node, config) {
$('#deleteModal').modal('show');
},
enabled: false
};
$.fn.dataTable.ext.buttons.quota_scan = {
text: 'Quota scan',
action: function (e, dt, node, config) {
table.button(2).enable(false);
var folderPath = dt.row({ selected: true }).data()[0];
var path = '{{.APIFolderQuotaScanURL}}'
$.ajax({
url: path,
type: 'POST',
dataType: 'json',
data: JSON.stringify({ "mapped_path": folderPath }),
timeout: 15000,
success: function (result) {
table.button(2).enable(true);
$('#successTxt').text("Quota scan started for the selected folder. Please reload the folders page to check when the scan ends");
$('#successMsg').show();
setTimeout(function () {
$('#successMsg').hide();
}, 5000);
},
error: function ($xhr, textStatus, errorThrown) {
console.log("quota scan error")
table.button(2).enable(true);
var txt = "Unable to update quota for the selected folder";
if ($xhr) {
var json = $xhr.responseJSON;
if (json) {
if (json.message) {
txt += ": " + json.message;
} else if (json.error) {
txt += ": " + json.error;
}
}
}
$('#errorTxt').text(txt);
$('#errorMsg').show();
setTimeout(function () {
$('#errorMsg').hide();
}, 5000);
}
});
},
enabled: false
};
var table = $('#dataTable').DataTable({
dom: "<'row'<'col-sm-12'B>>" +
"<'row'<'col-sm-12 col-md-6'l><'col-sm-12 col-md-6'f>>" +
"<'row'<'col-sm-12'tr>>" +
"<'row'<'col-sm-12 col-md-5'i><'col-sm-12 col-md-7'p>>",
select: true,
buttons: [
'add','delete', 'quota_scan'
],
"scrollX": false,
"order": [[0, 'asc']]
});
table.on('select deselect', function () {
var selectedRows = table.rows({ selected: true }).count();
table.button(1).enable(selectedRows == 1);
table.button(2).enable(selectedRows == 1);
});
});
</script>
{{end}}

View file

@ -124,10 +124,10 @@
<div class="col-sm-10">
<textarea class="form-control" id="idVirtualFolders" name="virtual_folders" rows="3"
aria-describedby="vfHelpBlock">{{range $index, $mapping := .User.VirtualFolders -}}
{{$mapping.VirtualPath}}::{{$mapping.MappedPath}}{{if $mapping.ExcludeFromQuota}}::1{{end}}&#10;
{{$mapping.VirtualPath}}::{{$mapping.MappedPath}}::{{$mapping.QuotaFiles}}::{{$mapping.QuotaSize}}&#10;
{{- end}}</textarea>
<small id="vfHelpBlock" class="form-text text-muted">
One mapping per line as vpath::path::[exclude_from_quota], for example /vdir::/home/adir or /vdir::C:\adir::1, ignored for non local filesystems
One mapping per line as vpath::path::[quota_files]::[quota_size(bytes)], for example /vdir::/home/adir or /vdir::C:\adir::10::104857600. Quota -1 means included inside user quota. Ignored for non local filesystems
</small>
</div>
</div>

71
vfs/folder.go Normal file
View file

@ -0,0 +1,71 @@
package vfs
import (
"fmt"
"strconv"
"strings"
"github.com/drakkan/sftpgo/utils"
)
// BaseVirtualFolder defines the path for the virtual folder and the used quota limits.
// The same folder can be shared among multiple users and each user can have different
// quota limits or a different virtual path.
type BaseVirtualFolder struct {
ID int64 `json:"id"`
MappedPath string `json:"mapped_path"`
UsedQuotaSize int64 `json:"used_quota_size"`
// Used quota as number of files
UsedQuotaFiles int `json:"used_quota_files"`
// Last quota update as unix timestamp in milliseconds
LastQuotaUpdate int64 `json:"last_quota_update"`
// list of usernames associated with this virtual folder
Users []string `json:"users,omitempty"`
}
// GetUsersAsString returns the list of users as comma separated string
func (v *BaseVirtualFolder) GetUsersAsString() string {
return strings.Join(v.Users, ",")
}
// GetQuotaSummary returns used quota and last update as string
func (v *BaseVirtualFolder) GetQuotaSummary() string {
var result string
result = "Files: " + strconv.Itoa(v.UsedQuotaFiles)
if v.UsedQuotaSize > 0 {
result += ". Size: " + utils.ByteCountSI(v.UsedQuotaSize)
}
if v.LastQuotaUpdate > 0 {
t := utils.GetTimeFromMsecSinceEpoch(v.LastQuotaUpdate)
result += fmt.Sprintf(". Last update: %v ", t.Format("2006-01-02 15:04:05")) // YYYY-MM-DD HH:MM:SS
}
return result
}
// VirtualFolder defines a mapping between a SFTP/SCP virtual path and a
// filesystem path outside the user home directory.
// The specified paths must be absolute and the virtual path cannot be "/",
// it must be a sub directory. The parent directory for the specified virtual
// path must exist. SFTPGo will try to automatically create any missing
// parent directory for the configured virtual folders at user login.
type VirtualFolder struct {
BaseVirtualFolder
VirtualPath string `json:"virtual_path"`
// Maximum size allowed as bytes. 0 means unlimited, -1 included in user quota
QuotaSize int64 `json:"quota_size"`
// Maximum number of files allowed. 0 means unlimited, -1 included in user quota
QuotaFiles int `json:"quota_files"`
}
// IsIncludedInUserQuota returns true if the virtual folder is included in user quota
func (v *VirtualFolder) IsIncludedInUserQuota() bool {
return v.QuotaFiles == -1 && v.QuotaSize == -1
}
// HasNoQuotaRestrictions returns true if no quota restrictions need to be applyed
func (v *VirtualFolder) HasNoQuotaRestrictions(checkFiles bool) bool {
if v.QuotaSize == 0 && (!checkFiles || v.QuotaFiles == 0) {
return true
}
return false
}

View file

@ -417,6 +417,12 @@ func (fs GCSFs) ScanRootDirContents() (int, int64, error) {
return numFiles, size, err
}
// GetDirSize returns the number of files and the size for a folder
// including any subfolders
func (GCSFs) GetDirSize(dirname string) (int, int64, error) {
return 0, 0, errors.New("Not implemented")
}
// GetAtomicUploadPath returns the path to use for an atomic upload.
// S3 uploads are already atomic, we never call this method for S3
func (GCSFs) GetAtomicUploadPath(name string) string {

View file

@ -173,12 +173,12 @@ func (fs OsFs) CheckRootPath(username string, uid int, gid int) bool {
// ScanRootDirContents returns the number of files contained in a directory and
// their size
func (fs OsFs) ScanRootDirContents() (int, int64, error) {
numFiles, size, err := fs.getDirSize(fs.rootDir)
numFiles, size, err := fs.GetDirSize(fs.rootDir)
for _, v := range fs.virtualFolders {
if v.ExcludeFromQuota {
if !v.IsIncludedInUserQuota() {
continue
}
num, s, err := fs.getDirSize(v.MappedPath)
num, s, err := fs.GetDirSize(v.MappedPath)
if err != nil {
if fs.IsNotExist(err) {
fsLog(fs, logger.LevelWarn, "unable to scan contents for non-existent mapped path: %#v", v.MappedPath)
@ -252,6 +252,27 @@ func (fs OsFs) ResolvePath(sftpPath string) (string, error) {
return r, err
}
// GetDirSize returns the number of files and the size for a folder
// including any subfolders
func (fs OsFs) GetDirSize(dirname string) (int, int64, error) {
numFiles := 0
size := int64(0)
isDir, err := IsDirectory(fs, dirname)
if err == nil && isDir {
err = filepath.Walk(dirname, func(path string, info os.FileInfo, err error) error {
if err != nil {
return err
}
if info != nil && info.Mode().IsRegular() {
size += info.Size()
numFiles++
}
return err
})
}
return numFiles, size, err
}
// GetFsPaths returns the base path and filesystem path for the given sftpPath.
// base path is the root dir or matching the virtual folder dir for the sftpPath.
// file path is the filesystem path matching the sftpPath
@ -370,22 +391,3 @@ func (fs *OsFs) createMissingDirs(filePath string, uid, gid int) error {
}
return nil
}
func (fs *OsFs) getDirSize(dirname string) (int, int64, error) {
numFiles := 0
size := int64(0)
isDir, err := IsDirectory(fs, dirname)
if err == nil && isDir {
err = filepath.Walk(dirname, func(path string, info os.FileInfo, err error) error {
if err != nil {
return err
}
if info != nil && info.Mode().IsRegular() {
size += info.Size()
numFiles++
}
return err
})
}
return numFiles, size, err
}

View file

@ -437,6 +437,12 @@ func (fs S3Fs) ScanRootDirContents() (int, int64, error) {
return numFiles, size, err
}
// GetDirSize returns the number of files and the size for a folder
// including any subfolders
func (S3Fs) GetDirSize(dirname string) (int, int64, error) {
return 0, 0, errors.New("Not implemented")
}
// GetAtomicUploadPath returns the path to use for an atomic upload.
// S3 uploads are already atomic, we never call this method for S3
func (S3Fs) GetAtomicUploadPath(name string) string {

View file

@ -39,6 +39,7 @@ type Fs interface {
IsNotExist(err error) bool
IsPermission(err error) bool
ScanRootDirContents() (int, int64, error)
GetDirSize(dirname string) (int, int64, error)
GetAtomicUploadPath(name string) string
GetRelativePath(name string) string
Join(elem ...string) string
@ -48,8 +49,8 @@ type Fs interface {
type S3FsConfig struct {
Bucket string `json:"bucket,omitempty"`
// KeyPrefix is similar to a chroot directory for local filesystem.
// If specified the SFTP user will only see objects that starts with
// this prefix and so you can restrict access to a specific virtual
// If specified then the SFTP user will only see objects that starts
// with this prefix and so you can restrict access to a specific
// folder. The prefix, if not empty, must not start with "/" and must
// end with "/".
// If empty the whole bucket contents will be available
@ -75,8 +76,8 @@ type S3FsConfig struct {
type GCSFsConfig struct {
Bucket string `json:"bucket,omitempty"`
// KeyPrefix is similar to a chroot directory for local filesystem.
// If specified the SFTP user will only see objects that starts with
// this prefix and so you can restrict access to a specific virtual
// If specified then the SFTP user will only see objects that starts
// with this prefix and so you can restrict access to a specific
// folder. The prefix, if not empty, must not start with "/" and must
// end with "/".
// If empty the whole bucket contents will be available
@ -122,19 +123,6 @@ func (p *PipeWriter) WriteAt(data []byte, off int64) (int, error) {
return p.writer.WriteAt(data, off)
}
// VirtualFolder defines a mapping between a SFTP/SCP virtual path and a
// filesystem path outside the user home directory.
// The specified paths must be absolute and the virtual path cannot be "/",
// it must be a sub directory. The parent directory for the specified virtual
// path must exist. SFTPGo will try to automatically create any missing
// parent directory for the configured virtual folders at user login.
type VirtualFolder struct {
VirtualPath string `json:"virtual_path"`
MappedPath string `json:"mapped_path"`
// Enable to exclude this folder from the user quota
ExcludeFromQuota bool `json:"exclude_from_quota"`
}
// IsDirectory checks if a path exists and is a directory
func IsDirectory(fs Fs, path string) (bool, error) {
fileInfo, err := fs.Stat(path)