webclient: add more test cases for shares

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>

go.mod

@@ -54,7 +54,7 @@ require (
 	github.com/rs/xid v1.5.0
 	github.com/rs/zerolog v1.32.0
 	github.com/sftpgo/sdk v0.1.6-0.20240317102632-f6eb95ea55c3
-	github.com/shirou/gopsutil/v3 v3.24.2
+	github.com/shirou/gopsutil/v3 v3.24.3
 	github.com/spf13/afero v1.11.0
 	github.com/spf13/cobra v1.8.0
 	github.com/spf13/viper v1.18.2

go.sum

@@ -356,8 +356,8 @@ github.com/segmentio/asm v1.2.0 h1:9BQrFxC+YOHJlTlHGkTrFWf59nbL3XnCoFLTwDCI7ys=
 github.com/segmentio/asm v1.2.0/go.mod h1:BqMnlJP91P8d+4ibuonYZw9mfnzI9HfxselHZr5aAcs=
 github.com/sftpgo/sdk v0.1.6-0.20240317102632-f6eb95ea55c3 h1:svxTNm3r2kRlpuVSUKi0WKQlsAq8VI0EzDWPNqeNn/o=
 github.com/sftpgo/sdk v0.1.6-0.20240317102632-f6eb95ea55c3/go.mod h1:AWoY2YYe/P1ymfTlRER/meERQjCcZZTbgVPGcPQgaqc=
-github.com/shirou/gopsutil/v3 v3.24.2 h1:kcR0erMbLg5/3LcInpw0X/rrPSqq4CDPyI6A6ZRC18Y=
+github.com/shirou/gopsutil/v3 v3.24.3 h1:eoUGJSmdfLzJ3mxIhmOAhgKEKgQkeOwKpz1NbhVnuPE=
-github.com/shirou/gopsutil/v3 v3.24.2/go.mod h1:tSg/594BcA+8UdQU2XcW803GWYgdtauFFPgJCJKZlVk=
+github.com/shirou/gopsutil/v3 v3.24.3/go.mod h1:JpND7O217xa72ewWz9zN2eIIkPWsDN/3pl0H8Qt0uwg=
 github.com/shoenig/go-m1cpu v0.1.6 h1:nxdKQNcEB6vzgA2E2bvzKIYRuNj7XNJ4S/aRSwKzFtM=
 github.com/shoenig/go-m1cpu v0.1.6/go.mod h1:1JJMcUBvfNwpq05QDQVAnx3gUHr9IYF7GNg9SUEw2VQ=
 github.com/shoenig/test v0.6.4 h1:kVTaSd7WLz5WZ2IaoM0RSzRsUD+m8wRR+5qvntpn4LU=

internal/httpd/httpd_test.go

@@ -14554,11 +14554,13 @@ func TestShareUploadSingle(t *testing.T) {
 func TestShareReadWrite(t *testing.T) {
 	u := getTestUser()
 	u.Filters.StartDirectory = path.Join("/start", "dir")
+	u.Permissions["/start/dir/limited"] = []string{dataprovider.PermListItems}
 	user, _, err := httpdtest.AddUser(u, http.StatusCreated)
 	assert.NoError(t, err)
 	token, err := getJWTAPIUserTokenFromTestServer(defaultUsername, defaultPassword)
 	assert.NoError(t, err)
 	testFileName := "test.txt"
+	testSubDirs := "/sub/dir"
 
 	share := dataprovider.Share{
 		Name:      "test share rw",
@@ -14600,6 +14602,27 @@ func TestShareReadWrite(t *testing.T) {
 	checkResponseCode(t, http.StatusCreated, rr)
 	assert.FileExists(t, filepath.Join(user.GetHomeDir(), user.Filters.StartDirectory, testFileName))
 
+	req, err = http.NewRequest(http.MethodPost, path.Join(sharesPath, objectID)+"/"+url.PathEscape(path.Join(testSubDirs, testFileName)), bytes.NewBuffer(content))
+	assert.NoError(t, err)
+	req.SetBasicAuth(defaultUsername, defaultPassword)
+	rr = executeRequest(req)
+	checkResponseCode(t, http.StatusNotFound, rr)
+
+	req, err = http.NewRequest(http.MethodPost, path.Join(sharesPath, objectID)+"/"+url.PathEscape(path.Join(testSubDirs, testFileName))+"?mkdir_parents=true",
+		bytes.NewBuffer(content))
+	assert.NoError(t, err)
+	req.SetBasicAuth(defaultUsername, defaultPassword)
+	rr = executeRequest(req)
+	checkResponseCode(t, http.StatusCreated, rr)
+	assert.FileExists(t, filepath.Join(user.GetHomeDir(), user.Filters.StartDirectory, testSubDirs, testFileName))
+
+	req, err = http.NewRequest(http.MethodPost, path.Join(sharesPath, objectID)+"/"+url.PathEscape(path.Join("limited", "sub", testFileName))+"?mkdir_parents=true",
+		bytes.NewBuffer(content))
+	assert.NoError(t, err)
+	req.SetBasicAuth(defaultUsername, defaultPassword)
+	rr = executeRequest(req)
+	checkResponseCode(t, http.StatusForbidden, rr)
+
 	req, err = http.NewRequest(http.MethodPost, path.Join(webClientPubSharesPath, objectID, "/browse/exist?path=%2F"), bytes.NewBuffer(asJSON))
 	assert.NoError(t, err)
 	req.SetBasicAuth(defaultUsername, defaultPassword)

templates/common/base.html

@@ -976,7 +976,7 @@ explicit grant from the SFTPGo Team (support@sftpgo.com).
                             itemsList.removeClass("d-none");
                             $.each(params.items, function(key, item) {
                                 itemText = escapeHTML(item);
-                                itemsList.append(`<li class="d-flex align-items-center py-2 fw-bold fs-6 text-gray-800"><span class="bullet bullet-dot me-5"></span>${itemText}</li>`);
+                                itemsList.append(`<li class="d-flex align-items-center py-2 fw-bold fs-6 text-gray-800"><span class="bullet bullet-dot bg-primary me-2"></span>${itemText}</li>`);
                             });
                         }
 

templates/webclient/files.html

@@ -2114,27 +2114,27 @@ explicit grant from the SFTPGo Team (support@sftpgo.com).
                 uploadFile();
                 return;
             }
-            let existingFiles = [];
+            let existingEntries = [];
-            let existingDirs = [];
+            let fileOverwriteDirs = [];
             $.each(result.data, function (key, item) {
                 if (item.type === "1" && !dirsArray.includes(item.name)) {
-                    existingDirs.push(item.name);
+                    fileOverwriteDirs.push(item.name);
                 } else {
-                    existingFiles.push(item.name);
+                    existingEntries.push(item.name);
                 }
             });
-            if (existingDirs.length > 0) {
+            if (fileOverwriteDirs.length > 0) {
                 has_errors = true;
-                setI18NData($('#errorTxt'), "fs.upload.err_dir_overwrite", {val: existingDirs.join(", ")});
+                setI18NData($('#errorTxt'), "fs.upload.err_dir_overwrite", {val: fileOverwriteDirs.join(", ")});
                 $('#errorMsg').removeClass("d-none");
                 uploadFile();
                 return;
             }
-            if (existingFiles.length > 0) {
+            if (existingEntries.length > 0) {
                 KTApp.hidePageLoading();
                 ModalAlert.fire({
                     text: $.t('fs.upload.overwrite_text'),
-                    items: existingFiles,
+                    items: existingEntries,
                     icon: "warning",
                     confirmButtonText: $.t('general.confirm'),
                     cancelButtonText: $.t('general.cancel'),