injectlib/OpenList
1
0
Fork 0
mirror of https://github.com/OpenListTeam/OpenList.git synced 2025-11-25 03:15:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix(backup-restore): add shares (#1500)

Browse Source
This commit is contained in:
KirCute
2025-11-05 12:11:20 +08:00
committed by GitHub
parent 6de15b6310
commit b9f058fcc9
2 changed files with 60 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
internal/db/sharing.go
View File

@@ -38,18 +38,26 @@ func GetSharingsByCreatorId(creator uint, pageIndex, pageSize int) (sharings []m
} }
func CreateSharing(s *model.SharingDB) (string, error) { func CreateSharing(s *model.SharingDB) (string, error) {
id := random.String(8) if s.ID == "" {
for len(id) < 12 { id := random.String(8)
old := model.SharingDB{ for len(id) < 12 {
ID: id, old := model.SharingDB{
ID: id,
}
if err := db.Where(old).First(&old).Error; err != nil {
s.ID = id
return id, errors.WithStack(db.Create(s).Error)
}
id += random.String(1)
} }
if err := db.Where(old).First(&old).Error; err != nil { return "", errors.New("failed find valid id")
s.ID = id } else {
return id, errors.WithStack(db.Create(s).Error) query := model.SharingDB{ID: s.ID}
if err := db.Where(query).First(&query).Error; err == nil {
return "", errors.New("sharing already exist")
} }
id += random.String(1) return s.ID, errors.WithStack(db.Create(s).Error)
} }
return "", errors.New("failed find valid id")
} }
func UpdateSharing(s *model.SharingDB) error { func UpdateSharing(s *model.SharingDB) error {

63
server/handles/sharing.go
View File

@@ -408,7 +408,7 @@ func ListSharings(c *gin.Context) {
}) })
} }
type CreateSharingReq struct { type UpdateSharingReq struct {
Files []string `json:"files"` Files []string `json:"files"`
Expires *time.Time `json:"expires"` Expires *time.Time `json:"expires"`
Pwd string `json:"pwd"` Pwd string `json:"pwd"`
@@ -418,12 +418,9 @@ type CreateSharingReq struct {
Readme string `json:"readme"` Readme string `json:"readme"`
Header string `json:"header"` Header string `json:"header"`
model.Sort model.Sort
} CreatorName string `json:"creator"`
Accessed int `json:"accessed"`
type UpdateSharingReq struct { ID string `json:"id"`
ID string `json:"id"`
Accessed int `json:"accessed"`
CreateSharingReq
} }
func UpdateSharing(c *gin.Context) { func UpdateSharing(c *gin.Context) {
@@ -436,24 +433,38 @@ func UpdateSharing(c *gin.Context) {
common.ErrorStrResp(c, "must add at least 1 object", 400) common.ErrorStrResp(c, "must add at least 1 object", 400)
return return
} }
user := c.Request.Context().Value(conf.UserKey).(*model.User) var user *model.User
if !user.CanShare() { var err error
common.ErrorStrResp(c, "permission denied", 403) reqUser := c.Request.Context().Value(conf.UserKey).(*model.User)
return if reqUser.IsAdmin() && req.CreatorName != "" {
user, err = op.GetUserByName(req.CreatorName)
if err != nil {
common.ErrorStrResp(c, "no such a user", 400)
return
}
} else {
user = reqUser
if !user.CanShare() {
common.ErrorStrResp(c, "permission denied", 403)
return
}
} }
for i, s := range req.Files { for i, s := range req.Files {
s = utils.FixAndCleanPath(s) s = utils.FixAndCleanPath(s)
req.Files[i] = s req.Files[i] = s
if !user.IsAdmin() && !strings.HasPrefix(s, user.BasePath) { if !reqUser.IsAdmin() && !strings.HasPrefix(s, user.BasePath) {
common.ErrorStrResp(c, fmt.Sprintf("permission denied to share path [%s]", s), 500) common.ErrorStrResp(c, fmt.Sprintf("permission denied to share path [%s]", s), 500)
return return
} }
} }
s, err := op.GetSharingById(req.ID) s, err := op.GetSharingById(req.ID)
if err != nil || (!user.IsAdmin() && s.CreatorId != user.ID) { if err != nil || (!reqUser.IsAdmin() && s.CreatorId != user.ID) {
common.ErrorStrResp(c, "sharing not found", 404) common.ErrorStrResp(c, "sharing not found", 404)
return return
} }
if reqUser.IsAdmin() && req.CreatorName == "" {
user = s.Creator
}
s.Files = req.Files s.Files = req.Files
s.Expires = req.Expires s.Expires = req.Expires
s.Pwd = req.Pwd s.Pwd = req.Pwd
@@ -464,6 +475,7 @@ func UpdateSharing(c *gin.Context) {
s.Header = req.Header s.Header = req.Header
s.Readme = req.Readme s.Readme = req.Readme
s.Remark = req.Remark s.Remark = req.Remark
s.Creator = user
if err = op.UpdateSharing(s); err != nil { if err = op.UpdateSharing(s); err != nil {
common.ErrorResp(c, err, 500) common.ErrorResp(c, err, 500)
} else { } else {
@@ -476,7 +488,7 @@ func UpdateSharing(c *gin.Context) {
} }
func CreateSharing(c *gin.Context) { func CreateSharing(c *gin.Context) {
var req CreateSharingReq var req UpdateSharingReq
var err error var err error
if err = c.ShouldBind(&req); err != nil { if err = c.ShouldBind(&req); err != nil {
common.ErrorResp(c, err, 400) common.ErrorResp(c, err, 400)
@@ -486,24 +498,35 @@ func CreateSharing(c *gin.Context) {
common.ErrorStrResp(c, "must add at least 1 object", 400) common.ErrorStrResp(c, "must add at least 1 object", 400)
return return
} }
user := c.Request.Context().Value(conf.UserKey).(*model.User) var user *model.User
if !user.CanShare() { reqUser := c.Request.Context().Value(conf.UserKey).(*model.User)
common.ErrorStrResp(c, "permission denied", 403) if reqUser.IsAdmin() && req.CreatorName != "" {
return user, err = op.GetUserByName(req.CreatorName)
if err != nil {
common.ErrorStrResp(c, "no such a user", 400)
return
}
} else {
user = reqUser
if !user.CanShare() || (!user.IsAdmin() && req.ID != "") {
common.ErrorStrResp(c, "permission denied", 403)
return
}
} }
for i, s := range req.Files { for i, s := range req.Files {
s = utils.FixAndCleanPath(s) s = utils.FixAndCleanPath(s)
req.Files[i] = s req.Files[i] = s
if !user.IsAdmin() && !strings.HasPrefix(s, user.BasePath) { if !reqUser.IsAdmin() && !strings.HasPrefix(s, user.BasePath) {
common.ErrorStrResp(c, fmt.Sprintf("permission denied to share path [%s]", s), 500) common.ErrorStrResp(c, fmt.Sprintf("permission denied to share path [%s]", s), 500)
return return
} }
} }
s := &model.Sharing{ s := &model.Sharing{
SharingDB: &model.SharingDB{ SharingDB: &model.SharingDB{
ID: req.ID,
Expires: req.Expires, Expires: req.Expires,
Pwd: req.Pwd, Pwd: req.Pwd,
Accessed: 0, Accessed: req.Accessed,
MaxAccessed: req.MaxAccessed, MaxAccessed: req.MaxAccessed,
Disabled: req.Disabled, Disabled: req.Disabled,
Sort: req.Sort, Sort: req.Sort,