mirror of
https://github.com/AlistGo/alist.git
synced 2025-11-26 03:45:05 +08:00
00120cba27
* 标签管理 * pr检查优化 * feat(role): Implement role management functionality - Add role management routes in `server/router.go` for listing, getting, creating, updating, and deleting roles - Introduce `initRoles()` in `internal/bootstrap/data/data.go` for initializing roles during bootstrap - Create `internal/op/role.go` to handle role operations including caching and singleflight - Implement role handler functions in `server/handles/role.go` for API responses - Define database operations for roles in `internal/db/role.go` - Extend `internal/db/db.go` for role model auto-migration - Design `internal/model/role.go` to represent role structure with ID, name, description, base path, and permissions - Initialize default roles (`admin` and `guest`) in `internal/bootstrap/data/role.go` during startup * refactor(user roles): Support multiple roles for users - Change the `Role` field type from `int` to `[]int` in `drivers/alist_v3/types.go` and `drivers/quqi/types.go`. - Update the `Role` field in `internal/model/user.go` to use a new `Roles` type with JSON and database support. - Modify `IsGuest` and `IsAdmin` methods to check for roles using `Contains` method. - Update `GetUserByRole` method in `internal/db/user.go` to handle multiple roles. - Add `roles.go` to define a new `Roles` type with JSON marshalling and scanning capabilities. - Adjust code in `server/handles/user.go` to compare roles with `utils.SliceEqual`. - Change role initialization for users in `internal/bootstrap/data/dev.go` and `internal/bootstrap/data/user.go`. - Update `Role` handling in `server/handles/task.go`, `server/handles/ssologin.go`, and `server/handles/ldap_login.go`. * feat(user/role): Add path limit check for user and role permissions - Add new permission bit for checking path limits in `user.go` - Implement `CheckPathLimit` method in `User` struct to validate path access - Modify `JoinPath` method in `User` to enforce path limit checks - Update `role.go` to include path limit logic in `Role` struct - Document new permission bit in `Role` and `User` comments for clarity * feat(permission): Add role-based permission handling - Introduce `role_perm.go` for managing user permissions based on roles. - Implement `HasPermission` and `MergeRolePermissions` functions. - Update `webdav.go` to utilize role-based permissions instead of direct user checks. - Modify `fsup.go` to integrate `CanAccessWithRoles` function. - Refactor `fsread.go` to use `common.HasPermission` for permission validation. - Adjust `fsmanage.go` for role-based access control checks. - Enhance `ftp.go` and `sftp.go` to manage FTP access via roles. - Update `fsbatch.go` to employ `MergeRolePermissions` for batch operations. - Replace direct user permission checks with role-based permission handling across various modules. * refactor(user): Replace integer role values with role IDs - Change `GetAdmin()` and `GetGuest()` functions to retrieve role by name and use role ID. - Add patch for version `v3.45.2` to convert legacy integer roles to role IDs. - Update `dev.go` and `user.go` to use role IDs instead of integer values for roles. - Remove redundant code in `role.go` related to guest role creation. - Modify `ssologin.go` and `ldap_login.go` to set user roles to nil instead of using integer roles. - Introduce `convert_roles.go` to handle conversion of legacy roles and ensure role existence in the database. * feat(role_perm): implement support for multiple base paths for roles - Modify role permission checks to support multiple base paths - Update role creation and update functions to handle multiple base paths - Add migration script to convert old base_path to base_paths - Define new Paths type for handling multiple paths in the model - Adjust role model to replace BasePath with BasePaths - Update existing patches to handle roles with multiple base paths - Update bootstrap data to reflect the new base_paths field * feat(role): Restrict modifications to default roles (admin and guest) - Add validation to prevent changes to "admin" and "guest" roles in `UpdateRole` and `DeleteRole` functions. - Introduce `ErrChangeDefaultRole` error in `internal/errs/role.go` to standardize error messaging. - Update role-related API handlers in `server/handles/role.go` to enforce the new restriction. - Enhance comments in `internal/bootstrap/data/role.go` to clarify the significance of default roles. - Ensure consistent error responses for unauthorized role modifications across the application. * 🔄 **refactor(role): Enhance role permission handling** - Replaced `BasePaths` with `PermissionPaths` in `Role` struct for better permission granularity. - Introduced JSON serialization for `PermissionPaths` using `RawPermission` field in `Role` struct. - Implemented `BeforeSave` and `AfterFind` GORM hooks for handling `PermissionPaths` serialization. - Refactored permission calculation logic in `role_perm.go` to work with `PermissionPaths`. - Updated role creation logic to initialize `PermissionPaths` for `admin` and `guest` roles. - Removed deprecated `CheckPathLimit` method from `Role` struct. * fix(model/user/role): update permission settings for admin and role - Change `RawPermission` field in `role.go` to hide JSON representation - Update `Permission` field in `user.go` to `0xFFFF` for full access - Modify `PermissionScopes` in `role.go` to `0xFFFF` for enhanced permissions * 🔒 feat(role-permissions): Enhance role-based access control - Introduce `canReadPathByRole` function in `role_perm.go` to verify path access based on user roles - Modify `CanAccessWithRoles` to include role-based path read check - Add `RoleNames` and `Permissions` to `UserResp` struct in `auth.go` for enhanced user role and permission details - Implement role details aggregation in `auth.go` to populate `RoleNames` and `Permissions` - Update `User` struct in `user.go` to include `RolesDetail` for more detailed role information - Enhance middleware in `auth.go` to load and verify detailed role information for users - Move `guest` user initialization logic in `user.go` to improve code organization and avoid repetition * 🔒 fix(permissions): Add permission checks for archive operations - Add `MergeRolePermissions` and `HasPermission` checks to validate user access for reading archives - Ensure users have `PermReadArchives` before proceeding with `GetNearestMeta` in specific archive paths - Implement permission checks for decompress operations, requiring `PermDecompress` for source paths - Return `PermissionDenied` errors with 403 status if user lacks necessary permissions * 🔒 fix(server): Add permission check for offline download - Add permission merging logic for user roles - Check user has permission for offline download addition - Return error response with "permission denied" if check fails * ✨ feat(role-permission): Implement path-based role permission checks - Add `CheckPathLimitWithRoles` function to validate access based on `PermPathLimit` permission. - Integrate `CheckPathLimitWithRoles` in `offline_download` to enforce path-based access control. - Apply `CheckPathLimitWithRoles` across file system management operations (e.g., creation, movement, deletion). - Ensure `CheckPathLimitWithRoles` is invoked for batch operations and archive-related actions. - Update error handling to return `PermissionDenied` if the path validation fails. - Import `errs` package in `offline_download` for consistent error responses. * ✨ feat(role-permission): Implement path-based role permission checks - Add `CheckPathLimitWithRoles` function to validate access based on `PermPathLimit` permission. - Integrate `CheckPathLimitWithRoles` in `offline_download` to enforce path-based access control. - Apply `CheckPathLimitWithRoles` across file system management operations (e.g., creation, movement, deletion). - Ensure `CheckPathLimitWithRoles` is invoked for batch operations and archive-related actions. - Update error handling to return `PermissionDenied` if the path validation fails. - Import `errs` package in `offline_download` for consistent error responses. * ♻️ refactor(access-control): Update access control logic to use role-based checks - Remove deprecated logic from `CanAccess` function in `check.go`, replacing it with `CanAccessWithRoles` for improved role-based access control. - Modify calls in `search.go` to use `CanAccessWithRoles` for more precise handling of permissions. - Update `fsread.go` to utilize `CanAccessWithRoles`, ensuring accurate access validation based on user roles. - Simplify import statements in `check.go` by removing unused packages to clean up the codebase. * ✨ feat(fs): Improve visibility logic for hidden files - Import `server/common` package to handle permissions more robustly - Update `whetherHide` function to use `MergeRolePermissions` for user-specific path permissions - Replace direct user checks with `HasPermission` for `PermSeeHides` - Enhance logic to ensure `nil` user cases are handled explicitly * 标签管理 * feat(db/auth/user): Enhance role handling and clean permission paths - Comment out role modification checks in `server/handles/user.go` to allow flexible role changes. - Improve permission path handling in `server/handles/auth.go` by normalizing and deduplicating paths. - Introduce `addedPaths` map in `CurrentUser` to prevent duplicate permissions. * feat(storage/db): Implement role permissions path prefix update - Add `UpdateRolePermissionsPathPrefix` function in `role.go` to update role permissions paths. - Modify `storage.go` to call the new function when the mount path is renamed. - Introduce path cleaning and prefix matching logic for accurate path updates. - Ensure roles are updated only if their permission scopes are modified. - Handle potential errors with informative messages during database operations. * feat(role-migration): Implement role conversion and introduce NEWGENERAL role - Add `NEWGENERAL` to the roles enumeration in `user.go` - Create new file `convert_role.go` for migrating legacy roles to new model - Implement `ConvertLegacyRoles` function to handle role conversion with permission scopes - Add `convert_role.go` patch to `all.go` under version `v3.46.0` * feat(role/auth): Add role retrieval by user ID and update path prefixes - Add `GetRolesByUserID` function for efficient role retrieval by user ID - Implement `UpdateUserBasePathPrefix` to update user base paths - Modify `UpdateRolePermissionsPathPrefix` to return modified role IDs - Update `auth.go` middleware to use the new role retrieval function - Refresh role and user caches upon path prefix updates to maintain consistency --------- Co-authored-by: Leslie-Xy <540049476@qq.com>
429 lines
11 KiB
Go
429 lines
11 KiB
Go
package handles
|
|
|
|
import (
|
|
"encoding/json"
|
|
"fmt"
|
|
"github.com/alist-org/alist/v3/internal/task"
|
|
"net/url"
|
|
stdpath "path"
|
|
|
|
"github.com/alist-org/alist/v3/internal/archive/tool"
|
|
"github.com/alist-org/alist/v3/internal/conf"
|
|
"github.com/alist-org/alist/v3/internal/errs"
|
|
"github.com/alist-org/alist/v3/internal/fs"
|
|
"github.com/alist-org/alist/v3/internal/model"
|
|
"github.com/alist-org/alist/v3/internal/op"
|
|
"github.com/alist-org/alist/v3/internal/setting"
|
|
"github.com/alist-org/alist/v3/internal/sign"
|
|
"github.com/alist-org/alist/v3/pkg/utils"
|
|
"github.com/alist-org/alist/v3/server/common"
|
|
"github.com/gin-gonic/gin"
|
|
"github.com/pkg/errors"
|
|
log "github.com/sirupsen/logrus"
|
|
)
|
|
|
|
type ArchiveMetaReq struct {
|
|
Path string `json:"path" form:"path"`
|
|
Password string `json:"password" form:"password"`
|
|
Refresh bool `json:"refresh" form:"refresh"`
|
|
ArchivePass string `json:"archive_pass" form:"archive_pass"`
|
|
}
|
|
|
|
type ArchiveMetaResp struct {
|
|
Comment string `json:"comment"`
|
|
IsEncrypted bool `json:"encrypted"`
|
|
Content []ArchiveContentResp `json:"content"`
|
|
Sort *model.Sort `json:"sort,omitempty"`
|
|
RawURL string `json:"raw_url"`
|
|
Sign string `json:"sign"`
|
|
}
|
|
|
|
type ArchiveContentResp struct {
|
|
ObjResp
|
|
Children []ArchiveContentResp `json:"children"`
|
|
}
|
|
|
|
func toObjsRespWithoutSignAndThumb(obj model.Obj) ObjResp {
|
|
return ObjResp{
|
|
Name: obj.GetName(),
|
|
Size: obj.GetSize(),
|
|
IsDir: obj.IsDir(),
|
|
Modified: obj.ModTime(),
|
|
Created: obj.CreateTime(),
|
|
HashInfoStr: obj.GetHash().String(),
|
|
HashInfo: obj.GetHash().Export(),
|
|
Sign: "",
|
|
Thumb: "",
|
|
Type: utils.GetObjType(obj.GetName(), obj.IsDir()),
|
|
}
|
|
}
|
|
|
|
func toContentResp(objs []model.ObjTree) []ArchiveContentResp {
|
|
if objs == nil {
|
|
return nil
|
|
}
|
|
ret, _ := utils.SliceConvert(objs, func(src model.ObjTree) (ArchiveContentResp, error) {
|
|
return ArchiveContentResp{
|
|
ObjResp: toObjsRespWithoutSignAndThumb(src),
|
|
Children: toContentResp(src.GetChildren()),
|
|
}, nil
|
|
})
|
|
return ret
|
|
}
|
|
|
|
func FsArchiveMeta(c *gin.Context) {
|
|
var req ArchiveMetaReq
|
|
if err := c.ShouldBind(&req); err != nil {
|
|
common.ErrorResp(c, err, 400)
|
|
return
|
|
}
|
|
user := c.MustGet("user").(*model.User)
|
|
reqPath, err := user.JoinPath(req.Path)
|
|
if err != nil {
|
|
common.ErrorResp(c, err, 403)
|
|
return
|
|
}
|
|
if !common.CheckPathLimitWithRoles(user, reqPath) {
|
|
common.ErrorResp(c, errs.PermissionDenied, 403)
|
|
return
|
|
}
|
|
perm := common.MergeRolePermissions(user, reqPath)
|
|
if !common.HasPermission(perm, common.PermReadArchives) {
|
|
common.ErrorResp(c, errs.PermissionDenied, 403)
|
|
return
|
|
}
|
|
meta, err := op.GetNearestMeta(reqPath)
|
|
if err != nil {
|
|
if !errors.Is(errors.Cause(err), errs.MetaNotFound) {
|
|
common.ErrorResp(c, err, 500, true)
|
|
return
|
|
}
|
|
}
|
|
c.Set("meta", meta)
|
|
if !common.CanAccess(user, meta, reqPath, req.Password) {
|
|
common.ErrorStrResp(c, "password is incorrect or you have no permission", 403)
|
|
return
|
|
}
|
|
archiveArgs := model.ArchiveArgs{
|
|
LinkArgs: model.LinkArgs{
|
|
Header: c.Request.Header,
|
|
Type: c.Query("type"),
|
|
HttpReq: c.Request,
|
|
},
|
|
Password: req.ArchivePass,
|
|
}
|
|
ret, err := fs.ArchiveMeta(c, reqPath, model.ArchiveMetaArgs{
|
|
ArchiveArgs: archiveArgs,
|
|
Refresh: req.Refresh,
|
|
})
|
|
if err != nil {
|
|
if errors.Is(err, errs.WrongArchivePassword) {
|
|
common.ErrorResp(c, err, 202)
|
|
} else {
|
|
common.ErrorResp(c, err, 500)
|
|
}
|
|
return
|
|
}
|
|
s := ""
|
|
if isEncrypt(meta, reqPath) || setting.GetBool(conf.SignAll) {
|
|
s = sign.SignArchive(reqPath)
|
|
}
|
|
api := "/ae"
|
|
if ret.DriverProviding {
|
|
api = "/ad"
|
|
}
|
|
common.SuccessResp(c, ArchiveMetaResp{
|
|
Comment: ret.GetComment(),
|
|
IsEncrypted: ret.IsEncrypted(),
|
|
Content: toContentResp(ret.GetTree()),
|
|
Sort: ret.Sort,
|
|
RawURL: fmt.Sprintf("%s%s%s", common.GetApiUrl(c.Request), api, utils.EncodePath(reqPath, true)),
|
|
Sign: s,
|
|
})
|
|
}
|
|
|
|
type ArchiveListReq struct {
|
|
ArchiveMetaReq
|
|
model.PageReq
|
|
InnerPath string `json:"inner_path" form:"inner_path"`
|
|
}
|
|
|
|
type ArchiveListResp struct {
|
|
Content []ObjResp `json:"content"`
|
|
Total int64 `json:"total"`
|
|
}
|
|
|
|
func FsArchiveList(c *gin.Context) {
|
|
var req ArchiveListReq
|
|
if err := c.ShouldBind(&req); err != nil {
|
|
common.ErrorResp(c, err, 400)
|
|
return
|
|
}
|
|
req.Validate()
|
|
user := c.MustGet("user").(*model.User)
|
|
reqPath, err := user.JoinPath(req.Path)
|
|
if err != nil {
|
|
common.ErrorResp(c, err, 403)
|
|
return
|
|
}
|
|
if !common.CheckPathLimitWithRoles(user, reqPath) {
|
|
common.ErrorResp(c, errs.PermissionDenied, 403)
|
|
return
|
|
}
|
|
perm := common.MergeRolePermissions(user, reqPath)
|
|
if !common.HasPermission(perm, common.PermReadArchives) {
|
|
common.ErrorResp(c, errs.PermissionDenied, 403)
|
|
return
|
|
}
|
|
meta, err := op.GetNearestMeta(reqPath)
|
|
if err != nil {
|
|
if !errors.Is(errors.Cause(err), errs.MetaNotFound) {
|
|
common.ErrorResp(c, err, 500, true)
|
|
return
|
|
}
|
|
}
|
|
c.Set("meta", meta)
|
|
if !common.CanAccess(user, meta, reqPath, req.Password) {
|
|
common.ErrorStrResp(c, "password is incorrect or you have no permission", 403)
|
|
return
|
|
}
|
|
objs, err := fs.ArchiveList(c, reqPath, model.ArchiveListArgs{
|
|
ArchiveInnerArgs: model.ArchiveInnerArgs{
|
|
ArchiveArgs: model.ArchiveArgs{
|
|
LinkArgs: model.LinkArgs{
|
|
Header: c.Request.Header,
|
|
Type: c.Query("type"),
|
|
HttpReq: c.Request,
|
|
},
|
|
Password: req.ArchivePass,
|
|
},
|
|
InnerPath: utils.FixAndCleanPath(req.InnerPath),
|
|
},
|
|
Refresh: req.Refresh,
|
|
})
|
|
if err != nil {
|
|
if errors.Is(err, errs.WrongArchivePassword) {
|
|
common.ErrorResp(c, err, 202)
|
|
} else {
|
|
common.ErrorResp(c, err, 500)
|
|
}
|
|
return
|
|
}
|
|
total, objs := pagination(objs, &req.PageReq)
|
|
ret, _ := utils.SliceConvert(objs, func(src model.Obj) (ObjResp, error) {
|
|
return toObjsRespWithoutSignAndThumb(src), nil
|
|
})
|
|
common.SuccessResp(c, ArchiveListResp{
|
|
Content: ret,
|
|
Total: int64(total),
|
|
})
|
|
}
|
|
|
|
type StringOrArray []string
|
|
|
|
func (s *StringOrArray) UnmarshalJSON(data []byte) error {
|
|
var value string
|
|
if err := json.Unmarshal(data, &value); err == nil {
|
|
*s = []string{value}
|
|
return nil
|
|
}
|
|
var sliceValue []string
|
|
if err := json.Unmarshal(data, &sliceValue); err != nil {
|
|
return err
|
|
}
|
|
*s = sliceValue
|
|
return nil
|
|
}
|
|
|
|
type ArchiveDecompressReq struct {
|
|
SrcDir string `json:"src_dir" form:"src_dir"`
|
|
DstDir string `json:"dst_dir" form:"dst_dir"`
|
|
Name StringOrArray `json:"name" form:"name"`
|
|
ArchivePass string `json:"archive_pass" form:"archive_pass"`
|
|
InnerPath string `json:"inner_path" form:"inner_path"`
|
|
CacheFull bool `json:"cache_full" form:"cache_full"`
|
|
PutIntoNewDir bool `json:"put_into_new_dir" form:"put_into_new_dir"`
|
|
}
|
|
|
|
func FsArchiveDecompress(c *gin.Context) {
|
|
var req ArchiveDecompressReq
|
|
if err := c.ShouldBind(&req); err != nil {
|
|
common.ErrorResp(c, err, 400)
|
|
return
|
|
}
|
|
user := c.MustGet("user").(*model.User)
|
|
srcPaths := make([]string, 0, len(req.Name))
|
|
for _, name := range req.Name {
|
|
srcPath, err := user.JoinPath(stdpath.Join(req.SrcDir, name))
|
|
if err != nil {
|
|
common.ErrorResp(c, err, 403)
|
|
return
|
|
}
|
|
if !common.CheckPathLimitWithRoles(user, srcPath) {
|
|
common.ErrorResp(c, errs.PermissionDenied, 403)
|
|
return
|
|
}
|
|
srcPaths = append(srcPaths, srcPath)
|
|
}
|
|
dstDir, err := user.JoinPath(req.DstDir)
|
|
if err != nil {
|
|
common.ErrorResp(c, err, 403)
|
|
return
|
|
}
|
|
if !common.CheckPathLimitWithRoles(user, dstDir) {
|
|
common.ErrorResp(c, errs.PermissionDenied, 403)
|
|
return
|
|
}
|
|
tasks := make([]task.TaskExtensionInfo, 0, len(srcPaths))
|
|
for _, srcPath := range srcPaths {
|
|
perm := common.MergeRolePermissions(user, srcPath)
|
|
if !common.HasPermission(perm, common.PermDecompress) {
|
|
common.ErrorResp(c, errs.PermissionDenied, 403)
|
|
return
|
|
}
|
|
t, e := fs.ArchiveDecompress(c, srcPath, dstDir, model.ArchiveDecompressArgs{
|
|
ArchiveInnerArgs: model.ArchiveInnerArgs{
|
|
ArchiveArgs: model.ArchiveArgs{
|
|
LinkArgs: model.LinkArgs{
|
|
Header: c.Request.Header,
|
|
Type: c.Query("type"),
|
|
HttpReq: c.Request,
|
|
},
|
|
Password: req.ArchivePass,
|
|
},
|
|
InnerPath: utils.FixAndCleanPath(req.InnerPath),
|
|
},
|
|
CacheFull: req.CacheFull,
|
|
PutIntoNewDir: req.PutIntoNewDir,
|
|
})
|
|
if e != nil {
|
|
if errors.Is(e, errs.WrongArchivePassword) {
|
|
common.ErrorResp(c, e, 202)
|
|
} else {
|
|
common.ErrorResp(c, e, 500)
|
|
}
|
|
return
|
|
}
|
|
if t != nil {
|
|
tasks = append(tasks, t)
|
|
}
|
|
}
|
|
common.SuccessResp(c, gin.H{
|
|
"task": getTaskInfos(tasks),
|
|
})
|
|
}
|
|
|
|
func ArchiveDown(c *gin.Context) {
|
|
archiveRawPath := c.MustGet("path").(string)
|
|
innerPath := utils.FixAndCleanPath(c.Query("inner"))
|
|
password := c.Query("pass")
|
|
filename := stdpath.Base(innerPath)
|
|
storage, err := fs.GetStorage(archiveRawPath, &fs.GetStoragesArgs{})
|
|
if err != nil {
|
|
common.ErrorResp(c, err, 500)
|
|
return
|
|
}
|
|
if common.ShouldProxy(storage, filename) {
|
|
ArchiveProxy(c)
|
|
return
|
|
} else {
|
|
link, _, err := fs.ArchiveDriverExtract(c, archiveRawPath, model.ArchiveInnerArgs{
|
|
ArchiveArgs: model.ArchiveArgs{
|
|
LinkArgs: model.LinkArgs{
|
|
IP: c.ClientIP(),
|
|
Header: c.Request.Header,
|
|
Type: c.Query("type"),
|
|
HttpReq: c.Request,
|
|
Redirect: true,
|
|
},
|
|
Password: password,
|
|
},
|
|
InnerPath: innerPath,
|
|
})
|
|
if err != nil {
|
|
common.ErrorResp(c, err, 500)
|
|
return
|
|
}
|
|
down(c, link)
|
|
}
|
|
}
|
|
|
|
func ArchiveProxy(c *gin.Context) {
|
|
archiveRawPath := c.MustGet("path").(string)
|
|
innerPath := utils.FixAndCleanPath(c.Query("inner"))
|
|
password := c.Query("pass")
|
|
filename := stdpath.Base(innerPath)
|
|
storage, err := fs.GetStorage(archiveRawPath, &fs.GetStoragesArgs{})
|
|
if err != nil {
|
|
common.ErrorResp(c, err, 500)
|
|
return
|
|
}
|
|
if canProxy(storage, filename) {
|
|
// TODO: Support external download proxy URL
|
|
link, file, err := fs.ArchiveDriverExtract(c, archiveRawPath, model.ArchiveInnerArgs{
|
|
ArchiveArgs: model.ArchiveArgs{
|
|
LinkArgs: model.LinkArgs{
|
|
Header: c.Request.Header,
|
|
Type: c.Query("type"),
|
|
HttpReq: c.Request,
|
|
},
|
|
Password: password,
|
|
},
|
|
InnerPath: innerPath,
|
|
})
|
|
if err != nil {
|
|
common.ErrorResp(c, err, 500)
|
|
return
|
|
}
|
|
localProxy(c, link, file, storage.GetStorage().ProxyRange)
|
|
} else {
|
|
common.ErrorStrResp(c, "proxy not allowed", 403)
|
|
return
|
|
}
|
|
}
|
|
|
|
func ArchiveInternalExtract(c *gin.Context) {
|
|
archiveRawPath := c.MustGet("path").(string)
|
|
innerPath := utils.FixAndCleanPath(c.Query("inner"))
|
|
password := c.Query("pass")
|
|
rc, size, err := fs.ArchiveInternalExtract(c, archiveRawPath, model.ArchiveInnerArgs{
|
|
ArchiveArgs: model.ArchiveArgs{
|
|
LinkArgs: model.LinkArgs{
|
|
Header: c.Request.Header,
|
|
Type: c.Query("type"),
|
|
HttpReq: c.Request,
|
|
},
|
|
Password: password,
|
|
},
|
|
InnerPath: innerPath,
|
|
})
|
|
if err != nil {
|
|
common.ErrorResp(c, err, 500)
|
|
return
|
|
}
|
|
defer func() {
|
|
if err := rc.Close(); err != nil {
|
|
log.Errorf("failed to close file streamer, %v", err)
|
|
}
|
|
}()
|
|
headers := map[string]string{
|
|
"Referrer-Policy": "no-referrer",
|
|
"Cache-Control": "max-age=0, no-cache, no-store, must-revalidate",
|
|
}
|
|
filename := stdpath.Base(innerPath)
|
|
headers["Content-Disposition"] = fmt.Sprintf(`attachment; filename="%s"; filename*=UTF-8''%s`, filename, url.PathEscape(filename))
|
|
contentType := c.Request.Header.Get("Content-Type")
|
|
if contentType == "" {
|
|
contentType = utils.GetMimeType(filename)
|
|
}
|
|
c.DataFromReader(200, size, contentType, rc, headers)
|
|
}
|
|
|
|
func ArchiveExtensions(c *gin.Context) {
|
|
var ext []string
|
|
for key := range tool.Tools {
|
|
ext = append(ext, key)
|
|
}
|
|
common.SuccessResp(c, ext)
|
|
}
|