sigoden/dufs
1
0
Fork 0
mirror of https://github.com/sigoden/dufs.git synced 2026-04-09 00:59:02 +03:00
Code Issues 8 Packages Projects Releases 10 Wiki Activity

feat: revert supporting for forbidden permission (#352)

Browse Source
This commit is contained in:
sigoden
2024-01-17 11:31:26 +08:00
committed by GitHub
parent 3354b1face
commit 95eb648411
4 changed files with 14 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
src/auth.rs
View File

@@ -147,7 +147,7 @@ impl AccessPaths {
}
pub fn set_perm(&mut self, perm: AccessPerm) {
if !perm.inherit() {
if !perm.indexonly() {
self.perm = perm;
}
}
@@ -158,7 +158,6 @@ impl AccessPaths {
None => (item, AccessPerm::ReadOnly),
Some((path, "ro")) => (path, AccessPerm::ReadOnly),
Some((path, "rw")) => (path, AccessPerm::ReadWrite),
Some((path, "-")) => (path, AccessPerm::Forbidden),
_ => return None,
};
self.add(path, perm);
@@ -193,9 +192,6 @@ impl AccessPaths {
.filter(|v| !v.is_empty())
.collect();
let target = self.find_impl(&parts, self.perm)?;
if target.perm().forbidden() {
return None;
}
if writable && !target.perm().readwrite() {
return None;
}
@@ -203,13 +199,13 @@ impl AccessPaths {
}
fn find_impl(&self, parts: &[&str], perm: AccessPerm) -> Option<AccessPaths> {
let perm = if !self.perm.inherit() {
let perm = if !self.perm.indexonly() {
self.perm
} else {
perm
};
if parts.is_empty() {
if perm.inherit() {
if perm.indexonly() {
return Some(self.clone());
} else {
return Some(AccessPaths::new(perm));
@@ -218,7 +214,7 @@ impl AccessPaths {
let child = match self.children.get(parts[0]) {
Some(v) => v,
None => {
if perm.inherit() {
if perm.indexonly() {
return None;
} else {
return Some(AccessPaths::new(perm));
@@ -233,7 +229,7 @@ impl AccessPaths {
}
pub fn child_paths(&self, base: &Path) -> Vec<PathBuf> {
if !self.perm().inherit() {
if !self.perm().indexonly() {
return vec![base.to_path_buf()];
}
let mut output = vec![];
@@ -244,7 +240,7 @@ impl AccessPaths {
fn child_paths_impl(&self, output: &mut Vec<PathBuf>, base: &Path) {
for (name, child) in self.children.iter() {
let base = base.join(name);
if child.perm().inherit() {
if child.perm().indexonly() {
child.child_paths_impl(output, &base);
} else {
output.push(base)
@@ -256,24 +252,19 @@ impl AccessPaths {
#[derive(Debug, Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Default)]
pub enum AccessPerm {
#[default]
Inherit,
IndexOnly,
ReadOnly,
ReadWrite,
Forbidden,
}
impl AccessPerm {
pub fn inherit(&self) -> bool {
self == &AccessPerm::Inherit
pub fn indexonly(&self) -> bool {
self == &AccessPerm::IndexOnly
}
pub fn readwrite(&self) -> bool {
self == &AccessPerm::ReadWrite
}
pub fn forbidden(&self) -> bool {
self == &AccessPerm::Forbidden
}
}
pub fn www_authenticate(res: &mut Response, args: &Args) -> Result<()> {
@@ -576,7 +567,6 @@ mod tests {
paths.add("/dir1", AccessPerm::ReadWrite);
paths.add("/dir2/dir21", AccessPerm::ReadWrite);
paths.add("/dir2/dir21/dir211", AccessPerm::ReadOnly);
paths.add("/dir2/dir21/dir212", AccessPerm::Forbidden);
paths.add("/dir2/dir22", AccessPerm::ReadOnly);
paths.add("/dir2/dir22/dir221", AccessPerm::ReadWrite);
paths.add("/dir2/dir23/dir231", AccessPerm::ReadWrite);
@@ -621,6 +611,5 @@ mod tests {
Some(AccessPaths::new(AccessPerm::ReadOnly))
);
assert_eq!(paths.find("dir2/dir21/dir211/file", true), None);
assert_eq!(paths.find("dir2/dir21/dir212", false), None);
}
}

4
src/server.rs
View File

@@ -375,7 +375,7 @@ impl Server {
"PROPFIND" => {
if is_dir {
let access_paths =
if access_paths.perm().inherit() && authorization.is_none() {
if access_paths.perm().indexonly() && authorization.is_none() {
// see https://github.com/sigoden/dufs/issues/229
AccessPaths::new(AccessPerm::ReadOnly)
} else {
@@ -1230,7 +1230,7 @@ impl Server {
access_paths: AccessPaths,
) -> Result<Vec<PathItem>> {
let mut paths: Vec<PathItem> = vec![];
if access_paths.perm().inherit() {
if access_paths.perm().indexonly() {
for name in access_paths.child_names() {
let entry_path = entry_path.join(name);
self.add_pathitem(&mut paths, base_path, &entry_path).await;