chore: update changelog

* some small css fixes and changes

* added basic auth
https://stackoverflow.com/a/9534652/3642588

* most tests are passing

* fixed all the tests

* maybe now CI will pass

* implemented sigoden's suggestions

* test basic auth

* fixed some little things

CHANGELOG.md

@@ -2,74 +2,99 @@
 
 All notable changes to this project will be documented in this file.
 
+## [0.20.0] - 2022-06-20
+
+### Bug Fixes
+
+- DecodeURI searching string ([#61](https://github.com/sigoden/dufs/issues/61))
+
+### Features
+
+- Added basic auth ([#60](https://github.com/sigoden/dufs/issues/60))
+- Add option --allow-search ([#62](https://github.com/sigoden/dufs/issues/62))
+
+## [0.19.0] - 2022-06-19
+
+### Features
+
+- [**breaking**] Path level access control ([#52](https://github.com/sigoden/dufs/issues/52))
+- Serve single file ([#54](https://github.com/sigoden/dufs/issues/54))
+- Ui hidden root dirname ([#58](https://github.com/sigoden/dufs/issues/58))
+- Reactive webpage ([#51](https://github.com/sigoden/dufs/issues/51))
+- [**breaking**] Rename to dufs ([#59](https://github.com/sigoden/dufs/issues/59))
+
+### Refactor
+
+- [**breaking**] Rename --cors to --enable-cors ([#57](https://github.com/sigoden/dufs/issues/57))
+
 ## [0.18.0] - 2022-06-18
 
 ### Features
 
-- Add option --render-try-index ([#47](https://github.com/sigoden/duf/issues/47))
+- Add option --render-try-index ([#47](https://github.com/sigoden/dufs/issues/47))
 - Add slash to end of dir href
 
 ## [0.17.1] - 2022-06-16
 
 ### Bug Fixes
 
-- Range request ([#44](https://github.com/sigoden/duf/issues/44))
+- Range request ([#44](https://github.com/sigoden/dufs/issues/44))
 
 ## [0.17.0] - 2022-06-15
 
 ### Bug Fixes
 
-- Webdav propfind dir with slash ([#42](https://github.com/sigoden/duf/issues/42))
+- Webdav propfind dir with slash ([#42](https://github.com/sigoden/dufs/issues/42))
 
 ### Features
 
-- Listen both ipv4 and ipv6 by default ([#40](https://github.com/sigoden/duf/issues/40))
+- Listen both ipv4 and ipv6 by default ([#40](https://github.com/sigoden/dufs/issues/40))
 
 ### Refactor
 
-- Trival changes ([#41](https://github.com/sigoden/duf/issues/41))
+- Trival changes ([#41](https://github.com/sigoden/dufs/issues/41))
 
 ## [0.16.0] - 2022-06-12
 
 ### Features
 
-- Implement head method ([#33](https://github.com/sigoden/duf/issues/33))
+- Implement head method ([#33](https://github.com/sigoden/dufs/issues/33))
-- Display upload speed and time left ([#34](https://github.com/sigoden/duf/issues/34))
+- Display upload speed and time left ([#34](https://github.com/sigoden/dufs/issues/34))
-- Support tls-key in pkcs#8 format ([#35](https://github.com/sigoden/duf/issues/35))
+- Support tls-key in pkcs#8 format ([#35](https://github.com/sigoden/dufs/issues/35))
 - Options method return status 200
 
 ### Testing
 
-- Add integration tests ([#36](https://github.com/sigoden/duf/issues/36))
+- Add integration tests ([#36](https://github.com/sigoden/dufs/issues/36))
 
 ## [0.15.1] - 2022-06-11
 
 ### Bug Fixes
 
-- Cannot upload ([#32](https://github.com/sigoden/duf/issues/32))
+- Cannot upload ([#32](https://github.com/sigoden/dufs/issues/32))
 
 ## [0.15.0] - 2022-06-10
 
 ### Bug Fixes
 
-- Encode webdav href as uri ([#28](https://github.com/sigoden/duf/issues/28))
+- Encode webdav href as uri ([#28](https://github.com/sigoden/dufs/issues/28))
 - Query dir param
 
 ### Features
 
-- Add basic dark theme ([#29](https://github.com/sigoden/duf/issues/29))
+- Add basic dark theme ([#29](https://github.com/sigoden/dufs/issues/29))
-- Add empty state placeholder to page([#30](https://github.com/sigoden/duf/issues/30))
+- Add empty state placeholder to page([#30](https://github.com/sigoden/dufs/issues/30))
 
 ## [0.14.0] - 2022-06-07
 
 ### Bug Fixes
 
-- Send index page with content-type ([#26](https://github.com/sigoden/duf/issues/26))
+- Send index page with content-type ([#26](https://github.com/sigoden/dufs/issues/26))
 
 ### Features
 
-- Support ipv6 ([#25](https://github.com/sigoden/duf/issues/25))
+- Support ipv6 ([#25](https://github.com/sigoden/dufs/issues/25))
-- Add favicon ([#27](https://github.com/sigoden/duf/issues/27))
+- Add favicon ([#27](https://github.com/sigoden/dufs/issues/27))
 
 ## [0.13.2] - 2022-06-06
 
@@ -82,11 +107,11 @@ All notable changes to this project will be documented in this file.
 
 ### Bug Fixes
 
-- Escape filename ([#21](https://github.com/sigoden/duf/issues/21))
+- Escape filename ([#21](https://github.com/sigoden/dufs/issues/21))
 
 ### Refactor
 
-- Use logger ([#22](https://github.com/sigoden/duf/issues/22))
+- Use logger ([#22](https://github.com/sigoden/dufs/issues/22))
 
 ## [0.13.0] - 2022-06-05
 
@@ -96,16 +121,16 @@ All notable changes to this project will be documented in this file.
 
 ### Features
 
-- Implement more webdav methods ([#13](https://github.com/sigoden/duf/issues/13))
+- Implement more webdav methods ([#13](https://github.com/sigoden/dufs/issues/13))
-- Use digest auth ([#14](https://github.com/sigoden/duf/issues/14))
+- Use digest auth ([#14](https://github.com/sigoden/dufs/issues/14))
-- Add webdav proppatch handler ([#18](https://github.com/sigoden/duf/issues/18))
+- Add webdav proppatch handler ([#18](https://github.com/sigoden/dufs/issues/18))
 
 ## [0.12.1] - 2022-06-04
 
 ### Features
 
-- Support webdav ([#10](https://github.com/sigoden/duf/issues/10))
+- Support webdav ([#10](https://github.com/sigoden/dufs/issues/10))
-- Remove unzip uploaded feature ([#11](https://github.com/sigoden/duf/issues/11))
+- Remove unzip uploaded feature ([#11](https://github.com/sigoden/dufs/issues/11))
 
 ## [0.11.0] - 2022-06-03
 

Cargo.lock

@@ -423,6 +423,7 @@ dependencies = [
  "bitflags",
  "clap_lex",
  "indexmap",
+ "terminal_size",
  "textwrap",
 ]
 
@@ -570,8 +571,8 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "fea41bba32d969b513997752735605054bc0dfa92b4c56bf1189f2e174be7a10"
 
 [[package]]
-name = "duf"
+name = "dufs"
-version = "0.18.0"
+version = "0.20.0"
 dependencies = [
  "assert_cmd",
  "assert_fs",
@@ -2146,6 +2147,16 @@ dependencies = [
  "utf-8",
 ]
 
+[[package]]
+name = "terminal_size"
+version = "0.1.17"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "633c1a546cee861a1a6d0dc69ebeca693bf4296661ba7852b9d21d159e0506df"
+dependencies = [
+ "libc",
+ "winapi 0.3.9",
+]
+
 [[package]]
 name = "termtree"
 version = "0.2.4"
@@ -2157,6 +2168,9 @@ name = "textwrap"
 version = "0.15.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "b1141d4d61095b28419e22cb0bbf02755f5e54e0526f97f1e3d1d160e60885fb"
+dependencies = [
+ "terminal_size",
+]
 
 [[package]]
 name = "thiserror"

Cargo.toml

@@ -1,17 +1,17 @@
 [package]
-name = "duf"
+name = "dufs"
-version = "0.18.0"
+version = "0.20.0"
 edition = "2021"
 authors = ["sigoden <sigoden@gmail.com>"]
-description = "Duf is a simple file server."
+description = "Dufs is a distinctive utility file server"
 license = "MIT OR Apache-2.0"
-homepage = "https://github.com/sigoden/duf"
+homepage = "https://github.com/sigoden/dufs"
-repository = "https://github.com/sigoden/duf"
+repository = "https://github.com/sigoden/dufs"
 categories = ["command-line-utilities", "web-programming::http-server"]
 keywords = ["static", "file", "server", "webdav", "cli"]
 
 [dependencies]
-clap = { version = "3", default-features = false, features = ["std"] }
+clap = { version = "3", default-features = false, features = ["std", "wrap_help"] }
 chrono = "0.4"
 tokio = { version = "1", features = ["rt-multi-thread", "macros", "fs", "io-util", "signal"]}
 tokio-rustls = "0.23"

Dockerfile

@@ -6,5 +6,5 @@ COPY . .
 RUN cargo build --target x86_64-unknown-linux-musl --release
 
 FROM scratch
-COPY --from=builder /app/target/x86_64-unknown-linux-musl/release/duf /bin/
+COPY --from=builder /app/target/x86_64-unknown-linux-musl/release/dufs /bin/
-ENTRYPOINT ["/bin/duf"]
+ENTRYPOINT ["/bin/dufs"]

README.md

@@ -1,11 +1,11 @@
-# Duf
+# Dufs (Old Name: Duf)
 
-[![CI](https://github.com/sigoden/duf/actions/workflows/ci.yaml/badge.svg)](https://github.com/sigoden/duf/actions/workflows/ci.yaml)
+[![CI](https://github.com/sigoden/dufs/actions/workflows/ci.yaml/badge.svg)](https://github.com/sigoden/dufs/actions/workflows/ci.yaml)
-[![Crates](https://img.shields.io/crates/v/duf.svg)](https://crates.io/crates/duf)
+[![Crates](https://img.shields.io/crates/v/dufs.svg)](https://crates.io/crates/dufs)
 
-Duf is a simple file server. Support static serve, search, upload, webdav...
+Dufs is a distinctive utility file server that supports static serving, uploading, searching, accessing control, webdav...
 
-![demo](https://user-images.githubusercontent.com/4012553/171526189-09afc2de-793f-4216-b3d5-31ea408d3610.png)
+![demo](https://user-images.githubusercontent.com/4012553/174486522-7af350e6-0195-4f4a-8480-d9464fc6452f.png)
 
 ## Features
 
@@ -14,7 +14,7 @@ Duf is a simple file server. Support static serve, search, upload, webdav...
 - Upload files and folders (Drag & Drop)
 - Search files
 - Partial responses (Parallel/Resume download)
-- Authentication
+- Path level access control
 - Support https
 - Support webdav
 - Easy to use with curl
@@ -24,44 +24,45 @@ Duf is a simple file server. Support static serve, search, upload, webdav...
 ### With cargo
 
 ```
-cargo install duf
+cargo install dufs
 ```
 
 ### With docker
 
 ```
-docker run -v `pwd`:/data -p 5000:5000 --rm -it sigoden/duf /data
+docker run -v `pwd`:/data -p 5000:5000 --rm -it sigoden/dufs /data
 ```
 
 ### Binaries on macOS, Linux, Windows
 
-Download from [Github Releases](https://github.com/sigoden/duf/releases), unzip and add duf to your $PATH.
+Download from [Github Releases](https://github.com/sigoden/dufs/releases), unzip and add dufs to your $PATH.
 
 ## CLI
 
 ```
-Duf is a simple file server. - https://github.com/sigoden/duf
+Dufs is a distinctive utility file server - https://github.com/sigoden/dufs
 
 USAGE:
-    duf [OPTIONS] [--] [path]
+    dufs [OPTIONS] [--] [path]
 
 ARGS:
-    <path>    Path to a root directory for serving files [default: .]
+    <path>    Specific path to serve [default: .]
 
 OPTIONS:
     -b, --bind <addr>...         Specify bind address
     -p, --port <port>            Specify port to listen on [default: 5000]
-        --path-prefix <path>    Specify an url path prefix
+        --path-prefix <path>     Specify an path prefix
-    -a, --auth <user:pass>      Use HTTP authentication
+    -a, --auth <rule>...         Add auth for path
-        --no-auth-access        Not required auth when access static files
+        --auth-method <value>    Select auth method [default: digest] [possible values: basic, digest]
     -A, --allow-all              Allow all operations
         --allow-upload           Allow upload files/folders
         --allow-delete           Allow delete files/folders
+        --allow-search           Allow search files/folders
         --allow-symlink          Allow symlink to files/folders outside root directory
-        --render-index          Render index.html when requesting a directory
+        --enable-cors            Enable CORS, sets `Access-Control-Allow-Origin: *`
-        --render-try-index      Render index.html if it exists when requesting a directory
+        --render-index           Serve index.html when requesting a directory, returns 404 if not found index.html
-        --render-spa            Render for single-page application
+        --render-try-index       Serve index.html when requesting a directory, returns file listing if not found index.html
-        --cors                  Enable CORS, sets `Access-Control-Allow-Origin: *`
+        --render-spa             Serve SPA(Single Page Application)
         --tls-cert <path>        Path to an SSL/TLS certificate to serve with HTTPS
         --tls-key <path>         Path to the SSL/TLS certificate's private key
     -h, --help                   Print help information
@@ -70,71 +71,118 @@ OPTIONS:
 
 ## Examples
 
-Serve current working directory, no upload/delete
+Serve current working directory
 
 ```
-duf
+dufs
 ```
 
-Allow upload/delete
+Explicitly allow all operations including upload/delete 
 
 ```
-duf -A
+dufs -A
+```
+
+Only allow upload operation
+
+```
+dufs --allow-upload
+```
+
+Serve a directory
+
+```
+dufs Downloads
+```
+
+Serve a single file
+
+```
+dufs linux-distro.iso
+```
+
+Serve index.html when requesting a directory
+
+```
+dufs --render-index
+```
+
+Serve SPA(Single Page Application)
+
+```
+dufs --render-spa
+```
+
+Require username/password
+
+```
+dufs -a /@admin:123
 ```
 
 Listen on a specific port
 
 ```
-duf -p 80
+dufs -p 80
-```
-
-Protect with authentication
-
-```
-duf -a admin:admin
-```
-
-For a single page application (SPA)
-
-```
-duf --render-spa
 ```
 
 Use https
 
 ```
-duf --tls-cert my.crt --tls-key my.key
+dufs --tls-cert my.crt --tls-key my.key
 ```
 
 ## API
 
 Download a file
 ```
-curl http://127.0.0.1:5000/some-file
+curl http://127.0.0.1:5000/path-to-file
 ```
 
 Download a folder as zip file
 
 ```
-curl -o some-folder.zip http://127.0.0.1:5000/some-folder?zip
+curl -o path-to-folder.zip http://127.0.0.1:5000/path-to-folder?zip
 ```
 
 Upload a file
 
 ```
-curl --upload-file some-file http://127.0.0.1:5000/some-file
+curl --upload-file path-to-file http://127.0.0.1:5000/path-to-file
 ```
 
 Delete a file/folder
 
 ```
-curl -X DELETE http://127.0.0.1:5000/some-file
+curl -X DELETE http://127.0.0.1:5000/path-to-file
 ```
 
+## Access Control
+
+Dufs supports path level access control. You can control who can do what on which path with `--auth`/`-a`.
+
+```
+dufs -a <path>@<readwrite>[@<readonly>]
+```
+
+- `<path>`: Path to protected
+- `<readwrite>`: Account with readwrite permission, required
+- `<readonly>`: Account with readonly permission, optional
+
+> `<readonly>` can be `*` means `<path>` is public, everyone can access/download it.
+
+For example:
+
+```
+dufs -a /@admin:pass@* -a /ui@designer:pass1 -A
+```
+- All files/folders are public to access/download.
+- Account `admin:pass` can upload/delete/download any files/folders.
+- Account `designer:pass1` can upload/delete/download any files/folders in the `ui` folder.
+
 ## License
 
-Copyright (c) 2022 duf-developers.
+Copyright (c) 2022 dufs-developers.
 
-duf is made available under the terms of either the MIT License or the Apache License 2.0, at your option.
+dufs is made available under the terms of either the MIT License or the Apache License 2.0, at your option.
 
 See the LICENSE-APACHE and LICENSE-MIT files for license details.

assets/index.css

@@ -1,15 +1,16 @@
 html {
-  font-family: -apple-system,BlinkMacSystemFont,Helvetica,Arial,sans-serif;
+  font-family: -apple-system,BlinkMacSystemFont,Roboto,Helvetica,Arial,sans-serif;
   line-height: 1.5;
   color: #24292e;
 }
 
 body {
-  width: 700px;
+  /* prevent premature breadcrumb wrapping on mobile */
+  min-width: 500px;
 }
 
 .hidden {
-  display: none;
+  display: none !important;
 }
 
 .head {
@@ -21,6 +22,7 @@ body {
 
 .breadcrumb {
   font-size: 1.25em;
+  padding-right: 0.6em;
 }
 
 .breadcrumb > a {
@@ -45,12 +47,16 @@ body {
 .breadcrumb svg {
   height: 100%;
   fill: rgba(3,47,98,0.5);
-  padding-right: 0.5em;
-  padding-left: 0.5em;
 }
 
 .toolbox {
   display: flex;
+  margin-right: 10px;
+}
+
+.toolbox > div {
+  /* vertically align with breadcrumb text */
+  height: 1.1rem;
 }
 
 .searchbar {
@@ -62,7 +68,7 @@ body {
   transition: all .15s;
   border: 1px #ddd solid;
   border-radius: 15px;
-  margin: 0 0 2px 10px;
+  margin-bottom: 2px;
 }
 
 .searchbar #search {
@@ -120,11 +126,6 @@ body {
   white-space: nowrap;
 }
 
-.uploaders-table .cell-name,
-.paths-table .cell-name {
-  width: 500px;
-}
-
 .uploaders-table .cell-status {
   width: 80px;
   padding-left: 0.6em;
@@ -147,15 +148,14 @@ body {
   padding-left: 0.6em;
 }
 
-
 .path svg {
   height: 100%;
   fill: rgba(3,47,98,0.5);
   padding-right: 0.5em;
+  vertical-align: text-top;
 }
 
 .path {
-  display: flex;
   list-style: none;
 }
 
@@ -166,6 +166,8 @@ body {
   overflow: hidden;
   display: block;
   text-decoration: none;
+  max-width: calc(100vw - 375px);
+  min-width: 200px;
 }
 
 .path a:hover {
@@ -184,6 +186,12 @@ body {
   padding-right: 1em;
 }
 
+@media (min-width: 768px) {
+  .path a {
+    min-width: 400px;
+  }
+}
+
 /* dark theme */
 @media (prefers-color-scheme: dark) {
   body {
@@ -202,8 +210,9 @@ body {
   }
 
   svg,
-  .path svg {
+  .path svg,
-    fill: #d0e6ff;
+  .breadcrumb svg {
+    fill: #fff;
   }
 
   .searchbar {

assets/index.html

@@ -22,7 +22,7 @@
         <input type="file" id="file" name="file" multiple>
       </div>
     </div>
-    <form class="searchbar">
+    <form class="searchbar hidden">
       <div class="icon">
         <svg width="16" height="16" fill="currentColor" viewBox="0 0 16 16"><path d="M11.742 10.344a6.5 6.5 0 1 0-1.397 1.398h-.001c.03.04.062.078.098.115l3.85 3.85a1 1 0 0 0 1.415-1.414l-3.85-3.85a1.007 1.007 0 0 0-.115-.1zM12 6.5a5.5 5.5 0 1 1-11 0 5.5 5.5 0 0 1 11 0z"/></svg>
       </div>
@@ -35,16 +35,16 @@
     <table class="uploaders-table hidden">
       <thead>
         <tr>
-          <th class="cell-name">Name</th>
+          <th class="cell-name" colspan="2">Name</th>
-          <th class="cell-status">Speed - Progress - Time Left</th>
+          <th class="cell-status">Progress</th>
         </tr>
       </thead>
     </table>
     <table class="paths-table hidden">
       <thead>
         <tr>
-          <th class="cell-name">Name</th>
+          <th class="cell-name" colspan="2">Name</th>
-          <th class="cell-mtime">Date modify</th>
+          <th class="cell-mtime">Last modified</th>
           <th class="cell-size">Size</th>
           <th class="cell-actions">Actions</th>
         </tr>

assets/index.js

@@ -29,10 +29,6 @@ let $uploadersTable;
  * @type Element
  */
 let $emptyFolder;
-/**
- * @type string
- */
-let baseDir;
 
 class Uploader {
   /**
@@ -71,8 +67,10 @@ class Uploader {
     let url = getUrl(name);
     $uploadersTable.insertAdjacentHTML("beforeend", `
   <tr id="upload${idx}" class="uploader">
+    <td class="path cell-icon">
+      ${getSvg(file.path_type)}
+    </td>
     <td class="path cell-name">
-      <div>${getSvg("File")}</div>
       <a href="${url}">${name}</a>
     </td>
     <td class="cell-status upload-status" id="uploadStatus${idx}"></td>
@@ -122,28 +120,38 @@ class Uploader {
 
 /**
  * Add breadcrumb
- * @param {string} value 
+ * @param {string} href 
+ * @param {string} uri_prefix
  */
-function addBreadcrumb(value) {
+function addBreadcrumb(href, uri_prefix) {
   const $breadcrumb = document.querySelector(".breadcrumb");
-  const parts = value.split("/").filter(v => !!v);
+  let parts = [];
+  if (href === "/") {
+    parts = [""];
+  } else {
+    parts = href.split("/");
+  }
   const len = parts.length;
-  let path = "";
+  let path = uri_prefix;
   for (let i = 0; i < len; i++) {
     const name = parts[i];
     if (i > 0) {
-      path  += "/" + name;
+      if (!path.endsWith("/")) {
+        path  += "/";
       }
-    if (i === len - 1) {
+      path += encodeURI(name);
+    }
+    if (i === 0) {
+      $breadcrumb.insertAdjacentHTML("beforeend", `<a href="${path}"><svg width="16" height="16" viewBox="0 0 16 16"><path d="M6.5 14.5v-3.505c0-.245.25-.495.5-.495h2c.25 0 .5.25.5.5v3.5a.5.5 0 0 0 .5.5h4a.5.5 0 0 0 .5-.5v-7a.5.5 0 0 0-.146-.354L13 5.793V2.5a.5.5 0 0 0-.5-.5h-1a.5.5 0 0 0-.5.5v1.293L8.354 1.146a.5.5 0 0 0-.708 0l-6 6A.5.5 0 0 0 1.5 7.5v7a.5.5 0 0 0 .5.5h4a.5.5 0 0 0 .5-.5z"/></svg></a>`);
+    } else if (i === len - 1) {
       $breadcrumb.insertAdjacentHTML("beforeend", `<b>${name}</b>`);
-      baseDir = name;
-    } else if (i === 0) {
-      $breadcrumb.insertAdjacentHTML("beforeend", `<a href="/"><b>${name}</b></a>`);
     } else {
-      $breadcrumb.insertAdjacentHTML("beforeend", `<a href="${encodeURI(path)}">${name}</a>`);
+      $breadcrumb.insertAdjacentHTML("beforeend", `<a href="${path}">${name}</a>`);
     }
+    if (i !== len - 1) {
       $breadcrumb.insertAdjacentHTML("beforeend", `<span class="separator">/</span>`);
     }
+  }
 }
 
 /**
@@ -185,8 +193,10 @@ function addPath(file, index) {
 
   $pathsTableBody.insertAdjacentHTML("beforeend", `
 <tr id="addPath${index}">
+  <td class="path cell-icon">
+    ${getSvg(file.path_type)}
+  </td>
   <td class="path cell-name">
-    <div>${getSvg(file.path_type)}</div>
     <a href="${url}" title="${file.name}">${file.name}</a>
   </td>
   <td class="cell-mtime">${formatMtime(file.mtime)}</td>
@@ -292,7 +302,7 @@ function formatMtime(mtime) {
   const day = padZero(date.getDate(), 2);
   const hours = padZero(date.getHours(), 2);
   const minutes = padZero(date.getMinutes(), 2);
-  return `${year}/${month}/${day} ${hours}:${minutes}`;
+  return `${year}-${month}-${day} ${hours}:${minutes}`;
 }
 
 function padZero(value, size) {
@@ -329,11 +339,15 @@ function ready() {
   $uploadersTable = document.querySelector(".uploaders-table");
   $emptyFolder = document.querySelector(".empty-folder");
 
+  if (DATA.allow_search) {
+    document.querySelector(".searchbar").classList.remove("hidden");
     if (params.q) {
       document.getElementById('search').value = params.q;
     }
+  }
 
-  addBreadcrumb(DATA.breadcrumb);
+
+  addBreadcrumb(DATA.href, DATA.uri_prefix);
   if (Array.isArray(DATA.paths)) {
     const len = DATA.paths.length;
     if (len > 0) {

src/args.rs

@@ -4,7 +4,8 @@ use std::env;
 use std::net::IpAddr;
 use std::path::{Path, PathBuf};
 
-use crate::auth::parse_auth;
+use crate::auth::AccessControl;
+use crate::auth::AuthMethod;
 use crate::tls::{load_certs, load_private_key};
 use crate::BoxResult;
 
@@ -39,25 +40,30 @@ fn app() -> Command<'static> {
             Arg::new("path")
                 .default_value(".")
                 .allow_invalid_utf8(true)
-                .help("Path to a root directory for serving files"),
+                .help("Specific path to serve"),
         )
         .arg(
             Arg::new("path-prefix")
                 .long("path-prefix")
                 .value_name("path")
-                .help("Specify an url path prefix"),
+                .help("Specify an path prefix"),
         )
         .arg(
             Arg::new("auth")
                 .short('a')
                 .long("auth")
-                .help("Use HTTP authentication")
+                .help("Add auth for path")
-                .value_name("user:pass"),
+                .multiple_values(true)
+                .multiple_occurrences(true)
+                .value_name("rule"),
         )
         .arg(
-            Arg::new("no-auth-access")
+            Arg::new("auth-method")
-                .long("no-auth-access")
+                .long("auth-method")
-                .help("Not required auth when access static files"),
+                .help("Select auth method")
+                .possible_values(["basic", "digest"])
+                .default_value("digest")
+                .value_name("value"),
         )
         .arg(
             Arg::new("allow-all")
@@ -75,30 +81,35 @@ fn app() -> Command<'static> {
                 .long("allow-delete")
                 .help("Allow delete files/folders"),
         )
+        .arg(
+            Arg::new("allow-search")
+                .long("allow-search")
+                .help("Allow search files/folders"),
+        )
         .arg(
             Arg::new("allow-symlink")
                 .long("allow-symlink")
                 .help("Allow symlink to files/folders outside root directory"),
         )
+        .arg(
+            Arg::new("enable-cors")
+                .long("enable-cors")
+                .help("Enable CORS, sets `Access-Control-Allow-Origin: *`"),
+        )
         .arg(
             Arg::new("render-index")
                 .long("render-index")
-                .help("Render index.html when requesting a directory"),
+                .help("Serve index.html when requesting a directory, returns 404 if not found index.html"),
         )
         .arg(
             Arg::new("render-try-index")
                 .long("render-try-index")
-                .help("Render index.html if it exists when requesting a directory"),
+                .help("Serve index.html when requesting a directory, returns file listing if not found index.html"),
         )
         .arg(
             Arg::new("render-spa")
                 .long("render-spa")
-                .help("Render for single-page application"),
+                .help("Serve SPA(Single Page Application)"),
-        )
-        .arg(
-            Arg::new("cors")
-                .long("cors")
-                .help("Enable CORS, sets `Access-Control-Allow-Origin: *`"),
         )
         .arg(
             Arg::new("tls-cert")
@@ -118,22 +129,24 @@ pub fn matches() -> ArgMatches {
     app().get_matches()
 }
 
-#[derive(Debug, Clone, Eq, PartialEq)]
+#[derive(Debug)]
 pub struct Args {
     pub addrs: Vec<IpAddr>,
     pub port: u16,
     pub path: PathBuf,
+    pub path_is_file: bool,
     pub path_prefix: String,
     pub uri_prefix: String,
-    pub auth: Option<(String, String)>,
+    pub auth_method: AuthMethod,
-    pub no_auth_access: bool,
+    pub auth: AccessControl,
     pub allow_upload: bool,
     pub allow_delete: bool,
+    pub allow_search: bool,
     pub allow_symlink: bool,
     pub render_index: bool,
     pub render_spa: bool,
     pub render_try_index: bool,
-    pub cors: bool,
+    pub enable_cors: bool,
     pub tls: Option<(Vec<Certificate>, PrivateKey)>,
 }
 
@@ -150,6 +163,7 @@ impl Args {
             .unwrap_or_else(|| vec!["0.0.0.0", "::"]);
         let addrs: Vec<IpAddr> = Args::parse_addrs(&addrs)?;
         let path = Args::parse_path(matches.value_of_os("path").unwrap_or_default())?;
+        let path_is_file = path.metadata()?.is_file();
         let path_prefix = matches
             .value_of("path-prefix")
             .map(|v| v.trim_matches('/').to_owned())
@@ -159,14 +173,19 @@ impl Args {
         } else {
             format!("/{}/", &path_prefix)
         };
-        let cors = matches.is_present("cors");
+        let enable_cors = matches.is_present("enable-cors");
-        let auth = match matches.value_of("auth") {
+        let auth: Vec<&str> = matches
-            Some(auth) => Some(parse_auth(auth)?),
+            .values_of("auth")
-            None => None,
+            .map(|v| v.collect())
+            .unwrap_or_default();
+        let auth_method = match matches.value_of("auth-method").unwrap() {
+            "basic" => AuthMethod::Basic,
+            _ => AuthMethod::Digest,
         };
-        let no_auth_access = matches.is_present("no-auth-access");
+        let auth = AccessControl::new(&auth, &uri_prefix)?;
         let allow_upload = matches.is_present("allow-all") || matches.is_present("allow-upload");
         let allow_delete = matches.is_present("allow-all") || matches.is_present("allow-delete");
+        let allow_search = matches.is_present("allow-all") || matches.is_present("allow-search");
         let allow_symlink = matches.is_present("allow-all") || matches.is_present("allow-symlink");
         let render_index = matches.is_present("render-index");
         let render_try_index = matches.is_present("render-try-index");
@@ -184,13 +203,15 @@ impl Args {
             addrs,
             port,
             path,
+            path_is_file,
             path_prefix,
             uri_prefix,
+            auth_method,
             auth,
-            no_auth_access,
+            enable_cors,
-            cors,
             allow_delete,
             allow_upload,
+            allow_search,
             allow_symlink,
             render_index,
             render_try_index,

src/auth.rs

@@ -1,4 +1,5 @@
 use headers::HeaderValue;
+use hyper::Method;
 use lazy_static::lazy_static;
 use md5::Context;
 use std::{
@@ -7,9 +8,10 @@ use std::{
 };
 use uuid::Uuid;
 
+use crate::utils::encode_uri;
 use crate::BoxResult;
 
-const REALM: &str = "DUF";
+const REALM: &str = "DUFS";
 
 lazy_static! {
     static ref NONCESTARTHASH: Context = {
@@ -20,7 +22,171 @@ lazy_static! {
     };
 }
 
-pub fn generate_www_auth(stale: bool) -> String {
+#[derive(Debug)]
+pub struct AccessControl {
+    rules: HashMap<String, PathControl>,
+}
+
+#[derive(Debug)]
+pub struct PathControl {
+    readwrite: Account,
+    readonly: Option<Account>,
+    share: bool,
+}
+
+impl AccessControl {
+    pub fn new(raw_rules: &[&str], uri_prefix: &str) -> BoxResult<Self> {
+        let mut rules = HashMap::default();
+        if raw_rules.is_empty() {
+            return Ok(Self { rules });
+        }
+        for rule in raw_rules {
+            let parts: Vec<&str> = rule.split('@').collect();
+            let create_err = || format!("Invalid auth `{}`", rule).into();
+            match parts.as_slice() {
+                [path, readwrite] => {
+                    let control = PathControl {
+                        readwrite: Account::new(readwrite).ok_or_else(create_err)?,
+                        readonly: None,
+                        share: false,
+                    };
+                    rules.insert(sanitize_path(path, uri_prefix), control);
+                }
+                [path, readwrite, readonly] => {
+                    let (readonly, share) = if *readonly == "*" {
+                        (None, true)
+                    } else {
+                        (Some(Account::new(readonly).ok_or_else(create_err)?), false)
+                    };
+                    let control = PathControl {
+                        readwrite: Account::new(readwrite).ok_or_else(create_err)?,
+                        readonly,
+                        share,
+                    };
+                    rules.insert(sanitize_path(path, uri_prefix), control);
+                }
+                _ => return Err(create_err()),
+            }
+        }
+        Ok(Self { rules })
+    }
+
+    pub fn guard(
+        &self,
+        path: &str,
+        method: &Method,
+        authorization: Option<&HeaderValue>,
+        auth_method: AuthMethod,
+    ) -> GuardType {
+        if self.rules.is_empty() {
+            return GuardType::ReadWrite;
+        }
+        let mut controls = vec![];
+        for path in walk_path(path) {
+            if let Some(control) = self.rules.get(path) {
+                controls.push(control);
+                if let Some(authorization) = authorization {
+                    let Account { user, pass } = &control.readwrite;
+                    if auth_method
+                        .validate(authorization, method.as_str(), user, pass)
+                        .is_some()
+                    {
+                        return GuardType::ReadWrite;
+                    }
+                }
+            }
+        }
+        if is_readonly_method(method) {
+            for control in controls.into_iter() {
+                if control.share {
+                    return GuardType::ReadOnly;
+                }
+                if let Some(authorization) = authorization {
+                    if let Some(Account { user, pass }) = &control.readonly {
+                        if auth_method
+                            .validate(authorization, method.as_str(), user, pass)
+                            .is_some()
+                        {
+                            return GuardType::ReadOnly;
+                        }
+                    }
+                }
+            }
+        }
+        GuardType::Reject
+    }
+}
+
+#[derive(Debug, Clone, Copy, PartialEq, Eq, PartialOrd, Ord)]
+pub enum GuardType {
+    Reject,
+    ReadWrite,
+    ReadOnly,
+}
+
+impl GuardType {
+    pub fn is_reject(&self) -> bool {
+        *self == GuardType::Reject
+    }
+}
+
+fn sanitize_path(path: &str, uri_prefix: &str) -> String {
+    encode_uri(&format!("{}{}", uri_prefix, path.trim_matches('/')))
+}
+
+fn walk_path(path: &str) -> impl Iterator<Item = &str> {
+    let mut idx = 0;
+    path.split('/').enumerate().map(move |(i, part)| {
+        let end = if i == 0 { 1 } else { idx + part.len() + i };
+        let value = &path[..end];
+        idx += part.len();
+        value
+    })
+}
+
+fn is_readonly_method(method: &Method) -> bool {
+    method == Method::GET
+        || method == Method::OPTIONS
+        || method == Method::HEAD
+        || method.as_str() == "PROPFIND"
+}
+
+#[derive(Debug, Clone)]
+struct Account {
+    user: String,
+    pass: String,
+}
+
+impl Account {
+    fn new(data: &str) -> Option<Self> {
+        let p: Vec<&str> = data.trim().split(':').collect();
+        if p.len() != 2 {
+            return None;
+        }
+        let user = p[0];
+        let pass = p[1];
+        let mut h = Context::new();
+        h.consume(format!("{}:{}:{}", user, REALM, pass).as_bytes());
+        Some(Account {
+            user: user.to_owned(),
+            pass: format!("{:x}", h.compute()),
+        })
+    }
+}
+
+#[derive(Debug, Clone)]
+pub enum AuthMethod {
+    Basic,
+    Digest,
+}
+
+impl AuthMethod {
+    pub fn www_auth(&self, stale: bool) -> String {
+        match self {
+            AuthMethod::Basic => {
+                format!("Basic realm=\"{}\"", REALM)
+            }
+            AuthMethod::Digest => {
                 let str_stale = if stale { "stale=true," } else { "" };
                 format!(
                     "Digest realm=\"{}\",nonce=\"{}\",{}qop=\"auth\"",
@@ -28,28 +194,40 @@ pub fn generate_www_auth(stale: bool) -> String {
                     create_nonce(),
                     str_stale
                 )
-}
-
-pub fn parse_auth(auth: &str) -> BoxResult<(String, String)> {
-    let p: Vec<&str> = auth.trim().split(':').collect();
-    let err = "Invalid auth value";
-    if p.len() != 2 {
-        return Err(err.into());
             }
-    let user = p[0];
+        }
-    let pass = p[1];
+    }
-    let mut h = Context::new();
+    pub fn validate(
-    h.consume(format!("{}:{}:{}", user, REALM, pass).as_bytes());
+        &self,
-    Ok((user.to_owned(), format!("{:x}", h.compute())))
+        authorization: &HeaderValue,
-}
-
-pub fn valid_digest(
-    header_value: &HeaderValue,
         method: &str,
         auth_user: &str,
         auth_pass: &str,
-) -> Option<()> {
+    ) -> Option<()> {
-    let digest_value = strip_prefix(header_value.as_bytes(), b"Digest ")?;
+        match self {
+            AuthMethod::Basic => {
+                let value: Vec<u8> =
+                    base64::decode(strip_prefix(authorization.as_bytes(), b"Basic ").unwrap())
+                        .unwrap();
+                let parts: Vec<&str> = std::str::from_utf8(&value).unwrap().split(':').collect();
+
+                if parts[0] != auth_user {
+                    return None;
+                }
+
+                let mut h = Context::new();
+                h.consume(format!("{}:{}:{}", parts[0], REALM, parts[1]).as_bytes());
+
+                let http_pass = format!("{:x}", h.compute());
+
+                if http_pass == auth_pass {
+                    return Some(());
+                }
+
+                None
+            }
+            AuthMethod::Digest => {
+                let digest_value = strip_prefix(authorization.as_bytes(), b"Digest ")?;
                 let user_vals = to_headermap(digest_value).ok()?;
                 if let (Some(username), Some(nonce), Some(user_response)) = (
                     user_vals
@@ -114,6 +292,9 @@ pub fn valid_digest(
                     }
                 }
                 None
+            }
+        }
+    }
 }
 
 /// Check if a nonce is still valid.

src/main.rs

@@ -3,6 +3,7 @@ mod auth;
 mod server;
 mod streamer;
 mod tls;
+mod utils;
 
 #[macro_use]
 extern crate log;

src/server.rs

@@ -1,5 +1,5 @@
-use crate::auth::{generate_www_auth, valid_digest};
 use crate::streamer::Streamer;
+use crate::utils::{decode_uri, encode_uri};
 use crate::{Args, BoxResult};
 use xml::escape::escape_str_pcdata;
 
@@ -19,7 +19,6 @@ use hyper::header::{
     CONTENT_TYPE, ORIGIN, RANGE, WWW_AUTHENTICATE,
 };
 use hyper::{Body, Method, StatusCode, Uri};
-use percent_encoding::percent_decode;
 use serde::Serialize;
 use std::fs::Metadata;
 use std::io::SeekFrom;
@@ -59,7 +58,7 @@ impl Server {
     ) -> Result<Response, hyper::Error> {
         let method = req.method().clone();
         let uri = req.uri().clone();
-        let cors = self.args.cors;
+        let enable_cors = self.args.enable_cors;
 
         let mut res = match self.handle(req).await {
             Ok(res) => {
@@ -77,7 +76,7 @@ impl Server {
             }
         };
 
-        if cors {
+        if enable_cors {
             add_cors(&mut res);
         }
         Ok(res)
@@ -86,16 +85,32 @@ impl Server {
     pub async fn handle(self: Arc<Self>, req: Request) -> BoxResult<Response> {
         let mut res = Response::default();
 
-        if !self.auth_guard(&req, &mut res) {
-            return Ok(res);
-        }
-
         let req_path = req.uri().path();
         let headers = req.headers();
         let method = req.method().clone();
 
         if req_path == "/favicon.ico" && method == Method::GET {
-            self.handle_send_favicon(req.headers(), &mut res).await?;
+            self.handle_send_favicon(headers, &mut res).await?;
+            return Ok(res);
+        }
+
+        let authorization = headers.get(AUTHORIZATION);
+        let guard_type = self.args.auth.guard(
+            req_path,
+            &method,
+            authorization,
+            self.args.auth_method.clone(),
+        );
+        if guard_type.is_reject() {
+            self.auth_reject(&mut res);
+            return Ok(res);
+        }
+
+        let head_only = method == Method::HEAD;
+
+        if self.args.path_is_file {
+            self.handle_send_file(&self.args.path, headers, head_only, &mut res)
+                .await?;
             return Ok(res);
         }
 
@@ -106,6 +121,7 @@ impl Server {
                 return Ok(res);
             }
         };
+
         let path = path.as_path();
 
         let query = req.uri().query().unwrap_or_default();
@@ -117,6 +133,7 @@ impl Server {
 
         let allow_upload = self.args.allow_upload;
         let allow_delete = self.args.allow_delete;
+        let allow_search = self.args.allow_search;
         let render_index = self.args.render_index;
         let render_spa = self.args.render_spa;
         let render_try_index = self.args.render_try_index;
@@ -128,7 +145,6 @@ impl Server {
 
         match method {
             Method::GET | Method::HEAD => {
-                let head_only = method == Method::HEAD;
                 if is_dir {
                     if render_try_index && query == "zip" {
                         self.handle_zip_dir(path, head_only, &mut res).await?;
@@ -137,8 +153,9 @@ impl Server {
                             .await?;
                     } else if query == "zip" {
                         self.handle_zip_dir(path, head_only, &mut res).await?;
-                    } else if let Some(q) = query.strip_prefix("q=") {
+                    } else if allow_search && query.starts_with("q=") {
-                        self.handle_query_dir(path, q, head_only, &mut res).await?;
+                        let q = decode_uri(&query[2..]).unwrap_or_default();
+                        self.handle_query_dir(path, &q, head_only, &mut res).await?;
                     } else {
                         self.handle_ls_dir(path, true, head_only, &mut res).await?;
                     }
@@ -218,7 +235,8 @@ impl Server {
                 "LOCK" => {
                     // Fake lock
                     if is_file {
-                        self.handle_lock(req_path, &mut res).await?;
+                        let has_auth = authorization.is_some();
+                        self.handle_lock(req_path, has_auth, &mut res).await?;
                     } else {
                         status_not_found(&mut res);
                     }
@@ -334,10 +352,7 @@ impl Server {
         res: &mut Response,
     ) -> BoxResult<()> {
         let (mut writer, reader) = tokio::io::duplex(BUF_SIZE);
-        let filename = path
+        let filename = get_file_name(path)?;
-            .file_name()
-            .and_then(|v| v.to_str())
-            .ok_or_else(|| format!("Failed to get name of `{}`", path.display()))?;
         res.headers_mut().insert(
             CONTENT_DISPOSITION,
             HeaderValue::from_str(&format!(
@@ -476,6 +491,13 @@ impl Server {
             );
         }
 
+        let filename = get_file_name(path)?;
+        res.headers_mut().insert(
+            CONTENT_DISPOSITION,
+            HeaderValue::from_str(&format!("inline; filename=\"{}\"", encode_uri(filename),))
+                .unwrap(),
+        );
+
         res.headers_mut().typed_insert(AcceptRanges::bytes());
 
         let size = meta.len();
@@ -618,11 +640,11 @@ impl Server {
         Ok(())
     }
 
-    async fn handle_lock(&self, req_path: &str, res: &mut Response) -> BoxResult<()> {
+    async fn handle_lock(&self, req_path: &str, auth: bool, res: &mut Response) -> BoxResult<()> {
-        let token = if self.args.auth.is_none() {
+        let token = if auth {
-            Utc::now().timestamp().to_string()
-        } else {
             format!("opaquelocktoken:{}", Uuid::new_v4())
+        } else {
+            Utc::now().timestamp().to_string()
         };
 
         res.headers_mut().insert(
@@ -668,15 +690,14 @@ impl Server {
         res: &mut Response,
     ) -> BoxResult<()> {
         paths.sort_unstable();
-        let rel_path = match self.args.path.parent() {
+        let href = format!("/{}", normalize_path(path.strip_prefix(&self.args.path)?));
-            Some(p) => path.strip_prefix(p).unwrap(),
-            None => path,
-        };
         let data = IndexData {
-            breadcrumb: normalize_path(rel_path),
+            href: href.clone(),
+            uri_prefix: self.args.uri_prefix.clone(),
             paths,
             allow_upload: self.args.allow_upload,
             allow_delete: self.args.allow_delete,
+            allow_search: self.args.allow_search,
             dir_exists: exist,
         };
         let data = serde_json::to_string(&data).unwrap();
@@ -684,17 +705,14 @@ impl Server {
             "__SLOT__",
             &format!(
                 r#"
-<title>Files in {}/ - Duf</title>
+<title>Index of {} - Dufs</title>
 <style>{}</style>
 <script>
 const DATA = 
 {}
 {}</script>
 "#,
-                rel_path.display(),
+                href, INDEX_CSS, data, INDEX_JS
-                INDEX_CSS,
-                data,
-                INDEX_JS
             ),
         );
         res.headers_mut()
@@ -708,34 +726,13 @@ const DATA =
         Ok(())
     }
 
-    fn auth_guard(&self, req: &Request, res: &mut Response) -> bool {
+    fn auth_reject(&self, res: &mut Response) {
-        let method = req.method();
+        let value = self.args.auth_method.www_auth(false);
-        let pass = {
-            match &self.args.auth {
-                None => true,
-                Some((user, pass)) => match req.headers().get(AUTHORIZATION) {
-                    Some(value) => {
-                        valid_digest(value, method.as_str(), user.as_str(), pass.as_str()).is_some()
-                    }
-                    None => {
-                        self.args.no_auth_access
-                            && (method == Method::GET
-                                || method == Method::OPTIONS
-                                || method == Method::HEAD
-                                || method.as_str() == "PROPFIND")
-                    }
-                },
-            }
-        };
-        if !pass {
-            let value = generate_www_auth(false);
         set_webdav_headers(res);
-            *res.status_mut() = StatusCode::UNAUTHORIZED;
         res.headers_mut().typed_insert(Connection::close());
         res.headers_mut()
             .insert(WWW_AUTHENTICATE, value.parse().unwrap());
-        }
+        *res.status_mut() = StatusCode::UNAUTHORIZED;
-        pass
     }
 
     async fn is_root_contained(&self, path: &Path) -> bool {
@@ -753,7 +750,7 @@ const DATA =
     }
 
     fn extract_path(&self, path: &str) -> Option<PathBuf> {
-        let decoded_path = percent_decode(path[1..].as_bytes()).decode_utf8().ok()?;
+        let decoded_path = decode_uri(&path[1..])?;
         let slashes_switched = if cfg!(windows) {
             decoded_path.replace('/', "\\")
         } else {
@@ -824,10 +821,12 @@ const DATA =
 
 #[derive(Debug, Serialize)]
 struct IndexData {
-    breadcrumb: String,
+    href: String,
+    uri_prefix: String,
     paths: Vec<PathItem>,
     allow_upload: bool,
     allow_delete: bool,
+    allow_search: bool,
     dir_exists: bool,
 }
 
@@ -1023,13 +1022,9 @@ fn parse_range(headers: &HeaderMap<HeaderValue>) -> Option<RangeValue> {
     }
 }
 
-fn encode_uri(v: &str) -> String {
-    let parts: Vec<_> = v.split('/').map(urlencoding::encode).collect();
-    parts.join("/")
-}
-
 fn status_forbid(res: &mut Response) {
     *res.status_mut() = StatusCode::FORBIDDEN;
+    *res.body_mut() = Body::from("Forbidden");
 }
 
 fn status_not_found(res: &mut Response) {
@@ -1041,6 +1036,12 @@ fn status_no_content(res: &mut Response) {
     *res.status_mut() = StatusCode::NO_CONTENT;
 }
 
+fn get_file_name(path: &Path) -> BoxResult<&str> {
+    path.file_name()
+        .and_then(|v| v.to_str())
+        .ok_or_else(|| format!("Failed to get file name of `{}`", path.display()).into())
+}
+
 fn set_webdav_headers(res: &mut Response) {
     res.headers_mut().insert(
         "Allow",

src/utils.rs

@@ -0,0 +1,12 @@
+use std::borrow::Cow;
+
+pub fn encode_uri(v: &str) -> String {
+    let parts: Vec<_> = v.split('/').map(urlencoding::encode).collect();
+    parts.join("/")
+}
+
+pub fn decode_uri(v: &str) -> Option<Cow<str>> {
+    percent_encoding::percent_decode(v.as_bytes())
+        .decode_utf8()
+        .ok()
+}

tests/allow.rs

@@ -59,3 +59,15 @@ fn allow_upload_delete_can_override(#[with(&["-A"])] server: TestServer) -> Resu
     assert_eq!(resp.status(), 201);
     Ok(())
 }
+
+#[rstest]
+fn allow_search(#[with(&["--allow-search"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}?q={}", server.url(), "test.html"))?;
+    assert_eq!(resp.status(), 200);
+    let paths = utils::retrive_index_paths(&resp.text()?);
+    assert!(!paths.is_empty());
+    for p in paths {
+        assert!(p.contains(&"test.html"));
+    }
+    Ok(())
+}

tests/args.rs

@@ -1,8 +1,11 @@
 mod fixtures;
 mod utils;
 
-use fixtures::{server, Error, TestServer};
+use assert_cmd::prelude::*;
+use assert_fs::fixture::TempDir;
+use fixtures::{port, server, tmpdir, wait_for_port, Error, TestServer};
 use rstest::rstest;
+use std::process::{Command, Stdio};
 
 #[rstest]
 fn path_prefix_index(#[with(&["--path-prefix", "xyz"])] server: TestServer) -> Result<(), Error> {
@@ -28,3 +31,23 @@ fn path_prefix_propfind(
     assert!(text.contains("<D:href>/xyz/</D:href>"));
     Ok(())
 }
+
+#[rstest]
+#[case("index.html")]
+fn serve_single_file(tmpdir: TempDir, port: u16, #[case] file: &str) -> Result<(), Error> {
+    let mut child = Command::cargo_bin("dufs")?
+        .env("RUST_LOG", "false")
+        .arg(tmpdir.path().join(file))
+        .arg("-p")
+        .arg(port.to_string())
+        .stdout(Stdio::piped())
+        .spawn()?;
+
+    wait_for_port(port);
+
+    let resp = reqwest::blocking::get(format!("http://localhost:{}/index.html", port))?;
+    assert_eq!(resp.text()?, "This is index.html");
+
+    child.kill()?;
+    Ok(())
+}

tests/auth.rs

@@ -6,7 +6,7 @@ use fixtures::{server, Error, TestServer};
 use rstest::rstest;
 
 #[rstest]
-fn no_auth(#[with(&["--auth", "user:pass", "-A"])] server: TestServer) -> Result<(), Error> {
+fn no_auth(#[with(&["--auth", "/@user:pass", "-A"])] server: TestServer) -> Result<(), Error> {
     let resp = reqwest::blocking::get(server.url())?;
     assert_eq!(resp.status(), 401);
     assert!(resp.headers().contains_key("www-authenticate"));
@@ -17,7 +17,7 @@ fn no_auth(#[with(&["--auth", "user:pass", "-A"])] server: TestServer) -> Result
 }
 
 #[rstest]
-fn auth(#[with(&["--auth", "user:pass", "-A"])] server: TestServer) -> Result<(), Error> {
+fn auth(#[with(&["--auth", "/@user:pass", "-A"])] server: TestServer) -> Result<(), Error> {
     let url = format!("{}file1", server.url());
     let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
     assert_eq!(resp.status(), 401);
@@ -29,10 +29,69 @@ fn auth(#[with(&["--auth", "user:pass", "-A"])] server: TestServer) -> Result<()
 }
 
 #[rstest]
-fn auth_skip_access(
+fn auth_skip(#[with(&["--auth", "/@user:pass@*"])] server: TestServer) -> Result<(), Error> {
-    #[with(&["--auth", "user:pass", "--no-auth-access"])] server: TestServer,
-) -> Result<(), Error> {
     let resp = reqwest::blocking::get(server.url())?;
     assert_eq!(resp.status(), 200);
     Ok(())
 }
+
+#[rstest]
+fn auth_readonly(
+    #[with(&["--auth", "/@user:pass@user2:pass2", "-A"])] server: TestServer,
+) -> Result<(), Error> {
+    let url = format!("{}index.html", server.url());
+    let resp = fetch!(b"GET", &url).send()?;
+    assert_eq!(resp.status(), 401);
+    let resp = fetch!(b"GET", &url).send_with_digest_auth("user2", "pass2")?;
+    assert_eq!(resp.status(), 200);
+    let url = format!("{}file1", server.url());
+    let resp = fetch!(b"PUT", &url)
+        .body(b"abc".to_vec())
+        .send_with_digest_auth("user2", "pass2")?;
+    assert_eq!(resp.status(), 401);
+    Ok(())
+}
+
+#[rstest]
+fn auth_nest(
+    #[with(&["--auth", "/@user:pass@user2:pass2", "--auth", "/dira@user3:pass3", "-A"])]
+    server: TestServer,
+) -> Result<(), Error> {
+    let url = format!("{}dira/file1", server.url());
+    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
+    assert_eq!(resp.status(), 401);
+    let resp = fetch!(b"PUT", &url)
+        .body(b"abc".to_vec())
+        .send_with_digest_auth("user3", "pass3")?;
+    assert_eq!(resp.status(), 201);
+    let resp = fetch!(b"PUT", &url)
+        .body(b"abc".to_vec())
+        .send_with_digest_auth("user", "pass")?;
+    assert_eq!(resp.status(), 201);
+    Ok(())
+}
+
+#[rstest]
+fn auth_nest_share(
+    #[with(&["--auth", "/@user:pass@*", "--auth", "/dira@user3:pass3", "-A"])] server: TestServer,
+) -> Result<(), Error> {
+    let url = format!("{}index.html", server.url());
+    let resp = fetch!(b"GET", &url).send()?;
+    assert_eq!(resp.status(), 200);
+    Ok(())
+}
+
+#[rstest]
+fn auth_basic(
+    #[with(&["--auth", "/@user:pass", "--auth-method", "basic", "-A"])] server: TestServer,
+) -> Result<(), Error> {
+    let url = format!("{}file1", server.url());
+    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
+    assert_eq!(resp.status(), 401);
+    let resp = fetch!(b"PUT", &url)
+        .body(b"abc".to_vec())
+        .basic_auth("user", Some("pass"))
+        .send()?;
+    assert_eq!(resp.status(), 201);
+    Ok(())
+}

tests/bind.rs

@@ -1,6 +1,6 @@
 mod fixtures;
 
-use fixtures::{port, server, tmpdir, Error, TestServer};
+use fixtures::{port, server, tmpdir, wait_for_port, Error, TestServer};
 
 use assert_cmd::prelude::*;
 use assert_fs::fixture::TempDir;
@@ -12,7 +12,7 @@ use std::process::{Command, Stdio};
 #[rstest]
 #[case(&["-b", "20.205.243.166"])]
 fn bind_fails(tmpdir: TempDir, port: u16, #[case] args: &[&str]) -> Result<(), Error> {
-    Command::cargo_bin("duf")?
+    Command::cargo_bin("dufs")?
         .env("RUST_LOG", "false")
         .arg(tmpdir.path())
         .arg("-p")
@@ -50,7 +50,7 @@ fn bind_ipv4_ipv6(
 #[case(&[] as &[&str])]
 #[case(&["--path-prefix", "/prefix"])]
 fn validate_printed_urls(tmpdir: TempDir, port: u16, #[case] args: &[&str]) -> Result<(), Error> {
-    let mut child = Command::cargo_bin("duf")?
+    let mut child = Command::cargo_bin("dufs")?
         .env("RUST_LOG", "false")
         .arg(tmpdir.path())
         .arg("-p")
@@ -59,6 +59,8 @@ fn validate_printed_urls(tmpdir: TempDir, port: u16, #[case] args: &[&str]) -> R
         .stdout(Stdio::piped())
         .spawn()?;
 
+    wait_for_port(port);
+
     // WARN assumes urls list is terminated by an empty line
     let url_lines = BufReader::new(child.stdout.take().unwrap())
         .lines()

tests/cors.rs

@@ -5,7 +5,7 @@ use fixtures::{server, Error, TestServer};
 use rstest::rstest;
 
 #[rstest]
-fn cors(#[with(&["--cors"])] server: TestServer) -> Result<(), Error> {
+fn cors(#[with(&["--enable-cors"])] server: TestServer) -> Result<(), Error> {
     let resp = reqwest::blocking::get(server.url())?;
 
     assert_eq!(
@@ -21,7 +21,7 @@ fn cors(#[with(&["--cors"])] server: TestServer) -> Result<(), Error> {
 }
 
 #[rstest]
-fn cors_options(#[with(&["--cors"])] server: TestServer) -> Result<(), Error> {
+fn cors_options(#[with(&["--enable-cors"])] server: TestServer) -> Result<(), Error> {
     let resp = fetch!(b"OPTIONS", server.url()).send()?;
 
     assert_eq!(

tests/fixtures.rs

@@ -83,7 +83,7 @@ pub fn port() -> u16 {
     free_local_port().expect("Couldn't find a free local port")
 }
 
-/// Run duf as a server; Start with a temporary directory, a free port and some
+/// Run dufs as a server; Start with a temporary directory, a free port and some
 /// optional arguments then wait for a while for the server setup to complete.
 #[fixture]
 #[allow(dead_code)]
@@ -94,7 +94,7 @@ where
 {
     let port = port();
     let tmpdir = tmpdir();
-    let child = Command::cargo_bin("duf")
+    let child = Command::cargo_bin("dufs")
         .expect("Couldn't find test binary")
         .env("RUST_LOG", "false")
         .arg(tmpdir.path())
@@ -122,7 +122,7 @@ where
 {
     let port = port();
     let tmpdir = tmpdir();
-    let child = Command::cargo_bin("duf")
+    let child = Command::cargo_bin("dufs")
         .expect("Couldn't find test binary")
         .env("RUST_LOG", "false")
         .arg(tmpdir.path())
@@ -142,7 +142,7 @@ where
 }
 
 /// Wait a max of 1s for the port to become available.
-fn wait_for_port(port: u16) {
+pub fn wait_for_port(port: u16) {
     let start_wait = Instant::now();
 
     while !port_check::is_port_reachable(format!("localhost:{}", port)) {

tests/http.rs

@@ -63,7 +63,7 @@ fn head_dir_zip(server: TestServer) -> Result<(), Error> {
 }
 
 #[rstest]
-fn get_dir_search(server: TestServer) -> Result<(), Error> {
+fn get_dir_search(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
     let resp = reqwest::blocking::get(format!("{}?q={}", server.url(), "test.html"))?;
     assert_eq!(resp.status(), 200);
     let paths = utils::retrive_index_paths(&resp.text()?);
@@ -75,7 +75,19 @@ fn get_dir_search(server: TestServer) -> Result<(), Error> {
 }
 
 #[rstest]
-fn head_dir_search(server: TestServer) -> Result<(), Error> {
+fn get_dir_search2(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}?q={}", server.url(), "😀.data"))?;
+    assert_eq!(resp.status(), 200);
+    let paths = utils::retrive_index_paths(&resp.text()?);
+    assert!(!paths.is_empty());
+    for p in paths {
+        assert!(p.contains(&"😀.data"));
+    }
+    Ok(())
+}
+
+#[rstest]
+fn head_dir_search(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
     let resp = fetch!(b"HEAD", format!("{}?q={}", server.url(), "test.html")).send()?;
     assert_eq!(resp.status(), 200);
     assert_eq!(
@@ -105,6 +117,7 @@ fn head_file(server: TestServer) -> Result<(), Error> {
     assert_eq!(resp.status(), 200);
     assert_eq!(resp.headers().get("content-type").unwrap(), "text/html");
     assert_eq!(resp.headers().get("accept-ranges").unwrap(), "bytes");
+    assert!(resp.headers().contains_key("content-disposition"));
     assert!(resp.headers().contains_key("etag"));
     assert!(resp.headers().contains_key("last-modified"));
     assert!(resp.headers().contains_key("content-length"));

tests/tls.rs

@@ -29,7 +29,7 @@ fn tls_works(#[case] server: TestServer) -> Result<(), Error> {
 /// Wrong path for cert throws error.
 #[rstest]
 fn wrong_path_cert() -> Result<(), Error> {
-    Command::cargo_bin("duf")?
+    Command::cargo_bin("dufs")?
         .args(&["--tls-cert", "wrong", "--tls-key", "tests/data/key.pem"])
         .assert()
         .failure()
@@ -41,7 +41,7 @@ fn wrong_path_cert() -> Result<(), Error> {
 /// Wrong paths for key throws errors.
 #[rstest]
 fn wrong_path_key() -> Result<(), Error> {
-    Command::cargo_bin("duf")?
+    Command::cargo_bin("dufs")?
         .args(&["--tls-cert", "tests/data/cert.pem", "--tls-key", "wrong"])
         .assert()
         .failure()