chore(release): version v0.27.0

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,17 @@
+---
+name: Bug report
+about: Create a report to help us improve 
+---
+
+**Problem**
+
+<!-- A clear and concise description of what the bug is. -->
+
+**Log**
+
+If applicable, add logs to help explain your problem.
+
+**Environment:**
+ - Dufs version:
+ - Browser/Webdav Info: 
+ - OS Info: 

.github/ISSUE_TEMPLATE/feature_requst.md

@@ -0,0 +1,16 @@
+---
+name: Feature Request
+about: If you have any interesting advice, you can tell us.
+---
+
+## Specific Demand
+
+<!--
+What feature do you need, please describe it in detail.
+-->
+
+## Implement Suggestion
+
+<!--
+If you have any suggestion for complete this feature, you can tell us.
+-->

.github/dependabot.yml

@@ -0,0 +1,6 @@
+version: 2
+updates:
+  - package-ecosystem: "cargo" # See documentation for possible values
+    directory: "/" # Location of package manifests
+    schedule:
+      interval: "monthly"

.github/workflows/release.yaml

@@ -7,33 +7,67 @@ on:
 
 jobs:
   release:
-    name: Publish to Github Reelases
+    name: Publish to Github Relases
     outputs:
       rc: ${{ steps.check-tag.outputs.rc }}
 
     strategy:
       matrix:
-        target:
-        - aarch64-unknown-linux-musl
-        - aarch64-apple-darwin
-        - x86_64-apple-darwin
-        - x86_64-pc-windows-msvc
-        - x86_64-unknown-linux-musl
         include:
         - target: aarch64-unknown-linux-musl
           os: ubuntu-latest
           use-cross: true
+          cargo-flags: ""
         - target: aarch64-apple-darwin
           os: macos-latest
           use-cross: true
+          cargo-flags: ""
+        - target: aarch64-pc-windows-msvc
+          os: windows-latest
+          use-cross: true
+          cargo-flags: "--no-default-features"
         - target: x86_64-apple-darwin
           os: macos-latest
+          cargo-flags: ""
         - target: x86_64-pc-windows-msvc
           os: windows-latest
+          cargo-flags: ""
         - target: x86_64-unknown-linux-musl
           os: ubuntu-latest
           use-cross: true
-
+          cargo-flags: ""
+        - target: i686-unknown-linux-musl
+          os: ubuntu-latest
+          use-cross: true
+          cargo-flags: ""
+        - target: i686-pc-windows-msvc
+          os: windows-latest
+          use-cross: true
+          cargo-flags: ""
+        - target: armv7-unknown-linux-musleabihf
+          os: ubuntu-latest
+          use-cross: true
+          cargo-flags: ""
+        - target: arm-unknown-linux-musleabihf
+          os: ubuntu-latest
+          use-cross: true
+          cargo-flags: ""
+        - target: mips-unknown-linux-musl
+          os: ubuntu-latest
+          use-cross: true
+          cargo-flags: "--no-default-features"
+        - target: mipsel-unknown-linux-musl
+          os: ubuntu-latest
+          use-cross: true
+          cargo-flags: "--no-default-features"
+        - target: mips64-unknown-linux-gnuabi64
+          os: ubuntu-latest
+          use-cross: true
+          cargo-flags: "--no-default-features"
+        - target: mips64el-unknown-linux-gnuabi64
+          os: ubuntu-latest
+          use-cross: true
+          cargo-flags: "--no-default-features"
     runs-on: ${{matrix.os}}
 
     steps:
@@ -60,13 +94,6 @@ jobs:
         toolchain: stable
         profile: minimal # minimal component installation (ie, no documentation)
   
-    - name: Install prerequisites
-      shell: bash
-      run: |
-        case ${{ matrix.target }} in
-          aarch64-unknown-linux-musl) sudo apt-get -y update ; sudo apt-get -y install gcc-aarch64-linux-gnu ;;
-        esac
-
     - name: Show Version Information (Rust, cargo, GCC)
       shell: bash
       run: |
@@ -82,7 +109,7 @@ jobs:
       with:
         use-cross: ${{ matrix.use-cross }}
         command: build
-        args: --locked --release --target=${{ matrix.target }}
+        args: --locked --release --target=${{ matrix.target }} ${{ matrix.cargo-flags }}
 
     - name: Build Archive
       shell: bash
@@ -133,6 +160,8 @@ jobs:
     runs-on: ubuntu-latest
     needs: release
     steps:
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v1
       - name: Login to DockerHub
@@ -141,9 +170,16 @@ jobs:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
       - name: Build and push
-        id: docker_build
         uses: docker/build-push-action@v2
         with:
+          build-args: |
+            REPO=${{ github.repository }}
+            VER=${{ github.ref_name }}
+          platforms: |
+            linux/amd64
+            linux/arm64
+            linux/386
+            linux/arm/v7
           push: ${{ needs.release.outputs.rc == 'false' }}
           tags: ${{ github.repository }}:latest, ${{ github.repository }}:${{ github.ref_name }}
           

CHANGELOG.md

@@ -2,7 +2,61 @@
 
 All notable changes to this project will be documented in this file.
 
-## [0.22.0] - 2022-06-25
+## [0.27.0] - 2022-07-21
+
+### Features
+
+- Improve hidden to support glob ([#108](https://github.com/sigoden/dufs/issues/108))
+- Adjust digest auth timeout to 1day ([#110](https://github.com/sigoden/dufs/issues/110))
+
+## [0.26.0] - 2022-07-11
+
+### Bug Fixes
+
+- Cors headers ([#100](https://github.com/sigoden/dufs/issues/100))
+
+### Features
+
+- Make --path-prefix works on serving single file ([#102](https://github.com/sigoden/dufs/issues/102))
+
+## [0.25.0] - 2022-07-06
+
+### Features
+
+- Ui supports creating folder ([#91](https://github.com/sigoden/dufs/issues/91))
+- Ui supports move folder/file to new path ([#92](https://github.com/sigoden/dufs/issues/92))
+- Check permission on move/copy destination ([#93](https://github.com/sigoden/dufs/issues/93))
+- Add completions ([#97](https://github.com/sigoden/dufs/issues/97))
+- Limit the number of concurrent uploads ([#98](https://github.com/sigoden/dufs/issues/98))
+
+## [0.24.0] - 2022-07-02
+
+### Bug Fixes
+
+- Unexpect stack overflow when searching a lot ([#87](https://github.com/sigoden/dufs/issues/87))
+
+### Features
+
+- Allow search with --render-try-index ([#88](https://github.com/sigoden/dufs/issues/88))
+
+## [0.23.1] - 2022-06-30
+
+### Bug Fixes
+
+- Safari layout and compatibility ([#83](https://github.com/sigoden/dufs/issues/83))
+- Permissions of unzipped files ([#84](https://github.com/sigoden/dufs/issues/84))
+
+## [0.23.0] - 2022-06-29
+
+### Features
+
+- Use feature to conditional support tls ([#77](https://github.com/sigoden/dufs/issues/77))
+
+### Ci
+
+- Support more platforms ([#76](https://github.com/sigoden/dufs/issues/76))
+
+## [0.22.0] - 2022-06-26
 
 ### Features
 

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "dufs"
-version = "0.22.0"
+version = "0.27.0"
 edition = "2021"
 authors = ["sigoden <sigoden@gmail.com>"]
 description = "Dufs is a distinctive utility file server"
@@ -12,9 +12,9 @@ keywords = ["static", "file", "server", "webdav", "cli"]
 
 [dependencies]
 clap = { version = "3", default-features = false, features = ["std", "wrap_help"] }
+clap_complete = "3"
 chrono = "0.4"
 tokio = { version = "1", features = ["rt-multi-thread", "macros", "fs", "io-util", "signal"]}
-tokio-rustls = "0.23"
 tokio-util = { version = "0.7",  features = ["io-util"] }
 hyper = { version = "0.14", features = ["http1", "server", "tcp", "stream"] }
 percent-encoding = "2.1"
@@ -22,13 +22,13 @@ serde = { version = "1", features = ["derive"] }
 serde_json = "1"
 futures = "0.3"
 base64 = "0.13"
-async_zip = "0.0.7"
-async-walkdir = "0.2"
+async_zip = { version = "0.0.8", default-features = false, features = ["deflate"] }
 headers = "0.3"
 mime_guess = "2.0"
-get_if_addrs = "0.5"
-rustls = { version = "0.20", default-features = false, features = ["tls12"] }
-rustls-pemfile = "1"
+if-addrs = "0.7"
+rustls = { version = "0.20", default-features = false, features = ["tls12"], optional = true }
+rustls-pemfile = { version = "1", optional = true }
+tokio-rustls = { version = "0.23", optional = true }
 md5 = "0.7"
 lazy_static = "1.4"
 uuid = { version = "1.1", features = ["v4", "fast-rng"] }
@@ -37,6 +37,11 @@ xml-rs = "0.8"
 log = "0.4"
 socket2 = "0.4"
 async-stream = "0.3"
+walkdir = "2.3"
+
+[features]
+default = ["tls"]
+tls = ["rustls", "rustls-pemfile", "tokio-rustls"]
 
 [dev-dependencies]
 assert_cmd = "2"
@@ -44,7 +49,7 @@ reqwest = { version = "0.11", features = ["blocking", "multipart", "rustls-tls"]
 assert_fs = "1"
 select = "0.5"
 port_check = "0.1"
-rstest = "0.13"
+rstest = "0.15"
 regex = "1"
 pretty_assertions = "1.2"
 url = "2"

Dockerfile

@@ -1,10 +1,18 @@
-FROM rust:1.61 as builder
-RUN rustup target add x86_64-unknown-linux-musl
-RUN apt-get update && apt-get install --no-install-recommends -y musl-tools
-WORKDIR /app
-COPY . .
-RUN cargo build --target x86_64-unknown-linux-musl --release
+FROM alpine as builder
+ARG REPO VER TARGETPLATFORM
+RUN if [ "$TARGETPLATFORM" = "linux/amd64" ]; then \ 
+        TARGET="x86_64-unknown-linux-musl"; \
+    elif [  "$TARGETPLATFORM" = "linux/arm64" ]; then \
+        TARGET="aarch64-unknown-linux-musl"; \
+    elif [  "$TARGETPLATFORM" = "linux/386" ]; then \
+        TARGET="i686-unknown-linux-musl"; \
+    elif [  "$TARGETPLATFORM" = "linux/arm/v7" ]; then \
+        TARGET="armv7-unknown-linux-musleabihf"; \
+    fi && \
+    wget https://github.com/${REPO}/releases/download/${VER}/dufs-${VER}-${TARGET}.tar.gz && \
+    tar -xf dufs-${VER}-${TARGET}.tar.gz && \
+    mv dufs /bin/
 
 FROM scratch
-COPY --from=builder /app/target/x86_64-unknown-linux-musl/release/dufs /bin/
+COPY --from=builder /bin/dufs /bin/dufs
 ENTRYPOINT ["/bin/dufs"]

README.md

@@ -5,7 +5,7 @@
 
 Dufs is a distinctive utility file server that supports static serving, uploading, searching, accessing control, webdav...
 
-![demo](https://user-images.githubusercontent.com/4012553/174486522-7af350e6-0195-4f4a-8480-d9464fc6452f.png)
+![demo](https://user-images.githubusercontent.com/4012553/177549931-130383ef-0480-4911-b9c2-0d9534a624b7.png)
 
 ## Features
 
@@ -30,7 +30,7 @@ cargo install dufs
 ### With docker
 
 ```
-docker run -v `pwd`:/data -p 5000:5000 --rm -it sigoden/dufs /data
+docker run -v `pwd`:/data -p 5000:5000 --rm -it sigoden/dufs /data -A
 ```
 
 ### Binaries on macOS, Linux, Windows
@@ -51,7 +51,7 @@ ARGS:
 OPTIONS:
     -b, --bind <addr>...         Specify bind address
     -p, --port <port>            Specify port to listen on [default: 5000]
-        --path-prefix <path>     Specify an path prefix
+        --path-prefix <path>     Specify a path prefix
         --hidden <value>         Hide directories from directory listings, separated by `,`
     -a, --auth <rule>...         Add auth for path
         --auth-method <value>    Select auth method [default: digest] [possible values: basic, digest]
@@ -64,6 +64,7 @@ OPTIONS:
         --render-index           Serve index.html when requesting a directory, returns 404 if not found index.html
         --render-try-index       Serve index.html when requesting a directory, returns directory listing if not found index.html
         --render-spa             Serve SPA(Single Page Application)
+        --completions <shell>    Print shell completion script for <shell> [possible values: bash, elvish, fish, powershell, zsh]
         --tls-cert <path>        Path to an SSL/TLS certificate to serve with HTTPS
         --tls-key <path>         Path to the SSL/TLS certificate's private key
     -h, --help                   Print help information
@@ -78,7 +79,7 @@ Serve current working directory
 dufs
 ```
 
-Explicitly allow all operations including upload/delete 
+Allow all operations like upload/delete/search...
 
 ```
 dufs -A
@@ -90,7 +91,7 @@ Only allow upload operation
 dufs --allow-upload
 ```
 
-Serve a directory
+Serve a specific directory
 
 ```
 dufs Downloads
@@ -102,18 +103,18 @@ Serve a single file
 dufs linux-distro.iso
 ```
 
-Serve index.html when requesting a directory
-
-```
-dufs --render-index
-```
-
-Serve SPA(Single Page Application)
+Serve a single-page application like react/vue
 
 ```
 dufs --render-spa
 ```
 
+Serve a static website with index.html
+
+```
+dufs --render-index
+```
+
 Require username/password
 
 ```
@@ -140,6 +141,12 @@ dufs --tls-cert my.crt --tls-key my.key
 
 ## API
 
+Upload a file
+
+```
+curl -T path-to-file http://127.0.0.1:5000/new-path/path-to-file
+```
+
 Download a file
 ```
 curl http://127.0.0.1:5000/path-to-file
@@ -151,16 +158,10 @@ Download a folder as zip file
 curl -o path-to-folder.zip http://127.0.0.1:5000/path-to-folder?zip
 ```
 
-Upload a file
-
-```
-curl --upload-file path-to-file http://127.0.0.1:5000/path-to-file
-```
-
 Delete a file/folder
 
 ```
-curl -X DELETE http://127.0.0.1:5000/path-to-file
+curl -X DELETE http://127.0.0.1:5000/path-to-file-or-folder
 ```
 
 ## Access Control
@@ -180,11 +181,11 @@ dufs -a <path>@<readwrite>[@<readonly>|@*]
 For example:
 
 ```
-dufs -a /@admin:pass@* -a /ui@designer:pass1 -A
+dufs -a /@admin:pass1@* -a /ui@designer:pass2 -A
 ```
 - All files/folders are public to view/download.
-- Account `admin:pass` can upload/delete/view/download any files/folders.
-- Account `designer:pass1` can upload/delete/view/download any files/folders in the `ui` folder.
+- Account `admin:pass1` can upload/delete/view/download any files/folders.
+- Account `designer:pass2` can upload/delete/view/download any files/folders in the `ui` folder.
 
 ## License
 

assets/index.css

@@ -59,6 +59,15 @@ body {
   height: 1.1rem;
 }
 
+.toolbox .control {
+  cursor: pointer;
+  padding-left: 0.25em;
+}
+
+.upload-file input {
+  display: none;
+}
+
 .searchbar {
   display: flex;
   flex-wrap: nowrap;
@@ -90,15 +99,6 @@ body {
   cursor: pointer;
 }
 
-.upload-control {
-  cursor: pointer;
-  padding-left: 0.25em;
-}
-
-.upload-control input {
-  display: none;
-}
-
 .upload-status span {
   width: 70px;
   display: inline-block;
@@ -132,7 +132,7 @@ body {
 }
 
 .paths-table .cell-actions {
-  width: 60px;
+  width: 75px;
   display: flex;
   padding-left: 0.6em;
 }
@@ -149,7 +149,7 @@ body {
 }
 
 .path svg {
-  height: 100%;
+  height: 16px;
   fill: rgba(3,47,98,0.5);
   padding-right: 0.5em;
   vertical-align: text-top;
@@ -175,7 +175,7 @@ body {
 }
 
 .action-btn {
-  padding-left: 0.4em;
+  padding-right: 0.3em;
 }
 
 .uploaders-table {

assets/index.html

@@ -15,12 +15,18 @@
           <svg width="16" height="16" viewBox="0 0 16 16"><path d="M.5 9.9a.5.5 0 0 1 .5.5v2.5a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1v-2.5a.5.5 0 0 1 1 0v2.5a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2v-2.5a.5.5 0 0 1 .5-.5z"/><path d="M7.646 11.854a.5.5 0 0 0 .708 0l3-3a.5.5 0 0 0-.708-.708L8.5 10.293V1.5a.5.5 0 0 0-1 0v8.793L5.354 8.146a.5.5 0 1 0-.708.708l3 3z"/></svg>
         </a>
       </div>
-      <div class="upload-control hidden" title="Upload files">
+      <div class="control upload-file hidden" title="Upload files">
         <label for="file">
           <svg width="16" height="16" viewBox="0 0 16 16"><path d="M.5 9.9a.5.5 0 0 1 .5.5v2.5a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1v-2.5a.5.5 0 0 1 1 0v2.5a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2v-2.5a.5.5 0 0 1 .5-.5z"/><path d="M7.646 1.146a.5.5 0 0 1 .708 0l3 3a.5.5 0 0 1-.708.708L8.5 2.707V11.5a.5.5 0 0 1-1 0V2.707L5.354 4.854a.5.5 0 1 1-.708-.708l3-3z"/></svg>
         </label>
         <input type="file" id="file" name="file" multiple>
       </div>
+      <div class="control new-folder hidden" title="New folder">
+        <svg width="16" height="16" viewBox="0 0 16 16">
+          <path d="m.5 3 .04.87a1.99 1.99 0 0 0-.342 1.311l.637 7A2 2 0 0 0 2.826 14H9v-1H2.826a1 1 0 0 1-.995-.91l-.637-7A1 1 0 0 1 2.19 4h11.62a1 1 0 0 1 .996 1.09L14.54 8h1.005l.256-2.819A2 2 0 0 0 13.81 3H9.828a2 2 0 0 1-1.414-.586l-.828-.828A2 2 0 0 0 6.172 1H2.5a2 2 0 0 0-2 2zm5.672-1a1 1 0 0 1 .707.293L7.586 3H2.19c-.24 0-.47.042-.683.12L1.5 2.98a1 1 0 0 1 1-.98h3.672z"/>
+          <path d="M13.5 10a.5.5 0 0 1 .5.5V12h1.5a.5.5 0 1 1 0 1H14v1.5a.5.5 0 1 1-1 0V13h-1.5a.5.5 0 0 1 0-1H13v-1.5a.5.5 0 0 1 .5-.5z"/>
+        </svg>
+      </div>
     </div>
     <form class="searchbar hidden">
       <div class="icon">

assets/index.js

@@ -29,48 +29,38 @@ let $uploadersTable;
  * @type Element
  */
 let $emptyFolder;
-
-class Uploader {
-  /**
-   * @type number
-   */
-  idx;
-  /**
-   * @type File
-   */
-  file;
-  /**
-   * @type string
-   */
-  name;
 /**
  * @type Element
  */
-  $uploadStatus;
+let $newFolder;
+
+class Uploader {
   /**
-   * @type number
+   * 
+   * @param {File} file 
+   * @param {string[]} dirs 
    */
-  uploaded = 0;
-  /**
-   * @type number
-   */
-  lastUptime = 0;
-  static globalIdx = 0;
   constructor(file, dirs) {
+    /**
+     * @type Element
+     */
+    this.$uploadStatus = null
+    this.uploaded = 0;
+    this.lastUptime = 0;
     this.name = [...dirs, file.name].join("/");
     this.idx = Uploader.globalIdx++;
     this.file = file;
   }
 
   upload() {
-    const { file, idx, name } = this;
+    const { idx, name } = this;
     const url = getUrl(name);
     const encodedUrl = encodedStr(url);
     const encodedName = encodedStr(name);
     $uploadersTable.insertAdjacentHTML("beforeend", `
   <tr id="upload${idx}" class="uploader">
     <td class="path cell-icon">
-      ${getSvg(file.path_type)}
+      ${getSvg()}
     </td>
     <td class="path cell-name">
       <a href="${encodedUrl}">${encodedName}</a>
@@ -80,8 +70,15 @@ class Uploader {
     $uploadersTable.classList.remove("hidden");
     $emptyFolder.classList.add("hidden");
     this.$uploadStatus = document.getElementById(`uploadStatus${idx}`);
-    this.lastUptime = Date.now();
+    this.$uploadStatus.innerHTML = '-';
+    Uploader.queues.push(this);
+    Uploader.runQueue();
+  }
 
+  ajax() {
+    Uploader.runings += 1;
+    const url = getUrl(this.name);
+    this.lastUptime = Date.now();
     const ajax = new XMLHttpRequest();
     ajax.upload.addEventListener("progress", e => this.progress(e), false);
     ajax.addEventListener("readystatechange", () => {
@@ -96,13 +93,14 @@ class Uploader {
     ajax.addEventListener("error", () => this.fail(), false);
     ajax.addEventListener("abort", () => this.fail(), false);
     ajax.open("PUT", url);
-    ajax.send(file);
+    ajax.send(this.file);
   }
   
+
   progress(event) {
-    let now = Date.now();
-    let speed = (event.loaded - this.uploaded) / (now - this.lastUptime) * 1000;
-    let [speedValue, speedUnit] = formatSize(speed);
+    const now = Date.now();
+    const speed = (event.loaded - this.uploaded) / (now - this.lastUptime) * 1000;
+    const [speedValue, speedUnit] = formatSize(speed);
     const speedText = `${speedValue}${speedUnit.toLowerCase()}/s`;
     const progress = formatPercent((event.loaded / event.total) * 100);
     const duration = formatDuration((event.total - event.loaded) / speed)
@@ -113,13 +111,34 @@ class Uploader {
 
   complete() {
     this.$uploadStatus.innerHTML = `✓`;
+    Uploader.runings -= 1;
+    Uploader.runQueue();
   }
 
   fail() {
     this.$uploadStatus.innerHTML = `✗`;
+    Uploader.runings -= 1;
+    Uploader.runQueue();
   }
 }
 
+Uploader.globalIdx = 0;
+
+Uploader.runings = 0;
+
+/**
+ * @type Uploader[]
+ */
+Uploader.queues = [];
+
+
+Uploader.runQueue = () => {
+  if (Uploader.runings > 2) return;
+  let uploader = Uploader.queues.shift();
+  if (!uploader) return;
+  uploader.ajax();
+}
+
 /**
  * Add breadcrumb
  * @param {string} href 
@@ -169,6 +188,7 @@ function addPath(file, index) {
   let encodedUrl = encodedStr(url);
   let actionDelete = "";
   let actionDownload = "";
+  let actionMove = "";
   if (file.path_type.endsWith("Dir")) {
     url += "/";
     encodedUrl += "/";
@@ -187,14 +207,21 @@ function addPath(file, index) {
     </div>`;
   }
   if (DATA.allow_delete) {
+    if (DATA.allow_upload) {
+      actionMove = `
+      <div onclick="movePath(${index})" class="action-btn" id="moveBtn${index}" title="Move to new path">
+        <svg width="16" height="16" viewBox="0 0 16 16"><path fill-rule="evenodd" d="M1.5 1.5A.5.5 0 0 0 1 2v4.8a2.5 2.5 0 0 0 2.5 2.5h9.793l-3.347 3.346a.5.5 0 0 0 .708.708l4.2-4.2a.5.5 0 0 0 0-.708l-4-4a.5.5 0 0 0-.708.708L13.293 8.3H3.5A1.5 1.5 0 0 1 2 6.8V2a.5.5 0 0 0-.5-.5z"/></svg>
+      </div>`;
+    }
     actionDelete = `
-    <div onclick="deletePath(${index})" class="action-btn" id="deleteBtn${index}" title="Delete ${encodedName}">
+    <div onclick="deletePath(${index})" class="action-btn" id="deleteBtn${index}" title="Delete">
       <svg width="16" height="16" fill="currentColor"viewBox="0 0 16 16"><path d="M6.854 7.146a.5.5 0 1 0-.708.708L7.293 9l-1.147 1.146a.5.5 0 0 0 .708.708L8 9.707l1.146 1.147a.5.5 0 0 0 .708-.708L8.707 9l1.147-1.146a.5.5 0 0 0-.708-.708L8 8.293 6.854 7.146z"/><path d="M14 14V4.5L9.5 0H4a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h8a2 2 0 0 0 2-2zM9.5 3A1.5 1.5 0 0 0 11 4.5h2V14a1 1 0 0 1-1 1H4a1 1 0 0 1-1-1V2a1 1 0 0 1 1-1h5.5v2z"/></svg>
     </div>`;
   }
   let actionCell = `
   <td class="cell-actions">
     ${actionDownload}
+    ${actionMove}
     ${actionDelete}
   </td>`
 
@@ -213,7 +240,7 @@ function addPath(file, index) {
 }
 
 /**
- * Delete pathitem
+ * Delete path
  * @param {number} index 
  * @returns 
  */
@@ -243,6 +270,44 @@ async function deletePath(index) {
   }
 }
 
+
+/**
+ * Move path
+ * @param {number} index 
+ * @returns 
+ */
+async function movePath(index) {
+  const file = DATA.paths[index];
+  if (!file) return;
+
+  const fileUrl = getUrl(file.name);
+  const fileUrlObj = new URL(fileUrl)
+
+  const prefix = DATA.uri_prefix.slice(0, -1);
+    
+  const filePath = decodeURIComponent(fileUrlObj.pathname.slice(prefix.length));
+
+  const newPath = prompt("Enter new path", filePath)
+  if (!newPath || filePath === newPath) return;
+  const newFileUrl = fileUrlObj.origin + prefix + encodeURI(newPath);
+
+  try {
+    const res = await fetch(getUrl(file.name), {
+      method: "MOVE",
+      headers: {
+        "Destination": newFileUrl,
+      }
+    });
+    if (res.status >= 200 && res.status < 300) {
+      location.href = newFileUrl.split("/").slice(0, -1).join("/")
+    } else {
+      throw new Error(await res.text())
+    }
+  } catch (err) {
+    alert(`Cannot move \`${filePath}\` to \`${newPath}\`, ${err.message}`);
+  }
+}
+
 function dropzone() {
     ["drag", "dragstart", "dragend", "dragover", "dragenter", "dragleave", "drop"].forEach(name => {
       document.addEventListener(name, e => {
@@ -267,6 +332,24 @@ function dropzone() {
     });
 }
 
+/**
+ * Create a folder
+ * @param {string} name 
+ */
+async function createFolder(name) {
+  const url = getUrl(name);
+  try {
+    const res = await fetch(url, {
+      method: "MKCOL",
+    });
+    if (res.status >= 200 && res.status < 300) {
+      location.href = url;
+    }
+  } catch (err) {
+    alert(`Cannot create folder \`${name}\`, ${err.message}`);
+  }
+}
+
 async function addFileEntries(entries, dirs) {
   for (const entry of entries) {
     if (entry.isFile) {
@@ -292,12 +375,12 @@ function getSvg(path_type) {
   switch (path_type) {
     case "Dir":
       return `<svg height="16" viewBox="0 0 14 16" width="14"><path fill-rule="evenodd" d="M13 4H7V3c0-.66-.31-1-1-1H1c-.55 0-1 .45-1 1v10c0 .55.45 1 1 1h12c.55 0 1-.45 1-1V5c0-.55-.45-1-1-1zM6 4H1V3h5v1z"></path></svg>`;
-    case "File":
-      return `<svg height="16" viewBox="0 0 12 16" width="12"><path fill-rule="evenodd" d="M6 5H2V4h4v1zM2 8h7V7H2v1zm0 2h7V9H2v1zm0 2h7v-1H2v1zm10-7.5V14c0 .55-.45 1-1 1H1c-.55 0-1-.45-1-1V2c0-.55.45-1 1-1h7.5L12 4.5zM11 5L8 2H1v12h10V5z"></path></svg>`;
+    case "SymlinkFile":
+      return `<svg height="16" viewBox="0 0 12 16" width="12"><path fill-rule="evenodd" d="M8.5 1H1c-.55 0-1 .45-1 1v12c0 .55.45 1 1 1h10c.55 0 1-.45 1-1V4.5L8.5 1zM11 14H1V2h7l3 3v9zM6 4.5l4 3-4 3v-2c-.98-.02-1.84.22-2.55.7-.71.48-1.19 1.25-1.45 2.3.02-1.64.39-2.88 1.13-3.73.73-.84 1.69-1.27 2.88-1.27v-2H6z"></path></svg>`;
     case "SymlinkDir":
       return `<svg height="16" viewBox="0 0 14 16" width="14"><path fill-rule="evenodd" d="M13 4H7V3c0-.66-.31-1-1-1H1c-.55 0-1 .45-1 1v10c0 .55.45 1 1 1h12c.55 0 1-.45 1-1V5c0-.55-.45-1-1-1zM1 3h5v1H1V3zm6 9v-2c-.98-.02-1.84.22-2.55.7-.71.48-1.19 1.25-1.45 2.3.02-1.64.39-2.88 1.13-3.73C4.86 8.43 5.82 8 7.01 8V6l4 3-4 3H7z"></path></svg>`;
     default:
-      return `<svg height="16" viewBox="0 0 12 16" width="12"><path fill-rule="evenodd" d="M8.5 1H1c-.55 0-1 .45-1 1v12c0 .55.45 1 1 1h10c.55 0 1-.45 1-1V4.5L8.5 1zM11 14H1V2h7l3 3v9zM6 4.5l4 3-4 3v-2c-.98-.02-1.84.22-2.55.7-.71.48-1.19 1.25-1.45 2.3.02-1.64.39-2.88 1.13-3.73.73-.84 1.69-1.27 2.88-1.27v-2H6z"></path></svg>`;
+      return `<svg height="16" viewBox="0 0 12 16" width="12"><path fill-rule="evenodd" d="M6 5H2V4h4v1zM2 8h7V7H2v1zm0 2h7V9H2v1zm0 2h7v-1H2v1zm10-7.5V14c0 .55-.45 1-1 1H1c-.55 0-1-.45-1-1V2c0-.55.45-1 1-1h7.5L12 4.5zM11 5L8 2H1v12h10V5z"></path></svg>`;
   }
 }
 
@@ -326,9 +409,9 @@ function formatSize(size) {
 
 function formatDuration(seconds) {
   seconds = Math.ceil(seconds);
-  let h = Math.floor(seconds / 3600);
-  let m = Math.floor((seconds - h * 3600) / 60);
-  let s = seconds - h * 3600 - m * 60
+  const h = Math.floor(seconds / 3600);
+  const m = Math.floor((seconds - h * 3600) / 60);
+  const s = seconds - h * 3600 - m * 60
   return `${padZero(h, 2)}:${padZero(m, 2)}:${padZero(s, 2)}`;
 }
 
@@ -352,6 +435,7 @@ function ready() {
   $pathsTableBody = document.querySelector(".paths-table tbody");
   $uploadersTable = document.querySelector(".uploaders-table");
   $emptyFolder = document.querySelector(".empty-folder");
+  $newFolder = document.querySelector(".new-folder");
 
   if (DATA.allow_search) {
     document.querySelector(".searchbar").classList.remove("hidden");
@@ -377,7 +461,14 @@ function ready() {
   }
   if (DATA.allow_upload) {
     dropzone();
-    document.querySelector(".upload-control").classList.remove("hidden");
+    if (DATA.allow_delete) {
+      $newFolder.classList.remove("hidden");
+      $newFolder.addEventListener("click", () => {
+        const name = prompt("Enter name of new folder");
+        if (name) createFolder(name);
+      });
+    }
+    document.querySelector(".upload-file").classList.remove("hidden");
     document.getElementById("file").addEventListener("change", e => {
       const files = e.target.files;
       for (let file of files) {

src/args.rs

@@ -1,4 +1,6 @@
-use clap::{AppSettings, Arg, ArgMatches, Command};
+use clap::{value_parser, AppSettings, Arg, ArgMatches, Command};
+use clap_complete::{generate, Generator, Shell};
+#[cfg(feature = "tls")]
 use rustls::{Certificate, PrivateKey};
 use std::env;
 use std::net::IpAddr;
@@ -6,11 +8,13 @@ use std::path::{Path, PathBuf};
 
 use crate::auth::AccessControl;
 use crate::auth::AuthMethod;
+#[cfg(feature = "tls")]
 use crate::tls::{load_certs, load_private_key};
+use crate::utils::encode_uri;
 use crate::BoxResult;
 
-fn app() -> Command<'static> {
-    Command::new(env!("CARGO_CRATE_NAME"))
+pub fn build_cli() -> Command<'static> {
+    let app = Command::new(env!("CARGO_CRATE_NAME"))
         .version(env!("CARGO_PKG_VERSION"))
         .author(env!("CARGO_PKG_AUTHORS"))
         .about(concat!(
@@ -46,7 +50,7 @@ fn app() -> Command<'static> {
             Arg::new("path-prefix")
                 .long("path-prefix")
                 .value_name("path")
-                .help("Specify an path prefix"),
+                .help("Specify a path prefix"),
         )
         .arg(
             Arg::new("hidden")
@@ -117,6 +121,16 @@ fn app() -> Command<'static> {
                 .long("render-spa")
                 .help("Serve SPA(Single Page Application)"),
         )
+        .arg(
+            Arg::new("completions")
+                .long("completions")
+                .value_name("shell")
+                .value_parser(value_parser!(Shell))
+                .help("Print shell completion script for <shell>"),
+        );
+
+    #[cfg(feature = "tls")]
+    let app = app
         .arg(
             Arg::new("tls-cert")
                 .long("tls-cert")
@@ -128,11 +142,13 @@ fn app() -> Command<'static> {
                 .long("tls-key")
                 .value_name("path")
                 .help("Path to the SSL/TLS certificate's private key"),
-        )
+        );
+
+    app
 }
 
-pub fn matches() -> ArgMatches {
-    app().get_matches()
+pub fn print_completions<G: Generator>(gen: G, cmd: &mut Command) {
+    generate(gen, cmd, cmd.get_name().to_string(), &mut std::io::stdout());
 }
 
 #[derive(Debug)]
@@ -143,7 +159,7 @@ pub struct Args {
     pub path_is_file: bool,
     pub path_prefix: String,
     pub uri_prefix: String,
-    pub hidden: String,
+    pub hidden: Vec<String>,
     pub auth_method: AuthMethod,
     pub auth: AccessControl,
     pub allow_upload: bool,
@@ -154,7 +170,10 @@ pub struct Args {
     pub render_spa: bool,
     pub render_try_index: bool,
     pub enable_cors: bool,
+    #[cfg(feature = "tls")]
     pub tls: Option<(Vec<Certificate>, PrivateKey)>,
+    #[cfg(not(feature = "tls"))]
+    pub tls: Option<()>,
 }
 
 impl Args {
@@ -178,11 +197,11 @@ impl Args {
         let uri_prefix = if path_prefix.is_empty() {
             "/".to_owned()
         } else {
-            format!("/{}/", &path_prefix)
+            format!("/{}/", &encode_uri(&path_prefix))
         };
-        let hidden: String = matches
+        let hidden: Vec<String> = matches
             .value_of("hidden")
-            .map(|v| format!(",{},", v))
+            .map(|v| v.split(',').map(|x| x.to_string()).collect())
             .unwrap_or_default();
         let enable_cors = matches.is_present("enable-cors");
         let auth: Vec<&str> = matches
@@ -201,6 +220,7 @@ impl Args {
         let render_index = matches.is_present("render-index");
         let render_try_index = matches.is_present("render-try-index");
         let render_spa = matches.is_present("render-spa");
+        #[cfg(feature = "tls")]
         let tls = match (matches.value_of("tls-cert"), matches.value_of("tls-key")) {
             (Some(certs_file), Some(key_file)) => {
                 let certs = load_certs(certs_file)?;
@@ -209,6 +229,8 @@ impl Args {
             }
             _ => None,
         };
+        #[cfg(not(feature = "tls"))]
+        let tls = None;
 
         Ok(Args {
             addrs,

src/auth.rs

@@ -12,6 +12,7 @@ use crate::utils::encode_uri;
 use crate::BoxResult;
 
 const REALM: &str = "DUFS";
+const DIGEST_AUTH_TIMEOUT: u32 = 86400;
 
 lazy_static! {
     static ref NONCESTARTHASH: Context = {
@@ -317,8 +318,7 @@ fn validate_nonce(nonce: &[u8]) -> Result<bool, ()> {
                 h.consume(secs_nonce.to_be_bytes());
                 let h = format!("{:x}", h.compute());
                 if h[..26] == n[8..34] {
-                    return Ok(dur < 300); // from the last 5min
-                                          //Authentication-Info ?
+                    return Ok(dur < DIGEST_AUTH_TIMEOUT);
                 }
             }
         }

src/main.rs

@@ -3,25 +3,30 @@ mod auth;
 mod logger;
 mod server;
 mod streamer;
+#[cfg(feature = "tls")]
 mod tls;
 mod utils;
 
 #[macro_use]
 extern crate log;
 
-use crate::args::{matches, Args};
+use crate::args::{build_cli, print_completions, Args};
 use crate::server::{Request, Server};
+#[cfg(feature = "tls")]
 use crate::tls::{TlsAcceptor, TlsStream};
 
 use std::net::{IpAddr, SocketAddr, TcpListener as StdTcpListener};
+use std::sync::atomic::{AtomicBool, Ordering};
 use std::sync::Arc;
 
+use clap_complete::Shell;
 use futures::future::join_all;
 use tokio::net::TcpListener;
 use tokio::task::JoinHandle;
 
 use hyper::server::conn::{AddrIncoming, AddrStream};
 use hyper::service::{make_service_fn, service_fn};
+#[cfg(feature = "tls")]
 use rustls::ServerConfig;
 
 pub type BoxResult<T> = Result<T, Box<dyn std::error::Error>>;
@@ -33,9 +38,17 @@ async fn main() {
 
 async fn run() -> BoxResult<()> {
     logger::init().map_err(|e| format!("Failed to init logger, {}", e))?;
-    let args = Args::parse(matches())?;
+    let cmd = build_cli();
+    let matches = cmd.get_matches();
+    if let Some(generator) = matches.get_one::<Shell>("completions") {
+        let mut cmd = build_cli();
+        print_completions(*generator, &mut cmd);
+        return Ok(());
+    }
+    let args = Args::parse(matches)?;
     let args = Arc::new(args);
-    let handles = serve(args.clone())?;
+    let running = Arc::new(AtomicBool::new(true));
+    let handles = serve(args.clone(), running.clone())?;
     print_listening(args)?;
 
     tokio::select! {
@@ -48,13 +61,17 @@ async fn run() -> BoxResult<()> {
             Ok(())
         },
         _ = shutdown_signal() => {
+            running.store(false, Ordering::SeqCst);
             Ok(())
         },
     }
 }
 
-fn serve(args: Arc<Args>) -> BoxResult<Vec<JoinHandle<Result<(), hyper::Error>>>> {
-    let inner = Arc::new(Server::new(args.clone()));
+fn serve(
+    args: Arc<Args>,
+    running: Arc<AtomicBool>,
+) -> BoxResult<Vec<JoinHandle<Result<(), hyper::Error>>>> {
+    let inner = Arc::new(Server::new(args.clone(), running));
     let mut handles = vec![];
     let port = args.port;
     for ip in args.addrs.iter() {
@@ -70,12 +87,13 @@ fn serve(args: Arc<Args>) -> BoxResult<Vec<JoinHandle<Result<(), hyper::Error>>>
                 }))
             }
         };
-        match args.tls.clone() {
+        match args.tls.as_ref() {
+            #[cfg(feature = "tls")]
             Some((certs, key)) => {
                 let config = ServerConfig::builder()
                     .with_safe_defaults()
                     .with_no_client_auth()
-                    .with_single_cert(certs, key)?;
+                    .with_single_cert(certs.clone(), key.clone())?;
                 let config = Arc::new(config);
                 let accepter = TlsAcceptor::new(config.clone(), incoming);
                 let new_service = make_service_fn(move |socket: &TlsStream| {
@@ -85,6 +103,10 @@ fn serve(args: Arc<Args>) -> BoxResult<Vec<JoinHandle<Result<(), hyper::Error>>>
                 let server = tokio::spawn(hyper::Server::builder(accepter).serve(new_service));
                 handles.push(server);
             }
+            #[cfg(not(feature = "tls"))]
+            Some(_) => {
+                unreachable!()
+            }
             None => {
                 let new_service = make_service_fn(move |socket: &AddrStream| {
                     let remote_addr = socket.remote_addr();
@@ -128,7 +150,7 @@ fn print_listening(args: Arc<Args>) -> BoxResult<()> {
         }
     }
     if ipv4 || ipv6 {
-        let ifaces = get_if_addrs::get_if_addrs()
+        let ifaces = if_addrs::get_if_addrs()
             .map_err(|e| format!("Failed to get local interface addresses: {}", e))?;
         for iface in ifaces.into_iter() {
             let local_ip = iface.ip();

src/server.rs

@@ -1,22 +1,21 @@
 use crate::streamer::Streamer;
-use crate::utils::{decode_uri, encode_uri, get_file_name, try_get_file_name};
+use crate::utils::{decode_uri, encode_uri, get_file_name, glob, try_get_file_name};
 use crate::{Args, BoxResult};
-use async_walkdir::{Filtering, WalkDir};
+use walkdir::WalkDir;
 use xml::escape::escape_str_pcdata;
 
 use async_zip::write::{EntryOptions, ZipFileWriter};
 use async_zip::Compression;
 use chrono::{TimeZone, Utc};
-use futures::stream::StreamExt;
 use futures::TryStreamExt;
 use headers::{
-    AcceptRanges, AccessControlAllowCredentials, AccessControlAllowHeaders,
-    AccessControlAllowOrigin, Connection, ContentLength, ContentType, ETag, HeaderMap,
-    HeaderMapExt, IfModifiedSince, IfNoneMatch, IfRange, LastModified, Range,
+    AcceptRanges, AccessControlAllowCredentials, AccessControlAllowOrigin, Connection,
+    ContentLength, ContentType, ETag, HeaderMap, HeaderMapExt, IfModifiedSince, IfNoneMatch,
+    IfRange, LastModified, Range,
 };
 use hyper::header::{
-    HeaderValue, ACCEPT, AUTHORIZATION, CONTENT_DISPOSITION, CONTENT_LENGTH, CONTENT_RANGE,
-    CONTENT_TYPE, ORIGIN, RANGE, WWW_AUTHENTICATE,
+    HeaderValue, AUTHORIZATION, CONTENT_DISPOSITION, CONTENT_LENGTH, CONTENT_RANGE, CONTENT_TYPE,
+    RANGE, WWW_AUTHENTICATE,
 };
 use hyper::{Body, Method, StatusCode, Uri};
 use serde::Serialize;
@@ -24,6 +23,7 @@ use std::fs::Metadata;
 use std::io::SeekFrom;
 use std::net::SocketAddr;
 use std::path::{Path, PathBuf};
+use std::sync::atomic::{AtomicBool, Ordering};
 use std::sync::Arc;
 use std::time::SystemTime;
 use tokio::fs::File;
@@ -45,13 +45,30 @@ const BUF_SIZE: usize = 65536;
 pub struct Server {
     args: Arc<Args>,
     assets_prefix: String,
+    single_file_req_paths: Vec<String>,
+    running: Arc<AtomicBool>,
 }
 
 impl Server {
-    pub fn new(args: Arc<Args>) -> Self {
+    pub fn new(args: Arc<Args>, running: Arc<AtomicBool>) -> Self {
         let assets_prefix = format!("{}__dufs_v{}_", args.uri_prefix, env!("CARGO_PKG_VERSION"));
+        let single_file_req_paths = if args.path_is_file {
+            vec![
+                args.uri_prefix.to_string(),
+                args.uri_prefix[0..args.uri_prefix.len() - 1].to_string(),
+                encode_uri(&format!(
+                    "{}{}",
+                    &args.uri_prefix,
+                    get_file_name(&args.path)
+                )),
+            ]
+        } else {
+            vec![]
+        };
         Self {
             args,
+            running,
+            single_file_req_paths,
             assets_prefix,
         }
     }
@@ -116,8 +133,16 @@ impl Server {
         let head_only = method == Method::HEAD;
 
         if self.args.path_is_file {
+            if self
+                .single_file_req_paths
+                .iter()
+                .any(|v| v.as_str() == req_path)
+            {
                 self.handle_send_file(&self.args.path, headers, head_only, &mut res)
                     .await?;
+            } else {
+                status_not_found(&mut res);
+            }
             return Ok(res);
         }
 
@@ -153,9 +178,18 @@ impl Server {
         match method {
             Method::GET | Method::HEAD => {
                 if is_dir {
-                    if render_try_index && query == "zip" {
+                    if render_try_index {
+                        if query == "zip" {
                             self.handle_zip_dir(path, head_only, &mut res).await?;
-                    } else if render_index || render_spa || render_try_index {
+                        } else if allow_search && query.starts_with("q=") {
+                            let q = decode_uri(&query[2..]).unwrap_or_default();
+                            self.handle_search_dir(path, &q, head_only, &mut res)
+                                .await?;
+                        } else {
+                            self.handle_render_index(path, headers, head_only, &mut res)
+                                .await?;
+                        }
+                    } else if render_index || render_spa {
                         self.handle_render_index(path, headers, head_only, &mut res)
                             .await?;
                     } else if query == "zip" {
@@ -228,7 +262,7 @@ impl Server {
                     } else if is_miss {
                         status_not_found(&mut res);
                     } else {
-                        self.handle_copy(path, headers, &mut res).await?
+                        self.handle_copy(path, &req, &mut res).await?
                     }
                 }
                 "MOVE" => {
@@ -237,7 +271,7 @@ impl Server {
                     } else if is_miss {
                         status_not_found(&mut res);
                     } else {
-                        self.handle_move(path, headers, &mut res).await?
+                        self.handle_move(path, &req, &mut res).await?
                     }
                 }
                 "LOCK" => {
@@ -331,36 +365,43 @@ impl Server {
         res: &mut Response,
     ) -> BoxResult<()> {
         let mut paths: Vec<PathItem> = vec![];
-        let hidden = self.args.hidden.to_string();
-        let search = search.to_string();
-        let mut walkdir = WalkDir::new(path).filter(move |entry| {
-            let hidden_cloned = hidden.clone();
-            let search_cloned = search.clone();
-            async move {
+        let path_buf = path.to_path_buf();
+        let hidden = Arc::new(self.args.hidden.to_vec());
+        let hidden = hidden.clone();
+        let running = self.running.clone();
+        let search = search.to_lowercase();
+        let search_paths = tokio::task::spawn_blocking(move || {
+            let mut it = WalkDir::new(&path_buf).into_iter();
+            let mut paths: Vec<PathBuf> = vec![];
+            while let Some(Ok(entry)) = it.next() {
+                if !running.load(Ordering::SeqCst) {
+                    break;
+                }
                 let entry_path = entry.path();
-                let base_name = get_file_name(&entry_path);
-                if is_hidden(&hidden_cloned, base_name) {
-                    return Filtering::IgnoreDir;
+                let base_name = get_file_name(entry_path);
+                let file_type = entry.file_type();
+                if is_hidden(&hidden, base_name) {
+                    if file_type.is_dir() {
+                        it.skip_current_dir();
                     }
-                if !base_name
-                    .to_lowercase()
-                    .contains(&search_cloned.to_lowercase())
-                {
-                    return Filtering::Ignore;
+                    continue;
                 }
-                if fs::symlink_metadata(entry.path()).await.is_err() {
-                    return Filtering::Ignore;
+                if !base_name.to_lowercase().contains(&search) {
+                    continue;
                 }
-                Filtering::Continue
+                if entry.path().symlink_metadata().is_err() {
+                    continue;
                 }
-        });
-        while let Some(entry) = walkdir.next().await {
-            if let Ok(entry) = entry {
-                if let Ok(Some(item)) = self.to_pathitem(entry.path(), path.to_path_buf()).await {
+                paths.push(entry_path.to_path_buf());
+            }
+            paths
+        })
+        .await?;
+        for search_path in search_paths.into_iter() {
+            if let Ok(Some(item)) = self.to_pathitem(search_path, path.to_path_buf()).await {
                 paths.push(item);
             }
         }
-        }
         self.send_index(path, paths, true, head_only, res)
     }
 
@@ -387,8 +428,9 @@ impl Server {
         }
         let path = path.to_owned();
         let hidden = self.args.hidden.clone();
+        let running = self.running.clone();
         tokio::spawn(async move {
-            if let Err(e) = zip_dir(&mut writer, &path, &hidden).await {
+            if let Err(e) = zip_dir(&mut writer, &path, &hidden, running).await {
                 error!("Failed to zip {}, {}", path.display(), e);
             }
         });
@@ -625,16 +667,10 @@ impl Server {
         Ok(())
     }
 
-    async fn handle_copy(
-        &self,
-        path: &Path,
-        headers: &HeaderMap<HeaderValue>,
-        res: &mut Response,
-    ) -> BoxResult<()> {
-        let dest = match self.extract_dest(headers) {
+    async fn handle_copy(&self, path: &Path, req: &Request, res: &mut Response) -> BoxResult<()> {
+        let dest = match self.extract_dest(req, res) {
             Some(dest) => dest,
             None => {
-                *res.status_mut() = StatusCode::BAD_REQUEST;
                 return Ok(());
             }
         };
@@ -653,16 +689,10 @@ impl Server {
         Ok(())
     }
 
-    async fn handle_move(
-        &self,
-        path: &Path,
-        headers: &HeaderMap<HeaderValue>,
-        res: &mut Response,
-    ) -> BoxResult<()> {
-        let dest = match self.extract_dest(headers) {
+    async fn handle_move(&self, path: &Path, req: &Request, res: &mut Response) -> BoxResult<()> {
+        let dest = match self.extract_dest(req, res) {
             Some(dest) => dest,
             None => {
-                *res.status_mut() = StatusCode::BAD_REQUEST;
                 return Ok(());
             }
         };
@@ -781,10 +811,43 @@ DATA = {}
             .unwrap_or_default()
     }
 
-    fn extract_dest(&self, headers: &HeaderMap<HeaderValue>) -> Option<PathBuf> {
+    fn extract_dest(&self, req: &Request, res: &mut Response) -> Option<PathBuf> {
+        let headers = req.headers();
+        let dest_path = match self.extract_destination_header(headers) {
+            Some(dest) => dest,
+            None => {
+                *res.status_mut() = StatusCode::BAD_REQUEST;
+                return None;
+            }
+        };
+        let authorization = headers.get(AUTHORIZATION);
+        let guard_type = self.args.auth.guard(
+            &dest_path,
+            req.method(),
+            authorization,
+            self.args.auth_method.clone(),
+        );
+        if guard_type.is_reject() {
+            *res.status_mut() = StatusCode::FORBIDDEN;
+            *res.body_mut() = Body::from("Forbidden");
+            return None;
+        }
+
+        let dest = match self.extract_path(&dest_path) {
+            Some(dest) => dest,
+            None => {
+                *res.status_mut() = StatusCode::BAD_REQUEST;
+                return None;
+            }
+        };
+
+        Some(dest)
+    }
+
+    fn extract_destination_header(&self, headers: &HeaderMap<HeaderValue>) -> Option<String> {
         let dest = headers.get("Destination")?.to_str().ok()?;
         let uri: Uri = dest.parse().ok()?;
-        self.extract_path(uri.path())
+        Some(uri.path().to_string())
     }
 
     fn extract_path(&self, path: &str) -> Option<PathBuf> {
@@ -969,11 +1032,19 @@ fn add_cors(res: &mut Response) {
         .typed_insert(AccessControlAllowOrigin::ANY);
     res.headers_mut()
         .typed_insert(AccessControlAllowCredentials);
-
-    res.headers_mut().typed_insert(
-        vec![RANGE, CONTENT_TYPE, ACCEPT, ORIGIN, WWW_AUTHENTICATE]
-            .into_iter()
-            .collect::<AccessControlAllowHeaders>(),
+    res.headers_mut().insert(
+        "Access-Control-Allow-Methods",
+        HeaderValue::from_static("GET,HEAD,PUT,OPTIONS,DELETE,PROPFIND,COPY,MOVE"),
+    );
+    res.headers_mut().insert(
+        "Access-Control-Allow-Headers",
+        HeaderValue::from_static("Authorization,Destination,Range"),
+    );
+    res.headers_mut().insert(
+        "Access-Control-Expose-Headers",
+        HeaderValue::from_static(
+            "WWW-Authenticate,Content-Range,Accept-Ranges,Content-Disposition",
+        ),
     );
 }
 
@@ -992,41 +1063,55 @@ fn res_multistatus(res: &mut Response, content: &str) {
     ));
 }
 
-async fn zip_dir<W: AsyncWrite + Unpin>(writer: &mut W, dir: &Path, hidden: &str) -> BoxResult<()> {
+async fn zip_dir<W: AsyncWrite + Unpin>(
+    writer: &mut W,
+    dir: &Path,
+    hidden: &[String],
+    running: Arc<AtomicBool>,
+) -> BoxResult<()> {
     let mut writer = ZipFileWriter::new(writer);
-    let hidden = hidden.to_string();
-    let mut walkdir = WalkDir::new(dir).filter(move |entry| {
+    let hidden = Arc::new(hidden.to_vec());
     let hidden = hidden.clone();
-        async move {
+    let dir_path_buf = dir.to_path_buf();
+    let zip_paths = tokio::task::spawn_blocking(move || {
+        let mut it = WalkDir::new(&dir_path_buf).into_iter();
+        let mut paths: Vec<PathBuf> = vec![];
+        while let Some(Ok(entry)) = it.next() {
+            if !running.load(Ordering::SeqCst) {
+                break;
+            }
             let entry_path = entry.path();
-            let base_name = get_file_name(&entry_path);
+            let base_name = get_file_name(entry_path);
+            let file_type = entry.file_type();
             if is_hidden(&hidden, base_name) {
-                return Filtering::IgnoreDir;
+                if file_type.is_dir() {
+                    it.skip_current_dir();
                 }
-            let meta = match fs::symlink_metadata(entry.path()).await {
-                Ok(meta) => meta,
-                Err(_) => return Filtering::Ignore,
-            };
-            if !meta.is_file() {
-                return Filtering::Ignore;
+                continue;
             }
-            Filtering::Continue
+            if entry.path().symlink_metadata().is_err() {
+                continue;
             }
-    });
-    while let Some(entry) = walkdir.next().await {
-        if let Ok(entry) = entry {
-            let entry_path = entry.path();
-            let filename = match entry_path.strip_prefix(dir).ok().and_then(|v| v.to_str()) {
+            if !file_type.is_file() {
+                continue;
+            }
+            paths.push(entry_path.to_path_buf());
+        }
+        paths
+    })
+    .await?;
+    for zip_path in zip_paths.into_iter() {
+        let filename = match zip_path.strip_prefix(dir).ok().and_then(|v| v.to_str()) {
             Some(v) => v,
             None => continue,
         };
-            let entry_options = EntryOptions::new(filename.to_owned(), Compression::Deflate);
-            let mut file = File::open(&entry_path).await?;
+        let entry_options =
+            EntryOptions::new(filename.to_owned(), Compression::Deflate).unix_permissions(0o644);
+        let mut file = File::open(&zip_path).await?;
         let mut file_writer = writer.write_entry_stream(entry_options).await?;
         io::copy(&mut file, &mut file_writer).await?;
         file_writer.close().await?;
     }
-    }
     writer.close().await?;
     Ok(())
 }
@@ -1086,8 +1171,8 @@ fn status_no_content(res: &mut Response) {
     *res.status_mut() = StatusCode::NO_CONTENT;
 }
 
-fn is_hidden(hidden: &str, file_name: &str) -> bool {
-    hidden.contains(&format!(",{},", file_name))
+fn is_hidden(hidden: &[String], file_name: &str) -> bool {
+    hidden.iter().any(|v| glob(v, file_name))
 }
 
 fn set_webdav_headers(res: &mut Response) {

src/utils.rs

@@ -23,3 +23,61 @@ pub fn try_get_file_name(path: &Path) -> BoxResult<&str> {
         .and_then(|v| v.to_str())
         .ok_or_else(|| format!("Failed to get file name of `{}`", path.display()).into())
 }
+
+pub fn glob(source: &str, target: &str) -> bool {
+    let ss: Vec<char> = source.chars().collect();
+    let mut iter = target.chars();
+    let mut i = 0;
+    'outer: while i < ss.len() {
+        let s = ss[i];
+        match s {
+            '*' => match ss.get(i + 1) {
+                Some(s_next) => {
+                    for t in iter.by_ref() {
+                        if t == *s_next {
+                            i += 2;
+                            continue 'outer;
+                        }
+                    }
+                    return true;
+                }
+                None => return true,
+            },
+            '?' => match iter.next() {
+                Some(_) => {
+                    i += 1;
+                    continue;
+                }
+                None => return false,
+            },
+            _ => match iter.next() {
+                Some(t) => {
+                    if s == t {
+                        i += 1;
+                        continue;
+                    }
+                    return false;
+                }
+                None => return false,
+            },
+        }
+    }
+    iter.next().is_none()
+}
+
+#[test]
+fn test_glob_key() {
+    assert!(glob("", ""));
+    assert!(glob(".*", ".git"));
+    assert!(glob("abc", "abc"));
+    assert!(glob("a*c", "abc"));
+    assert!(glob("a?c", "abc"));
+    assert!(glob("a*c", "abbc"));
+    assert!(glob("*c", "abc"));
+    assert!(glob("a*", "abc"));
+    assert!(glob("?c", "bc"));
+    assert!(glob("a?", "ab"));
+    assert!(!glob("abc", "adc"));
+    assert!(!glob("abc", "abcd"));
+    assert!(!glob("a?c", "abbc"));
+}

tests/args.rs

@@ -1,11 +1,10 @@
+//! Run file server with different args
+
 mod fixtures;
 mod utils;
 
-use assert_cmd::prelude::*;
-use assert_fs::fixture::TempDir;
-use fixtures::{port, server, tmpdir, wait_for_port, Error, TestServer};
+use fixtures::{server, Error, TestServer};
 use rstest::rstest;
-use std::process::{Command, Stdio};
 
 #[rstest]
 fn path_prefix_index(#[with(&["--path-prefix", "xyz"])] server: TestServer) -> Result<(), Error> {
@@ -31,22 +30,3 @@ fn path_prefix_propfind(
     assert!(text.contains("<D:href>/xyz/</D:href>"));
     Ok(())
 }
-
-#[rstest]
-#[case("index.html")]
-fn serve_single_file(tmpdir: TempDir, port: u16, #[case] file: &str) -> Result<(), Error> {
-    let mut child = Command::cargo_bin("dufs")?
-        .arg(tmpdir.path().join(file))
-        .arg("-p")
-        .arg(port.to_string())
-        .stdout(Stdio::piped())
-        .spawn()?;
-
-    wait_for_port(port);
-
-    let resp = reqwest::blocking::get(format!("http://localhost:{}/index.html", port))?;
-    assert_eq!(resp.text()?, "This is index.html");
-
-    child.kill()?;
-    Ok(())
-}

tests/auth.rs

@@ -95,3 +95,29 @@ fn auth_basic(
     assert_eq!(resp.status(), 201);
     Ok(())
 }
+
+#[rstest]
+fn auth_webdav_move(
+    #[with(&["--auth", "/@user:pass@*", "--auth", "/dira@user3:pass3", "-A"])] server: TestServer,
+) -> Result<(), Error> {
+    let origin_url = format!("{}dira/test.html", server.url());
+    let new_url = format!("{}test2.html", server.url());
+    let resp = fetch!(b"MOVE", &origin_url)
+        .header("Destination", &new_url)
+        .send_with_digest_auth("user3", "pass3")?;
+    assert_eq!(resp.status(), 403);
+    Ok(())
+}
+
+#[rstest]
+fn auth_webdav_copy(
+    #[with(&["--auth", "/@user:pass@*", "--auth", "/dira@user3:pass3", "-A"])] server: TestServer,
+) -> Result<(), Error> {
+    let origin_url = format!("{}dira/test.html", server.url());
+    let new_url = format!("{}test2.html", server.url());
+    let resp = fetch!(b"COPY", &origin_url)
+        .header("Destination", &new_url)
+        .send_with_digest_auth("user3", "pass3")?;
+    assert_eq!(resp.status(), 403);
+    Ok(())
+}

tests/cli.rs

@@ -0,0 +1,32 @@
+//! Run cli with different args, not starting a server
+
+mod fixtures;
+
+use assert_cmd::prelude::*;
+use clap::ValueEnum;
+use clap_complete::Shell;
+use fixtures::Error;
+use std::process::Command;
+
+#[test]
+/// Show help and exit.
+fn help_shows() -> Result<(), Error> {
+    Command::cargo_bin("dufs")?.arg("-h").assert().success();
+
+    Ok(())
+}
+
+#[test]
+/// Print completions and exit.
+fn print_completions() -> Result<(), Error> {
+    // let shell_enums = EnumValueParser::<Shell>::new();
+    for shell in Shell::value_variants() {
+        Command::cargo_bin("dufs")?
+            .arg("--completions")
+            .arg(shell.to_string())
+            .assert()
+            .success();
+    }
+
+    Ok(())
+}

tests/cors.rs

@@ -7,31 +7,27 @@ use rstest::rstest;
 #[rstest]
 fn cors(#[with(&["--enable-cors"])] server: TestServer) -> Result<(), Error> {
     let resp = reqwest::blocking::get(server.url())?;
-
     assert_eq!(
         resp.headers().get("access-control-allow-origin").unwrap(),
         "*"
     );
     assert_eq!(
-        resp.headers().get("access-control-allow-headers").unwrap(),
-        "range, content-type, accept, origin, www-authenticate"
+        resp.headers()
+            .get("access-control-allow-credentials")
+            .unwrap(),
+        "true"
     );
-
-    Ok(())
-}
-
-#[rstest]
-fn cors_options(#[with(&["--enable-cors"])] server: TestServer) -> Result<(), Error> {
-    let resp = fetch!(b"OPTIONS", server.url()).send()?;
-
     assert_eq!(
-        resp.headers().get("access-control-allow-origin").unwrap(),
-        "*"
+        resp.headers().get("access-control-allow-methods").unwrap(),
+        "GET,HEAD,PUT,OPTIONS,DELETE,PROPFIND,COPY,MOVE"
     );
     assert_eq!(
         resp.headers().get("access-control-allow-headers").unwrap(),
-        "range, content-type, accept, origin, www-authenticate"
+        "Authorization,Destination,Range"
+    );
+    assert_eq!(
+        resp.headers().get("access-control-expose-headers").unwrap(),
+        "WWW-Authenticate,Content-Range,Accept-Ranges,Content-Disposition"
     );
-
     Ok(())
 }

tests/render.rs

@@ -50,6 +50,18 @@ fn render_try_index3(#[with(&["--render-try-index"])] server: TestServer) -> Res
     Ok(())
 }
 
+#[rstest]
+#[case(server(&["--render-try-index"] as &[&str]), false)]
+#[case(server(&["--render-try-index", "--allow-search"] as &[&str]), true)]
+fn render_try_index4(#[case] server: TestServer, #[case] searched: bool) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}{}?q={}", server.url(), DIR_NO_INDEX, "😀.bin"))?;
+    assert_eq!(resp.status(), 200);
+    let paths = utils::retrive_index_paths(&resp.text()?);
+    assert!(!paths.is_empty());
+    assert_eq!(paths.iter().all(|v| v.contains("😀.bin")), searched);
+    Ok(())
+}
+
 #[rstest]
 fn render_spa(#[with(&["--render-spa"])] server: TestServer) -> Result<(), Error> {
     let resp = reqwest::blocking::get(server.url())?;

tests/single_file.rs

@@ -0,0 +1,60 @@
+//! Run file server with different args
+
+mod fixtures;
+mod utils;
+
+use assert_cmd::prelude::*;
+use assert_fs::fixture::TempDir;
+use fixtures::{port, tmpdir, wait_for_port, Error};
+use rstest::rstest;
+use std::process::{Command, Stdio};
+
+#[rstest]
+#[case("index.html")]
+fn single_file(tmpdir: TempDir, port: u16, #[case] file: &str) -> Result<(), Error> {
+    let mut child = Command::cargo_bin("dufs")?
+        .arg(tmpdir.path().join(file))
+        .arg("-p")
+        .arg(port.to_string())
+        .stdout(Stdio::piped())
+        .spawn()?;
+
+    wait_for_port(port);
+
+    let resp = reqwest::blocking::get(format!("http://localhost:{}", port))?;
+    assert_eq!(resp.text()?, "This is index.html");
+    let resp = reqwest::blocking::get(format!("http://localhost:{}/", port))?;
+    assert_eq!(resp.text()?, "This is index.html");
+    let resp = reqwest::blocking::get(format!("http://localhost:{}/index.html", port))?;
+    assert_eq!(resp.text()?, "This is index.html");
+
+    child.kill()?;
+    Ok(())
+}
+
+#[rstest]
+#[case("index.html")]
+fn path_prefix_single_file(tmpdir: TempDir, port: u16, #[case] file: &str) -> Result<(), Error> {
+    let mut child = Command::cargo_bin("dufs")?
+        .arg(tmpdir.path().join(file))
+        .arg("-p")
+        .arg(port.to_string())
+        .arg("--path-prefix")
+        .arg("xyz")
+        .stdout(Stdio::piped())
+        .spawn()?;
+
+    wait_for_port(port);
+
+    let resp = reqwest::blocking::get(format!("http://localhost:{}/xyz", port))?;
+    assert_eq!(resp.text()?, "This is index.html");
+    let resp = reqwest::blocking::get(format!("http://localhost:{}/xyz/", port))?;
+    assert_eq!(resp.text()?, "This is index.html");
+    let resp = reqwest::blocking::get(format!("http://localhost:{}/xyz/index.html", port))?;
+    assert_eq!(resp.text()?, "This is index.html");
+    let resp = reqwest::blocking::get(format!("http://localhost:{}", port))?;
+    assert_eq!(resp.status(), 404);
+
+    child.kill()?;
+    Ok(())
+}