chore(release): version v0.26.0

CHANGELOG.md

@@ -2,6 +2,26 @@
 
 All notable changes to this project will be documented in this file.
 
+## [0.26.0] - 2022-07-08
+
+### Bug Fixes
+
+- Cors headers ([#100](https://github.com/sigoden/dufs/issues/100))
+
+### Features
+
+- Make --path-prefix works on serving single file ([#102](https://github.com/sigoden/dufs/issues/102))
+
+## [0.25.0] - 2022-07-06
+
+### Features
+
+- Ui supports creating folder ([#91](https://github.com/sigoden/dufs/issues/91))
+- Ui supports move folder/file to new path ([#92](https://github.com/sigoden/dufs/issues/92))
+- Check permission on move/copy destination ([#93](https://github.com/sigoden/dufs/issues/93))
+- Add completions ([#97](https://github.com/sigoden/dufs/issues/97))
+- Limit the number of concurrent uploads ([#98](https://github.com/sigoden/dufs/issues/98))
+
 ## [0.24.0] - 2022-07-02
 
 ### Bug Fixes

Cargo.lock

@@ -234,6 +234,15 @@ dependencies = [
  "textwrap",
 ]
 
+[[package]]
+name = "clap_complete"
+version = "3.2.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ead064480dfc4880a10764488415a97fdd36a4cf1bb022d372f02e8faf8386e1"
+dependencies = [
+ "clap",
+]
+
 [[package]]
 name = "clap_lex"
 version = "0.2.4"
@@ -289,9 +298,9 @@ dependencies = [
 
 [[package]]
 name = "crypto-common"
-version = "0.1.3"
+version = "0.1.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "57952ca27b5e3606ff4dd79b0020231aaf9d6aa76dc05fd30137538c50bd3ce8"
+checksum = "5999502d32b9c48d492abe66392408144895020ec4709e549e840799f3bb74c0"
 dependencies = [
  "generic-array",
  "typenum",
@@ -370,7 +379,7 @@ checksum = "fea41bba32d969b513997752735605054bc0dfa92b4c56bf1189f2e174be7a10"
 
 [[package]]
 name = "dufs"
-version = "0.24.0"
+version = "0.26.0"
 dependencies = [
  "assert_cmd",
  "assert_fs",
@@ -379,6 +388,7 @@ dependencies = [
  "base64",
  "chrono",
  "clap",
+ "clap_complete",
  "diqwest",
  "futures",
  "headers",
@@ -1087,9 +1097,9 @@ dependencies = [
 
 [[package]]
 name = "once_cell"
-version = "1.12.0"
+version = "1.13.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7709cef83f0c1f58f666e746a08b21e0085f7440fa6a29cc194d68aac97a4225"
+checksum = "18a6dbe30758c9f83eb00cbea4ac95966305f5a7772f3f42ebfc7fc7eddbd8e1"
 
 [[package]]
 name = "opaque-debug"
@@ -1431,9 +1441,9 @@ dependencies = [
 
 [[package]]
 name = "regex"
-version = "1.5.6"
+version = "1.6.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d83f127d94bdbcda4c8cc2e50f6f84f4b611f69c902699ca385a39c3a75f9ff1"
+checksum = "4c4eb3267174b8c6c2f654116623910a0fef09c4753f8dd83db29c48a0df988b"
 dependencies = [
  "aho-corasick",
  "memchr",
@@ -1448,9 +1458,9 @@ checksum = "6c230d73fb8d8c1b9c0b3135c5142a8acee3a0558fb8db5cf1cb65f8d7862132"
 
 [[package]]
 name = "regex-syntax"
-version = "0.6.26"
+version = "0.6.27"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "49b3de9ec5dc0a3417da371aab17d729997c15010e7fd24ff707773a33bddb64"
+checksum = "a3f87b73ce11b1619a3c6332f45341e0047173771e8b8b73f87bfeefb7b56244"
 
 [[package]]
 name = "remove_dir_all"

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "dufs"
-version = "0.24.0"
+version = "0.26.0"
 edition = "2021"
 authors = ["sigoden <sigoden@gmail.com>"]
 description = "Dufs is a distinctive utility file server"
@@ -12,6 +12,7 @@ keywords = ["static", "file", "server", "webdav", "cli"]
 
 [dependencies]
 clap = { version = "3", default-features = false, features = ["std", "wrap_help"] }
+clap_complete = "3"
 chrono = "0.4"
 tokio = { version = "1", features = ["rt-multi-thread", "macros", "fs", "io-util", "signal"]}
 tokio-util = { version = "0.7",  features = ["io-util"] }

README.md

@@ -5,7 +5,7 @@
 
 Dufs is a distinctive utility file server that supports static serving, uploading, searching, accessing control, webdav...
 
-![demo](https://user-images.githubusercontent.com/4012553/174486522-7af350e6-0195-4f4a-8480-d9464fc6452f.png)
+![demo](https://user-images.githubusercontent.com/4012553/177549931-130383ef-0480-4911-b9c2-0d9534a624b7.png)
 
 ## Features
 
@@ -30,7 +30,7 @@ cargo install dufs
 ### With docker
 
 ```
-docker run -v `pwd`:/data -p 5000:5000 --rm -it sigoden/dufs /data
+docker run -v `pwd`:/data -p 5000:5000 --rm -it sigoden/dufs /data -A
 ```
 
 ### Binaries on macOS, Linux, Windows
@@ -51,7 +51,7 @@ ARGS:
 OPTIONS:
     -b, --bind <addr>...         Specify bind address
     -p, --port <port>            Specify port to listen on [default: 5000]
-        --path-prefix <path>     Specify an path prefix
+        --path-prefix <path>     Specify a path prefix
         --hidden <value>         Hide directories from directory listings, separated by `,`
     -a, --auth <rule>...         Add auth for path
         --auth-method <value>    Select auth method [default: digest] [possible values: basic, digest]
@@ -64,6 +64,7 @@ OPTIONS:
         --render-index           Serve index.html when requesting a directory, returns 404 if not found index.html
         --render-try-index       Serve index.html when requesting a directory, returns directory listing if not found index.html
         --render-spa             Serve SPA(Single Page Application)
+        --completions <shell>    Print shell completion script for <shell> [possible values: bash, elvish, fish, powershell, zsh]
         --tls-cert <path>        Path to an SSL/TLS certificate to serve with HTTPS
         --tls-key <path>         Path to the SSL/TLS certificate's private key
     -h, --help                   Print help information
@@ -78,7 +79,7 @@ Serve current working directory
 dufs
 ```
 
-Explicitly allow all operations including download/upload/delete
+Allow all operations like upload/delete/search...
 
 ```
 dufs -A
@@ -96,24 +97,24 @@ Serve a specific directory
 dufs Downloads
 ```
 
-Serve a specific file
+Serve a single file
 
 ```
 dufs linux-distro.iso
 ```
 
-Serve index.html when requesting a directory
+Serve a single-page application like react/vue
-
-```
-dufs --render-index
-```
-
-Serve single-page application like react
 
 ```
 dufs --render-spa
 ```
 
+Serve a static website with index.html
+
+```
+dufs --render-index
+```
+
 Require username/password
 
 ```
@@ -140,6 +141,12 @@ dufs --tls-cert my.crt --tls-key my.key
 
 ## API
 
+Upload a file
+
+```
+curl -T path-to-file http://127.0.0.1:5000/new-path/path-to-file
+```
+
 Download a file
 ```
 curl http://127.0.0.1:5000/path-to-file
@@ -151,16 +158,10 @@ Download a folder as zip file
 curl -o path-to-folder.zip http://127.0.0.1:5000/path-to-folder?zip
 ```
 
-Upload a file
-
-```
-curl --upload-file path-to-file http://127.0.0.1:5000/path-to-file
-```
-
 Delete a file/folder
 
 ```
-curl -X DELETE http://127.0.0.1:5000/path-to-file
+curl -X DELETE http://127.0.0.1:5000/path-to-file-or-folder
 ```
 
 ## Access Control

assets/index.css

@@ -59,6 +59,15 @@ body {
   height: 1.1rem;
 }
 
+.toolbox .control {
+  cursor: pointer;
+  padding-left: 0.25em;
+}
+
+.upload-file input {
+  display: none;
+}
+
 .searchbar {
   display: flex;
   flex-wrap: nowrap;
@@ -90,15 +99,6 @@ body {
   cursor: pointer;
 }
 
-.upload-control {
-  cursor: pointer;
-  padding-left: 0.25em;
-}
-
-.upload-control input {
-  display: none;
-}
-
 .upload-status span {
   width: 70px;
   display: inline-block;
@@ -132,7 +132,7 @@ body {
 }
 
 .paths-table .cell-actions {
-  width: 60px;
+  width: 75px;
   display: flex;
   padding-left: 0.6em;
 }
@@ -175,7 +175,7 @@ body {
 }
 
 .action-btn {
-  padding-left: 0.4em;
+  padding-right: 0.3em;
 }
 
 .uploaders-table {

assets/index.html

@@ -15,12 +15,18 @@
           <svg width="16" height="16" viewBox="0 0 16 16"><path d="M.5 9.9a.5.5 0 0 1 .5.5v2.5a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1v-2.5a.5.5 0 0 1 1 0v2.5a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2v-2.5a.5.5 0 0 1 .5-.5z"/><path d="M7.646 11.854a.5.5 0 0 0 .708 0l3-3a.5.5 0 0 0-.708-.708L8.5 10.293V1.5a.5.5 0 0 0-1 0v8.793L5.354 8.146a.5.5 0 1 0-.708.708l3 3z"/></svg>
         </a>
       </div>
-      <div class="upload-control hidden" title="Upload files">
+      <div class="control upload-file hidden" title="Upload files">
         <label for="file">
           <svg width="16" height="16" viewBox="0 0 16 16"><path d="M.5 9.9a.5.5 0 0 1 .5.5v2.5a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1v-2.5a.5.5 0 0 1 1 0v2.5a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2v-2.5a.5.5 0 0 1 .5-.5z"/><path d="M7.646 1.146a.5.5 0 0 1 .708 0l3 3a.5.5 0 0 1-.708.708L8.5 2.707V11.5a.5.5 0 0 1-1 0V2.707L5.354 4.854a.5.5 0 1 1-.708-.708l3-3z"/></svg>
         </label>
         <input type="file" id="file" name="file" multiple>
       </div>
+      <div class="control new-folder hidden" title="New folder">
+        <svg width="16" height="16" viewBox="0 0 16 16">
+          <path d="m.5 3 .04.87a1.99 1.99 0 0 0-.342 1.311l.637 7A2 2 0 0 0 2.826 14H9v-1H2.826a1 1 0 0 1-.995-.91l-.637-7A1 1 0 0 1 2.19 4h11.62a1 1 0 0 1 .996 1.09L14.54 8h1.005l.256-2.819A2 2 0 0 0 13.81 3H9.828a2 2 0 0 1-1.414-.586l-.828-.828A2 2 0 0 0 6.172 1H2.5a2 2 0 0 0-2 2zm5.672-1a1 1 0 0 1 .707.293L7.586 3H2.19c-.24 0-.47.042-.683.12L1.5 2.98a1 1 0 0 1 1-.98h3.672z"/>
+          <path d="M13.5 10a.5.5 0 0 1 .5.5V12h1.5a.5.5 0 1 1 0 1H14v1.5a.5.5 0 1 1-1 0V13h-1.5a.5.5 0 0 1 0-1H13v-1.5a.5.5 0 0 1 .5-.5z"/>
+        </svg>
+      </div>
     </div>
     <form class="searchbar hidden">
       <div class="icon">

assets/index.js

@@ -29,6 +29,10 @@ let $uploadersTable;
  * @type Element
  */
 let $emptyFolder;
+/**
+ * @type Element
+ */
+let $newFolder;
 
 class Uploader {
   /**
@@ -49,7 +53,7 @@ class Uploader {
   }
 
   upload() {
-    const { file, idx, name } = this;
+    const { idx, name } = this;
     const url = getUrl(name);
     const encodedUrl = encodedStr(url);
     const encodedName = encodedStr(name);
@@ -66,8 +70,15 @@ class Uploader {
     $uploadersTable.classList.remove("hidden");
     $emptyFolder.classList.add("hidden");
     this.$uploadStatus = document.getElementById(`uploadStatus${idx}`);
-    this.lastUptime = Date.now();
+    this.$uploadStatus.innerHTML = '-';
+    Uploader.queues.push(this);
+    Uploader.runQueue();
+  }
 
+  ajax() {
+    Uploader.runings += 1;
+    const url = getUrl(this.name);
+    this.lastUptime = Date.now();
     const ajax = new XMLHttpRequest();
     ajax.upload.addEventListener("progress", e => this.progress(e), false);
     ajax.addEventListener("readystatechange", () => {
@@ -82,13 +93,14 @@ class Uploader {
     ajax.addEventListener("error", () => this.fail(), false);
     ajax.addEventListener("abort", () => this.fail(), false);
     ajax.open("PUT", url);
-    ajax.send(file);
+    ajax.send(this.file);
   }
   
+
   progress(event) {
-    let now = Date.now();
+    const now = Date.now();
-    let speed = (event.loaded - this.uploaded) / (now - this.lastUptime) * 1000;
+    const speed = (event.loaded - this.uploaded) / (now - this.lastUptime) * 1000;
-    let [speedValue, speedUnit] = formatSize(speed);
+    const [speedValue, speedUnit] = formatSize(speed);
     const speedText = `${speedValue}${speedUnit.toLowerCase()}/s`;
     const progress = formatPercent((event.loaded / event.total) * 100);
     const duration = formatDuration((event.total - event.loaded) / speed)
@@ -99,15 +111,34 @@ class Uploader {
 
   complete() {
     this.$uploadStatus.innerHTML = `✓`;
+    Uploader.runings -= 1;
+    Uploader.runQueue();
   }
 
   fail() {
     this.$uploadStatus.innerHTML = `✗`;
+    Uploader.runings -= 1;
+    Uploader.runQueue();
   }
 }
 
 Uploader.globalIdx = 0;
 
+Uploader.runings = 0;
+
+/**
+ * @type Uploader[]
+ */
+Uploader.queues = [];
+
+
+Uploader.runQueue = () => {
+  if (Uploader.runings > 2) return;
+  let uploader = Uploader.queues.shift();
+  if (!uploader) return;
+  uploader.ajax();
+}
+
 /**
  * Add breadcrumb
  * @param {string} href 
@@ -157,6 +188,7 @@ function addPath(file, index) {
   let encodedUrl = encodedStr(url);
   let actionDelete = "";
   let actionDownload = "";
+  let actionMove = "";
   if (file.path_type.endsWith("Dir")) {
     url += "/";
     encodedUrl += "/";
@@ -175,14 +207,21 @@ function addPath(file, index) {
     </div>`;
   }
   if (DATA.allow_delete) {
+    if (DATA.allow_upload) {
+      actionMove = `
+      <div onclick="movePath(${index})" class="action-btn" id="moveBtn${index}" title="Move to new path">
+        <svg width="16" height="16" viewBox="0 0 16 16"><path fill-rule="evenodd" d="M1.5 1.5A.5.5 0 0 0 1 2v4.8a2.5 2.5 0 0 0 2.5 2.5h9.793l-3.347 3.346a.5.5 0 0 0 .708.708l4.2-4.2a.5.5 0 0 0 0-.708l-4-4a.5.5 0 0 0-.708.708L13.293 8.3H3.5A1.5 1.5 0 0 1 2 6.8V2a.5.5 0 0 0-.5-.5z"/></svg>
+      </div>`;
+    }
     actionDelete = `
-    <div onclick="deletePath(${index})" class="action-btn" id="deleteBtn${index}" title="Delete ${encodedName}">
+    <div onclick="deletePath(${index})" class="action-btn" id="deleteBtn${index}" title="Delete">
       <svg width="16" height="16" fill="currentColor"viewBox="0 0 16 16"><path d="M6.854 7.146a.5.5 0 1 0-.708.708L7.293 9l-1.147 1.146a.5.5 0 0 0 .708.708L8 9.707l1.146 1.147a.5.5 0 0 0 .708-.708L8.707 9l1.147-1.146a.5.5 0 0 0-.708-.708L8 8.293 6.854 7.146z"/><path d="M14 14V4.5L9.5 0H4a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h8a2 2 0 0 0 2-2zM9.5 3A1.5 1.5 0 0 0 11 4.5h2V14a1 1 0 0 1-1 1H4a1 1 0 0 1-1-1V2a1 1 0 0 1 1-1h5.5v2z"/></svg>
     </div>`;
   }
   let actionCell = `
   <td class="cell-actions">
     ${actionDownload}
+    ${actionMove}
     ${actionDelete}
   </td>`
 
@@ -201,7 +240,7 @@ function addPath(file, index) {
 }
 
 /**
- * Delete pathitem
+ * Delete path
  * @param {number} index 
  * @returns 
  */
@@ -231,6 +270,44 @@ async function deletePath(index) {
   }
 }
 
+
+/**
+ * Move path
+ * @param {number} index 
+ * @returns 
+ */
+async function movePath(index) {
+  const file = DATA.paths[index];
+  if (!file) return;
+
+  const fileUrl = getUrl(file.name);
+  const fileUrlObj = new URL(fileUrl)
+
+  const prefix = DATA.uri_prefix.slice(0, -1);
+    
+  const filePath = decodeURIComponent(fileUrlObj.pathname.slice(prefix.length));
+
+  const newPath = prompt("Enter new path", filePath)
+  if (!newPath || filePath === newPath) return;
+  const newFileUrl = fileUrlObj.origin + prefix + encodeURI(newPath);
+
+  try {
+    const res = await fetch(getUrl(file.name), {
+      method: "MOVE",
+      headers: {
+        "Destination": newFileUrl,
+      }
+    });
+    if (res.status >= 200 && res.status < 300) {
+      location.href = newFileUrl.split("/").slice(0, -1).join("/")
+    } else {
+      throw new Error(await res.text())
+    }
+  } catch (err) {
+    alert(`Cannot move \`${filePath}\` to \`${newPath}\`, ${err.message}`);
+  }
+}
+
 function dropzone() {
     ["drag", "dragstart", "dragend", "dragover", "dragenter", "dragleave", "drop"].forEach(name => {
       document.addEventListener(name, e => {
@@ -255,6 +332,24 @@ function dropzone() {
     });
 }
 
+/**
+ * Create a folder
+ * @param {string} name 
+ */
+async function createFolder(name) {
+  const url = getUrl(name);
+  try {
+    const res = await fetch(url, {
+      method: "MKCOL",
+    });
+    if (res.status >= 200 && res.status < 300) {
+      location.href = url;
+    }
+  } catch (err) {
+    alert(`Cannot create folder \`${name}\`, ${err.message}`);
+  }
+}
+
 async function addFileEntries(entries, dirs) {
   for (const entry of entries) {
     if (entry.isFile) {
@@ -314,9 +409,9 @@ function formatSize(size) {
 
 function formatDuration(seconds) {
   seconds = Math.ceil(seconds);
-  let h = Math.floor(seconds / 3600);
+  const h = Math.floor(seconds / 3600);
-  let m = Math.floor((seconds - h * 3600) / 60);
+  const m = Math.floor((seconds - h * 3600) / 60);
-  let s = seconds - h * 3600 - m * 60
+  const s = seconds - h * 3600 - m * 60
   return `${padZero(h, 2)}:${padZero(m, 2)}:${padZero(s, 2)}`;
 }
 
@@ -340,6 +435,7 @@ function ready() {
   $pathsTableBody = document.querySelector(".paths-table tbody");
   $uploadersTable = document.querySelector(".uploaders-table");
   $emptyFolder = document.querySelector(".empty-folder");
+  $newFolder = document.querySelector(".new-folder");
 
   if (DATA.allow_search) {
     document.querySelector(".searchbar").classList.remove("hidden");
@@ -365,7 +461,14 @@ function ready() {
   }
   if (DATA.allow_upload) {
     dropzone();
-    document.querySelector(".upload-control").classList.remove("hidden");
+    if (DATA.allow_delete) {
+      $newFolder.classList.remove("hidden");
+      $newFolder.addEventListener("click", () => {
+        const name = prompt("Enter name of new folder");
+        if (name) createFolder(name);
+      });
+    }
+    document.querySelector(".upload-file").classList.remove("hidden");
     document.getElementById("file").addEventListener("change", e => {
       const files = e.target.files;
       for (let file of files) {

src/args.rs

@@ -1,4 +1,5 @@
-use clap::{AppSettings, Arg, ArgMatches, Command};
+use clap::{value_parser, AppSettings, Arg, ArgMatches, Command};
+use clap_complete::{generate, Generator, Shell};
 #[cfg(feature = "tls")]
 use rustls::{Certificate, PrivateKey};
 use std::env;
@@ -9,9 +10,10 @@ use crate::auth::AccessControl;
 use crate::auth::AuthMethod;
 #[cfg(feature = "tls")]
 use crate::tls::{load_certs, load_private_key};
+use crate::utils::encode_uri;
 use crate::BoxResult;
 
-fn app() -> Command<'static> {
+pub fn build_cli() -> Command<'static> {
     let app = Command::new(env!("CARGO_CRATE_NAME"))
         .version(env!("CARGO_PKG_VERSION"))
         .author(env!("CARGO_PKG_AUTHORS"))
@@ -48,7 +50,7 @@ fn app() -> Command<'static> {
             Arg::new("path-prefix")
                 .long("path-prefix")
                 .value_name("path")
-                .help("Specify an path prefix"),
+                .help("Specify a path prefix"),
         )
         .arg(
             Arg::new("hidden")
@@ -118,6 +120,13 @@ fn app() -> Command<'static> {
             Arg::new("render-spa")
                 .long("render-spa")
                 .help("Serve SPA(Single Page Application)"),
+        )
+        .arg(
+            Arg::new("completions")
+                .long("completions")
+                .value_name("shell")
+                .value_parser(value_parser!(Shell))
+                .help("Print shell completion script for <shell>"),
         );
 
     #[cfg(feature = "tls")]
@@ -138,8 +147,8 @@ fn app() -> Command<'static> {
     app
 }
 
-pub fn matches() -> ArgMatches {
+pub fn print_completions<G: Generator>(gen: G, cmd: &mut Command) {
-    app().get_matches()
+    generate(gen, cmd, cmd.get_name().to_string(), &mut std::io::stdout());
 }
 
 #[derive(Debug)]
@@ -188,7 +197,7 @@ impl Args {
         let uri_prefix = if path_prefix.is_empty() {
             "/".to_owned()
         } else {
-            format!("/{}/", &path_prefix)
+            format!("/{}/", &encode_uri(&path_prefix))
         };
         let hidden: String = matches
             .value_of("hidden")

src/main.rs

@@ -10,7 +10,7 @@ mod utils;
 #[macro_use]
 extern crate log;
 
-use crate::args::{matches, Args};
+use crate::args::{build_cli, print_completions, Args};
 use crate::server::{Request, Server};
 #[cfg(feature = "tls")]
 use crate::tls::{TlsAcceptor, TlsStream};
@@ -19,6 +19,7 @@ use std::net::{IpAddr, SocketAddr, TcpListener as StdTcpListener};
 use std::sync::atomic::{AtomicBool, Ordering};
 use std::sync::Arc;
 
+use clap_complete::Shell;
 use futures::future::join_all;
 use tokio::net::TcpListener;
 use tokio::task::JoinHandle;
@@ -37,7 +38,14 @@ async fn main() {
 
 async fn run() -> BoxResult<()> {
     logger::init().map_err(|e| format!("Failed to init logger, {}", e))?;
-    let args = Args::parse(matches())?;
+    let cmd = build_cli();
+    let matches = cmd.get_matches();
+    if let Some(generator) = matches.get_one::<Shell>("completions") {
+        let mut cmd = build_cli();
+        print_completions(*generator, &mut cmd);
+        return Ok(());
+    }
+    let args = Args::parse(matches)?;
     let args = Arc::new(args);
     let running = Arc::new(AtomicBool::new(true));
     let handles = serve(args.clone(), running.clone())?;

src/server.rs

@@ -9,13 +9,13 @@ use async_zip::Compression;
 use chrono::{TimeZone, Utc};
 use futures::TryStreamExt;
 use headers::{
-    AcceptRanges, AccessControlAllowCredentials, AccessControlAllowHeaders,
+    AcceptRanges, AccessControlAllowCredentials, AccessControlAllowOrigin, Connection,
-    AccessControlAllowOrigin, Connection, ContentLength, ContentType, ETag, HeaderMap,
+    ContentLength, ContentType, ETag, HeaderMap, HeaderMapExt, IfModifiedSince, IfNoneMatch,
-    HeaderMapExt, IfModifiedSince, IfNoneMatch, IfRange, LastModified, Range,
+    IfRange, LastModified, Range,
 };
 use hyper::header::{
-    HeaderValue, ACCEPT, AUTHORIZATION, CONTENT_DISPOSITION, CONTENT_LENGTH, CONTENT_RANGE,
+    HeaderValue, AUTHORIZATION, CONTENT_DISPOSITION, CONTENT_LENGTH, CONTENT_RANGE, CONTENT_TYPE,
-    CONTENT_TYPE, ORIGIN, RANGE, WWW_AUTHENTICATE,
+    RANGE, WWW_AUTHENTICATE,
 };
 use hyper::{Body, Method, StatusCode, Uri};
 use serde::Serialize;
@@ -45,15 +45,30 @@ const BUF_SIZE: usize = 65536;
 pub struct Server {
     args: Arc<Args>,
     assets_prefix: String,
+    single_file_req_paths: Vec<String>,
     running: Arc<AtomicBool>,
 }
 
 impl Server {
     pub fn new(args: Arc<Args>, running: Arc<AtomicBool>) -> Self {
         let assets_prefix = format!("{}__dufs_v{}_", args.uri_prefix, env!("CARGO_PKG_VERSION"));
+        let single_file_req_paths = if args.path_is_file {
+            vec![
+                args.uri_prefix.to_string(),
+                args.uri_prefix[0..args.uri_prefix.len() - 1].to_string(),
+                encode_uri(&format!(
+                    "{}{}",
+                    &args.uri_prefix,
+                    get_file_name(&args.path)
+                )),
+            ]
+        } else {
+            vec![]
+        };
         Self {
             args,
             running,
+            single_file_req_paths,
             assets_prefix,
         }
     }
@@ -118,8 +133,16 @@ impl Server {
         let head_only = method == Method::HEAD;
 
         if self.args.path_is_file {
+            if self
+                .single_file_req_paths
+                .iter()
+                .any(|v| v.as_str() == req_path)
+            {
                 self.handle_send_file(&self.args.path, headers, head_only, &mut res)
                     .await?;
+            } else {
+                status_not_found(&mut res);
+            }
             return Ok(res);
         }
 
@@ -239,7 +262,7 @@ impl Server {
                     } else if is_miss {
                         status_not_found(&mut res);
                     } else {
-                        self.handle_copy(path, headers, &mut res).await?
+                        self.handle_copy(path, &req, &mut res).await?
                     }
                 }
                 "MOVE" => {
@@ -248,7 +271,7 @@ impl Server {
                     } else if is_miss {
                         status_not_found(&mut res);
                     } else {
-                        self.handle_move(path, headers, &mut res).await?
+                        self.handle_move(path, &req, &mut res).await?
                     }
                 }
                 "LOCK" => {
@@ -643,16 +666,10 @@ impl Server {
         Ok(())
     }
 
-    async fn handle_copy(
+    async fn handle_copy(&self, path: &Path, req: &Request, res: &mut Response) -> BoxResult<()> {
-        &self,
+        let dest = match self.extract_dest(req, res) {
-        path: &Path,
-        headers: &HeaderMap<HeaderValue>,
-        res: &mut Response,
-    ) -> BoxResult<()> {
-        let dest = match self.extract_dest(headers) {
             Some(dest) => dest,
             None => {
-                *res.status_mut() = StatusCode::BAD_REQUEST;
                 return Ok(());
             }
         };
@@ -671,16 +688,10 @@ impl Server {
         Ok(())
     }
 
-    async fn handle_move(
+    async fn handle_move(&self, path: &Path, req: &Request, res: &mut Response) -> BoxResult<()> {
-        &self,
+        let dest = match self.extract_dest(req, res) {
-        path: &Path,
-        headers: &HeaderMap<HeaderValue>,
-        res: &mut Response,
-    ) -> BoxResult<()> {
-        let dest = match self.extract_dest(headers) {
             Some(dest) => dest,
             None => {
-                *res.status_mut() = StatusCode::BAD_REQUEST;
                 return Ok(());
             }
         };
@@ -799,10 +810,43 @@ DATA = {}
             .unwrap_or_default()
     }
 
-    fn extract_dest(&self, headers: &HeaderMap<HeaderValue>) -> Option<PathBuf> {
+    fn extract_dest(&self, req: &Request, res: &mut Response) -> Option<PathBuf> {
+        let headers = req.headers();
+        let dest_path = match self.extract_destination_header(headers) {
+            Some(dest) => dest,
+            None => {
+                *res.status_mut() = StatusCode::BAD_REQUEST;
+                return None;
+            }
+        };
+        let authorization = headers.get(AUTHORIZATION);
+        let guard_type = self.args.auth.guard(
+            &dest_path,
+            req.method(),
+            authorization,
+            self.args.auth_method.clone(),
+        );
+        if guard_type.is_reject() {
+            *res.status_mut() = StatusCode::FORBIDDEN;
+            *res.body_mut() = Body::from("Forbidden");
+            return None;
+        }
+
+        let dest = match self.extract_path(&dest_path) {
+            Some(dest) => dest,
+            None => {
+                *res.status_mut() = StatusCode::BAD_REQUEST;
+                return None;
+            }
+        };
+
+        Some(dest)
+    }
+
+    fn extract_destination_header(&self, headers: &HeaderMap<HeaderValue>) -> Option<String> {
         let dest = headers.get("Destination")?.to_str().ok()?;
         let uri: Uri = dest.parse().ok()?;
-        self.extract_path(uri.path())
+        Some(uri.path().to_string())
     }
 
     fn extract_path(&self, path: &str) -> Option<PathBuf> {
@@ -987,11 +1031,19 @@ fn add_cors(res: &mut Response) {
         .typed_insert(AccessControlAllowOrigin::ANY);
     res.headers_mut()
         .typed_insert(AccessControlAllowCredentials);
-
+    res.headers_mut().insert(
-    res.headers_mut().typed_insert(
+        "Access-Control-Allow-Methods",
-        vec![RANGE, CONTENT_TYPE, ACCEPT, ORIGIN, WWW_AUTHENTICATE]
+        HeaderValue::from_static("GET,HEAD,PUT,OPTIONS,DELETE,PROPFIND,COPY,MOVE"),
-            .into_iter()
+    );
-            .collect::<AccessControlAllowHeaders>(),
+    res.headers_mut().insert(
+        "Access-Control-Allow-Headers",
+        HeaderValue::from_static("Authorization,Destination,Range"),
+    );
+    res.headers_mut().insert(
+        "Access-Control-Expose-Headers",
+        HeaderValue::from_static(
+            "WWW-Authenticate,Content-Range,Accept-Ranges,Content-Disposition",
+        ),
     );
 }
 

tests/args.rs

@@ -1,11 +1,10 @@
+//! Run file server with different args
+
 mod fixtures;
 mod utils;
 
-use assert_cmd::prelude::*;
+use fixtures::{server, Error, TestServer};
-use assert_fs::fixture::TempDir;
-use fixtures::{port, server, tmpdir, wait_for_port, Error, TestServer};
 use rstest::rstest;
-use std::process::{Command, Stdio};
 
 #[rstest]
 fn path_prefix_index(#[with(&["--path-prefix", "xyz"])] server: TestServer) -> Result<(), Error> {
@@ -31,22 +30,3 @@ fn path_prefix_propfind(
     assert!(text.contains("<D:href>/xyz/</D:href>"));
     Ok(())
 }
-
-#[rstest]
-#[case("index.html")]
-fn serve_single_file(tmpdir: TempDir, port: u16, #[case] file: &str) -> Result<(), Error> {
-    let mut child = Command::cargo_bin("dufs")?
-        .arg(tmpdir.path().join(file))
-        .arg("-p")
-        .arg(port.to_string())
-        .stdout(Stdio::piped())
-        .spawn()?;
-
-    wait_for_port(port);
-
-    let resp = reqwest::blocking::get(format!("http://localhost:{}/index.html", port))?;
-    assert_eq!(resp.text()?, "This is index.html");
-
-    child.kill()?;
-    Ok(())
-}

tests/auth.rs

@@ -95,3 +95,29 @@ fn auth_basic(
     assert_eq!(resp.status(), 201);
     Ok(())
 }
+
+#[rstest]
+fn auth_webdav_move(
+    #[with(&["--auth", "/@user:pass@*", "--auth", "/dira@user3:pass3", "-A"])] server: TestServer,
+) -> Result<(), Error> {
+    let origin_url = format!("{}dira/test.html", server.url());
+    let new_url = format!("{}test2.html", server.url());
+    let resp = fetch!(b"MOVE", &origin_url)
+        .header("Destination", &new_url)
+        .send_with_digest_auth("user3", "pass3")?;
+    assert_eq!(resp.status(), 403);
+    Ok(())
+}
+
+#[rstest]
+fn auth_webdav_copy(
+    #[with(&["--auth", "/@user:pass@*", "--auth", "/dira@user3:pass3", "-A"])] server: TestServer,
+) -> Result<(), Error> {
+    let origin_url = format!("{}dira/test.html", server.url());
+    let new_url = format!("{}test2.html", server.url());
+    let resp = fetch!(b"COPY", &origin_url)
+        .header("Destination", &new_url)
+        .send_with_digest_auth("user3", "pass3")?;
+    assert_eq!(resp.status(), 403);
+    Ok(())
+}

tests/cli.rs

@@ -0,0 +1,32 @@
+//! Run cli with different args, not starting a server
+
+mod fixtures;
+
+use assert_cmd::prelude::*;
+use clap::ValueEnum;
+use clap_complete::Shell;
+use fixtures::Error;
+use std::process::Command;
+
+#[test]
+/// Show help and exit.
+fn help_shows() -> Result<(), Error> {
+    Command::cargo_bin("dufs")?.arg("-h").assert().success();
+
+    Ok(())
+}
+
+#[test]
+/// Print completions and exit.
+fn print_completions() -> Result<(), Error> {
+    // let shell_enums = EnumValueParser::<Shell>::new();
+    for shell in Shell::value_variants() {
+        Command::cargo_bin("dufs")?
+            .arg("--completions")
+            .arg(shell.to_string())
+            .assert()
+            .success();
+    }
+
+    Ok(())
+}

tests/cors.rs

@@ -7,31 +7,27 @@ use rstest::rstest;
 #[rstest]
 fn cors(#[with(&["--enable-cors"])] server: TestServer) -> Result<(), Error> {
     let resp = reqwest::blocking::get(server.url())?;
-
     assert_eq!(
         resp.headers().get("access-control-allow-origin").unwrap(),
         "*"
     );
     assert_eq!(
-        resp.headers().get("access-control-allow-headers").unwrap(),
+        resp.headers()
-        "range, content-type, accept, origin, www-authenticate"
+            .get("access-control-allow-credentials")
+            .unwrap(),
+        "true"
     );
-
-    Ok(())
-}
-
-#[rstest]
-fn cors_options(#[with(&["--enable-cors"])] server: TestServer) -> Result<(), Error> {
-    let resp = fetch!(b"OPTIONS", server.url()).send()?;
-
     assert_eq!(
-        resp.headers().get("access-control-allow-origin").unwrap(),
+        resp.headers().get("access-control-allow-methods").unwrap(),
-        "*"
+        "GET,HEAD,PUT,OPTIONS,DELETE,PROPFIND,COPY,MOVE"
     );
     assert_eq!(
         resp.headers().get("access-control-allow-headers").unwrap(),
-        "range, content-type, accept, origin, www-authenticate"
+        "Authorization,Destination,Range"
+    );
+    assert_eq!(
+        resp.headers().get("access-control-expose-headers").unwrap(),
+        "WWW-Authenticate,Content-Range,Accept-Ranges,Content-Disposition"
     );
-
     Ok(())
 }

tests/single_file.rs

@@ -0,0 +1,60 @@
+//! Run file server with different args
+
+mod fixtures;
+mod utils;
+
+use assert_cmd::prelude::*;
+use assert_fs::fixture::TempDir;
+use fixtures::{port, tmpdir, wait_for_port, Error};
+use rstest::rstest;
+use std::process::{Command, Stdio};
+
+#[rstest]
+#[case("index.html")]
+fn single_file(tmpdir: TempDir, port: u16, #[case] file: &str) -> Result<(), Error> {
+    let mut child = Command::cargo_bin("dufs")?
+        .arg(tmpdir.path().join(file))
+        .arg("-p")
+        .arg(port.to_string())
+        .stdout(Stdio::piped())
+        .spawn()?;
+
+    wait_for_port(port);
+
+    let resp = reqwest::blocking::get(format!("http://localhost:{}", port))?;
+    assert_eq!(resp.text()?, "This is index.html");
+    let resp = reqwest::blocking::get(format!("http://localhost:{}/", port))?;
+    assert_eq!(resp.text()?, "This is index.html");
+    let resp = reqwest::blocking::get(format!("http://localhost:{}/index.html", port))?;
+    assert_eq!(resp.text()?, "This is index.html");
+
+    child.kill()?;
+    Ok(())
+}
+
+#[rstest]
+#[case("index.html")]
+fn path_prefix_single_file(tmpdir: TempDir, port: u16, #[case] file: &str) -> Result<(), Error> {
+    let mut child = Command::cargo_bin("dufs")?
+        .arg(tmpdir.path().join(file))
+        .arg("-p")
+        .arg(port.to_string())
+        .arg("--path-prefix")
+        .arg("xyz")
+        .stdout(Stdio::piped())
+        .spawn()?;
+
+    wait_for_port(port);
+
+    let resp = reqwest::blocking::get(format!("http://localhost:{}/xyz", port))?;
+    assert_eq!(resp.text()?, "This is index.html");
+    let resp = reqwest::blocking::get(format!("http://localhost:{}/xyz/", port))?;
+    assert_eq!(resp.text()?, "This is index.html");
+    let resp = reqwest::blocking::get(format!("http://localhost:{}/xyz/index.html", port))?;
+    assert_eq!(resp.text()?, "This is index.html");
+    let resp = reqwest::blocking::get(format!("http://localhost:{}", port))?;
+    assert_eq!(resp.status(), 404);
+
+    child.kill()?;
+    Ok(())
+}