sigoden/dufs
1
0
Fork 0
mirror of https://github.com/sigoden/dufs.git synced 2026-04-09 09:09:03 +03:00
Code Issues 8 Packages Projects Releases 10 Wiki Activity

Compare commits

base: sigoden:v0.35.0
Branches Tags
sigoden:main sigoden:chore-release
sigoden:v0.46.0-rc1 sigoden:v0.45.0 sigoden:v0.44.0 sigoden:v0.43.0 sigoden:v0.42.0 sigoden:v0.41.0 sigoden:v0.40.0 sigoden:v0.39.0 sigoden:v0.38.0 sigoden:v0.37.1 sigoden:v0.37.0 sigoden:v0.36.0 sigoden:v0.35.0 sigoden:v0.34.2 sigoden:v0.34.1 sigoden:v0.34.0 sigoden:v0.33.0 sigoden:v0.32.0 sigoden:v0.31.0 sigoden:v0.30.0 sigoden:v0.29.0 sigoden:v0.28.0 sigoden:v0.27.0 sigoden:v0.26.0 sigoden:v0.25.0 sigoden:v0.24.0 sigoden:v0.23.1 sigoden:v0.23.0 sigoden:v0.22.0 sigoden:v0.21.0 sigoden:v0.20.0 sigoden:v0.19.0 sigoden:v0.18.0 sigoden:v0.17.1 sigoden:v0.17.0 sigoden:v0.16.0 sigoden:v0.15.1 sigoden:v0.15.0 sigoden:v0.14.0 sigoden:v0.13.2 sigoden:v0.13.1 sigoden:v0.13.0 sigoden:v0.12.1 sigoden:v0.11.0 sigoden:v0.10.1 sigoden:v0.10.0 sigoden:v0.9.0 sigoden:v0.8.0 sigoden:v0.7.0 sigoden:v0.6.0 sigoden:v0.5.0 sigoden:v0.4.0 sigoden:v0.3.0 sigoden:v0.2.1 sigoden:v0.2.0 sigoden:v0.1.0
...
compare: sigoden:v0.38.0
Branches Tags
sigoden:chore-release sigoden:main
sigoden:v0.46.0-rc1 sigoden:v0.45.0 sigoden:v0.44.0 sigoden:v0.43.0 sigoden:v0.42.0 sigoden:v0.41.0 sigoden:v0.40.0 sigoden:v0.39.0 sigoden:v0.38.0 sigoden:v0.37.1 sigoden:v0.37.0 sigoden:v0.36.0 sigoden:v0.35.0 sigoden:v0.34.2 sigoden:v0.34.1 sigoden:v0.34.0 sigoden:v0.33.0 sigoden:v0.32.0 sigoden:v0.31.0 sigoden:v0.30.0 sigoden:v0.29.0 sigoden:v0.28.0 sigoden:v0.27.0 sigoden:v0.26.0 sigoden:v0.25.0 sigoden:v0.24.0 sigoden:v0.23.1 sigoden:v0.23.0 sigoden:v0.22.0 sigoden:v0.21.0 sigoden:v0.20.0 sigoden:v0.19.0 sigoden:v0.18.0 sigoden:v0.17.1 sigoden:v0.17.0 sigoden:v0.16.0 sigoden:v0.15.1 sigoden:v0.15.0 sigoden:v0.14.0 sigoden:v0.13.2 sigoden:v0.13.1 sigoden:v0.13.0 sigoden:v0.12.1 sigoden:v0.11.0 sigoden:v0.10.1 sigoden:v0.10.0 sigoden:v0.9.0 sigoden:v0.8.0 sigoden:v0.7.0 sigoden:v0.6.0 sigoden:v0.5.0 sigoden:v0.4.0 sigoden:v0.3.0 sigoden:v0.2.1 sigoden:v0.2.0 sigoden:v0.1.0

30 Commits
v0.35.0 ... v0.38.0

Author SHA1 Message Date
sigoden
0cec573579 chore: release v0.38.0 2023-11-29 07:49:50 +08:00
sigoden
073b098111 feat: ui supports view file (#301) 2023-11-28 07:14:53 +08:00
sigoden
6ff8b29b69 feat: more flexible config values (#299) 2023-11-27 04:24:25 +08:00
sigoden
7584fe3d08 feat: deprecate the use of | to separate auth rules (#298) 2023-11-26 22:15:49 +08:00
sigoden
653cd167d0 feat: password can contain : @ | (#297) 2023-11-26 20:47:57 +08:00
sigoden
ab29e39148 chore: trivial updates 2023-11-26 15:04:12 +08:00
sigoden
f8d6859354 refactor: ui improve uploading progress (#296) 2023-11-26 10:23:37 +08:00
sigoden
130435c387 chore: update readme 2023-11-25 19:07:37 +08:00
sigoden
afdfde01f0 fix: unable to start if config file omit bind/port fields (#294) 2023-11-25 18:54:36 +08:00
sigoden
ae97c714d6 refactor: ui change the cursor for upload-btn to a pointer (#291) 2023-11-21 16:24:59 +08:00
sigoden
c352dab470 refactor: take improvements from the edge browser (#289) 2023-11-15 19:44:44 +08:00
sigoden
743db47f90 chore: release v0.37.1 2023-11-08 11:11:36 +08:00
sigoden
a476c15a09 fix: use DUFS_CONFIG to specify the config file path (#286) 2023-11-08 11:10:47 +08:00
sigoden
0d74fa3ec5 chore: release v0.37.0 2023-11-08 10:41:24 +08:00
sigoden
b83cc6938b chore: update readme 2023-11-07 22:45:53 +08:00
sigoden
a187b14885 chore: update deps and ci (#284) 2023-11-04 19:47:13 +08:00
sigoden
d3de3db0d9 feat: support hashed password (#283) 2023-11-04 18:12:58 +08:00
sigoden
80ac9afe68 refactor: improve code quanity (#282) 
- rename LogHttp to HttpLogger
 2023-11-04 17:10:38 +08:00
sigoden
4ef07737e1 feat: support config file with --config option (#281) 2023-11-04 16:58:19 +08:00
sigoden
5782c5f413 chore: update description for --auth 2023-11-03 21:08:05 +08:00
sigoden
8b4cab1e69 fix: auto delete half-uploaded files (#280) 2023-11-03 20:58:53 +08:00
sigoden
70300b133c feat: deprecate --auth-method, as both options are available (#279) 
* feat: deprecate `--auth-method`, both are avaiable

* send one www-authenticate with two schemes
 2023-11-03 20:36:23 +08:00
sigoden
7ea4bb808d refactor: optimize tests 2023-11-03 15:25:20 +08:00
sigoden
6766e0d437 fix: ui show user-name next to the user-icon (#278) 2023-11-03 14:55:07 +08:00
tieway59
53c9bc8bea refactor: remove one clone on assets_prefix (#270) 
This clone is not consist with the usage of `assets_prefix` in following
code and it's unnecessary.

Signed-off-by: TieWay59 <tieway59@foxmail.com>
 2023-10-05 08:50:24 +08:00
sigoden
60df3b473c fix: sort path ignore case (#264) 2023-09-06 23:25:04 +08:00
sigoden
6510ae8be9 chore: release v0.36.0 2023-08-24 18:46:30 +08:00
sigoden
9545fb6e37 fix: ui readonly if no write perm (#258) 2023-08-24 18:32:34 +08:00
sigoden
0fd0f11298 chore: update deps 2023-08-24 16:46:38 +08:00
figsoda
46aa8fcc02 test: remove dependency on native tls (#255) 2023-08-15 11:01:25 +08:00
21 changed files with 1672 additions and 1119 deletions
Expand all files Collapse all files

4
.github/workflows/release.yaml vendored
View File

@@ -27,7 +27,7 @@ jobs:
- target: aarch64-pc-windows-msvc - target: aarch64-pc-windows-msvc
os: windows-latest os: windows-latest
use-cross: true use-cross: true
cargo-flags: "--no-default-features" cargo-flags: ""
- target: x86_64-apple-darwin - target: x86_64-apple-darwin
os: macos-latest os: macos-latest
cargo-flags: "" cargo-flags: ""
@@ -94,6 +94,8 @@ jobs:
uses: dtolnay/rust-toolchain@stable uses: dtolnay/rust-toolchain@stable
with: with:
targets: ${{ matrix.target }} targets: ${{ matrix.target }}
# Since rust 1.72, mips platforms are tier 3
toolchain: 1.71
- name: Install cross - name: Install cross
if: matrix.use-cross if: matrix.use-cross

55
CHANGELOG.md
View File

@@ -2,6 +2,61 @@
All notable changes to this project will be documented in this file. All notable changes to this project will be documented in this file.
## [0.38.0] - 2023-11-28
### Bug Fixes
- Unable to start if config file omit bind/port fields ([#294](https://github.com/sigoden/dufs/issues/294))
### Features
- Password can contain `:` `@` `|` ([#297](https://github.com/sigoden/dufs/issues/297))
- Deprecate the use of `|` to separate auth rules ([#298](https://github.com/sigoden/dufs/issues/298))
- More flexible config values ([#299](https://github.com/sigoden/dufs/issues/299))
- Ui supports view file ([#301](https://github.com/sigoden/dufs/issues/301))
### Refactor
- Take improvements from the edge browser ([#289](https://github.com/sigoden/dufs/issues/289))
- Ui change the cursor for upload-btn to a pointer ([#291](https://github.com/sigoden/dufs/issues/291))
- Ui improve uploading progress ([#296](https://github.com/sigoden/dufs/issues/296))
## [0.37.1] - 2023-11-08
### Bug Fixes
- Use DUFS_CONFIG to specify the config file path ([#286](https://github.com/sigoden/dufs/issues/286)
## [0.37.0] - 2023-11-08
### Bug Fixes
- Sort path ignore case ([#264](https://github.com/sigoden/dufs/issues/264))
- Ui show user-name next to the user-icon ([#278](https://github.com/sigoden/dufs/issues/278))
- Auto delete half-uploaded files ([#280](https://github.com/sigoden/dufs/issues/280))
### Features
- Deprecate `--auth-method`, as both options are available ([#279](https://github.com/sigoden/dufs/issues/279))
- Support config file with `--config` option ([#281](https://github.com/sigoden/dufs/issues/281))
- Support hashed password ([#283](https://github.com/sigoden/dufs/issues/283))
### Refactor
- Remove one clone on `assets_prefix` ([#270](https://github.com/sigoden/dufs/issues/270))
- Optimize tests
- Improve code quanity ([#282](https://github.com/sigoden/dufs/issues/282))
## [0.36.0] - 2023-08-24
### Bug Fixes
- Ui readonly if no write perm ([#258](https://github.com/sigoden/dufs/issues/258))
### Testing
- Remove dependency on native tls ([#255](https://github.com/sigoden/dufs/issues/255))
## [0.35.0] - 2023-08-14 ## [0.35.0] - 2023-08-14
### Bug Fixes ### Bug Fixes

1037
Cargo.lock generated
View File

File diff suppressed because it is too large Load Diff

11
Cargo.toml
View File

@@ -1,6 +1,6 @@
[package] [package]
name = "dufs" name = "dufs"
version = "0.35.0" version = "0.38.0"
edition = "2021" edition = "2021"
authors = ["sigoden <sigoden@gmail.com>"] authors = ["sigoden <sigoden@gmail.com>"]
description = "Dufs is a distinctive utility file server" description = "Dufs is a distinctive utility file server"
@@ -13,7 +13,7 @@ keywords = ["static", "file", "server", "webdav", "cli"]
[dependencies] [dependencies]
clap = { version = "4", features = ["wrap_help", "env"] } clap = { version = "4", features = ["wrap_help", "env"] }
clap_complete = "4" clap_complete = "4"
chrono = "0.4" chrono = { version = "0.4", default-features = false, features = ["clock"] }
tokio = { version = "1", features = ["rt-multi-thread", "macros", "fs", "io-util", "signal"]} tokio = { version = "1", features = ["rt-multi-thread", "macros", "fs", "io-util", "signal"]}
tokio-util = { version = "0.7", features = ["io-util", "compat"] } tokio-util = { version = "0.7", features = ["io-util", "compat"] }
hyper = { version = "0.14", features = ["http1", "server", "tcp", "stream"] } hyper = { version = "0.14", features = ["http1", "server", "tcp", "stream"] }
@@ -21,7 +21,6 @@ percent-encoding = "2.3"
serde = { version = "1", features = ["derive"] } serde = { version = "1", features = ["derive"] }
serde_json = "1" serde_json = "1"
futures = "0.3" futures = "0.3"
base64 = "0.21"
async_zip = { version = "0.0.15", default-features = false, features = ["deflate", "chrono", "tokio"] } async_zip = { version = "0.0.15", default-features = false, features = ["deflate", "chrono", "tokio"] }
headers = "0.3" headers = "0.3"
mime_guess = "2.0" mime_guess = "2.0"
@@ -45,6 +44,10 @@ anyhow = "1.0"
chardetng = "0.1" chardetng = "0.1"
glob = "0.3.1" glob = "0.3.1"
indexmap = "2.0" indexmap = "2.0"
serde_yaml = "0.9.27"
sha-crypt = "0.5.0"
base64 = "0.21.5"
smart-default = "0.7.1"
[features] [features]
default = ["tls"] default = ["tls"]
@@ -58,7 +61,7 @@ port_check = "0.1"
rstest = "0.18" rstest = "0.18"
regex = "1" regex = "1"
url = "2" url = "2"
diqwest = { version = "1", features = ["blocking"] } diqwest = { version = "1", features = ["blocking", "rustls-tls"], default-features = false }
predicates = "3" predicates = "3"
[profile.release] [profile.release]

125
README.md
View File

@@ -48,18 +48,18 @@ Download from [Github Releases](https://github.com/sigoden/dufs/releases), unzip
``` ```
Dufs is a distinctive utility file server - https://github.com/sigoden/dufs Dufs is a distinctive utility file server - https://github.com/sigoden/dufs
Usage: dufs [OPTIONS] [serve_path] Usage: dufs [OPTIONS] [serve-path]
Arguments: Arguments:
[serve_path] Specific path to serve [default: .] [serve-path] Specific path to serve [default: .]
Options: Options:
-c, --config <config> Specify configuration file
-b, --bind <addrs> Specify bind address or unix socket -b, --bind <addrs> Specify bind address or unix socket
-p, --port <port> Specify port to listen on [default: 5000] -p, --port <port> Specify port to listen on [default: 5000]
--path-prefix <path> Specify a path prefix --path-prefix <path> Specify a path prefix
--hidden <value> Hide paths from directory listings, separated by `,` --hidden <value> Hide paths from directory listings, e.g. tmp,*.log,*.lock
-a, --auth <rules> Add auth role -a, --auth <rules> Add auth roles, e.g. user:pass@/dir1:rw,/dir2
--auth-method <value> Select auth method [default: digest] [possible values: basic, digest]
-A, --allow-all Allow all operations -A, --allow-all Allow all operations
--allow-upload Allow upload files/folders --allow-upload Allow upload files/folders
--allow-delete Allow delete files/folders --allow-delete Allow delete files/folders
@@ -70,18 +70,18 @@ Options:
--render-index Serve index.html when requesting a directory, returns 404 if not found index.html --render-index Serve index.html when requesting a directory, returns 404 if not found index.html
--render-try-index Serve index.html when requesting a directory, returns directory listing if not found index.html --render-try-index Serve index.html when requesting a directory, returns directory listing if not found index.html
--render-spa Serve SPA(Single Page Application) --render-spa Serve SPA(Single Page Application)
--assets <path> Use custom assets to override builtin assets --assets <path> Set the path to the assets directory for overriding the built-in assets
--tls-cert <path> Path to an SSL/TLS certificate to serve with HTTPS
--tls-key <path> Path to the SSL/TLS certificate's private key
--log-format <format> Customize http log format --log-format <format> Customize http log format
--completions <shell> Print shell completion script for <shell> [possible values: bash, elvish, fish, powershell, zsh] --completions <shell> Print shell completion script for <shell> [possible values: bash, elvish, fish, powershell, zsh]
--tls-cert <path> Path to an SSL/TLS certificate to serve with HTTPS
--tls-key <path> Path to the SSL/TLS certificate's private key
-h, --help Print help -h, --help Print help
-V, --version Print version -V, --version Print version
``` ```
## Examples ## Examples
Serve current working directory in readonly mode Serve current working directory in read-only mode
``` ```
dufs dufs
@@ -186,16 +186,16 @@ curl -X MOVE https://127.0.0.1:5000/path -H "Destination: https://127.0.0.1:5000
List/search directory contents List/search directory contents
``` ```
curl http://127.0.0.1:5000?simple # output names only, just like `ls -1` curl http://127.0.0.1:5000?q=Dockerfile # search for files, similar to `find -name Dockerfile`
curl http://127.0.0.1:5000?simple # output names only, similar to `ls -1`
curl http://127.0.0.1:5000?json # output paths in json format curl http://127.0.0.1:5000?json # output paths in json format
curl http://127.0.0.1:5000?q=Dockerfile&simple # search for files, just like `find -name Dockerfile`
``` ```
With authorization With authorization
``` ```
curl --user user:pass --digest http://192.168.8.10:5000/file # digest auth curl http://192.168.8.10:5000/file --user user:pass # basic auth
curl --user user:pass http://192.168.8.10:5000/file # basic auth curl http://192.168.8.10:5000/file --user user:pass --digest # digest auth
``` ```
<details> <details>
@@ -206,45 +206,43 @@ curl --user user:pass http://192.168.8.10:5000/file # basic auth
Dufs supports account based access control. You can control who can do what on which path with `--auth`/`-a`. Dufs supports account based access control. You can control who can do what on which path with `--auth`/`-a`.
``` ```
dufs -a [user:pass]@path[:rw][,path[:rw]...][|...] dufs -a user:pass@/path1:rw,/path2 -a user2:pass2@/path3 -a @/path4
``` ```
1. Multiple rules are separated by "|" 1. Use `@` to separate the account and paths. No account means anonymous user.
2. User and pass are the account name and password, if omitted, it is an anonymous user 2. Use `:` to separate the username and password of the account.
3. One rule can set multiple paths, separated by "," 3. Use `,` to separate paths.
4. Add `:rw` after the path to indicate that the path has read and write permissions, otherwise the path has readonly permissions. 4. Use `:rw` suffix to indicate that the account has read-write permission on the path.
- `-a admin:amdin@/:rw`: `admin` has complete permissions for all paths.
- `-a guest:guest@/`: `guest` has read-only permissions for all paths.
- `-a user:pass@/dir1:rw,/dir2`: `user` has complete permissions for `/dir1/*`, has read-only permissions for `/dir2/`.
- `-a @/`: All paths is publicly accessible, everyone can view/download it.
> There are no restrictions on using ':' and '@' characters in a password, `user:pa:ss@1@/:rw` is valid, and the password is `pa:ss@1`.
#### Hashed Password
DUFS supports the use of sha-512 hashed password.
Create hashed password
``` ```
dufs -A -a admin:admin@/:rw $ mkpasswd -m sha-512 -s
Password: 123456
$6$qCAVUG7yn7t/hH4d$BWm8r5MoDywNmDP/J3V2S2a6flmKHC1IpblfoqZfuK.LtLBZ0KFXP9QIfJP8RqL8MCw4isdheoAMTuwOz.pAO/
``` ```
`admin` has all permissions for all paths.
Use hashed password
``` ```
dufs -A -a admin:admin@/:rw -a guest:guest@/ dufs -a 'admin:$6$qCAVUG7yn7t/hH4d$BWm8r5MoDywNmDP/J3V2S2a6flmKHC1IpblfoqZfuK.LtLBZ0KFXP9QIfJP8RqL8MCw4isdheoAMTuwOz.pAO/@/:rw'
``` ```
`guest` has readonly permissions for all paths.
``` Two important things for hashed passwords:
dufs -A -a admin:admin@/:rw -a @/
```
All paths is public, everyone can view/download it.
``` 1. Dufs only supports sha-512 hashed passwords, so ensure that the password string always starts with `$6$`.
dufs -A -a admin:admin@/:rw -a user1:pass1@/user1:rw -a user2:pass2@/user2 2. Digest authentication does not function properly with hashed passwords.
dufs -A -a "admin:admin@/:rw|user1:pass1@/user1:rw|user2:pass2@/user2"
```
`user1` has all permissions for `/user1/*` path.
`user2` has all permissions for `/user2/*` path.
```
dufs -A -a user:pass@/dir1:rw,/dir2:rw,dir3
```
`user` has all permissions for `/dir1/*` and `/dir2/*`, has readonly permissions for `/dir3/`.
```
dufs -a admin:admin@/
```
Since dufs only allows viewing/downloading, `admin` can only view/download files.
### Hide Paths ### Hide Paths
@@ -260,6 +258,7 @@ dufs --hidden .git,.DS_Store,tmp
dufs --hidden '.*' # hidden dotfiles dufs --hidden '.*' # hidden dotfiles
dufs --hidden '*/' # hidden all folders dufs --hidden '*/' # hidden all folders
dufs --hidden '*.log,*.lock' # hidden by exts dufs --hidden '*.log,*.lock' # hidden by exts
dufs --hidden '*.log' --hidden '*.lock'
``` ```
### Log Format ### Log Format
@@ -308,13 +307,13 @@ dufs --log-format '$remote_addr $remote_user "$request" $status' -a /@admin:admi
All options can be set using environment variables prefixed with `DUFS_`. All options can be set using environment variables prefixed with `DUFS_`.
``` ```
[SERVE_PATH] DUFS_SERVE_PATH=/dir [serve-path] DUFS_SERVE_PATH="."
--config <path> DUFS_CONFIG=config.yaml
-b, --bind <addrs> DUFS_BIND=0.0.0.0 -b, --bind <addrs> DUFS_BIND=0.0.0.0
-p, --port <port> DUFS_PORT=5000 -p, --port <port> DUFS_PORT=5000
--path-prefix <path> DUFS_PATH_PREFIX=/path --path-prefix <path> DUFS_PATH_PREFIX=/static
--hidden <value> DUFS_HIDDEN=*.log --hidden <value> DUFS_HIDDEN=tmp,*.log,*.lock
-a, --auth <rules> DUFS_AUTH="admin:admin@/:rw|@/" -a, --auth <rules> DUFS_AUTH="admin:admin@/:rw|@/"
--auth-method <value> DUFS_AUTH_METHOD=basic
-A, --allow-all DUFS_ALLOW_ALL=true -A, --allow-all DUFS_ALLOW_ALL=true
--allow-upload DUFS_ALLOW_UPLOAD=true --allow-upload DUFS_ALLOW_UPLOAD=true
--allow-delete DUFS_ALLOW_DELETE=true --allow-delete DUFS_ALLOW_DELETE=true
@@ -326,9 +325,43 @@ All options can be set using environment variables prefixed with `DUFS_`.
--render-try-index DUFS_RENDER_TRY_INDEX=true --render-try-index DUFS_RENDER_TRY_INDEX=true
--render-spa DUFS_RENDER_SPA=true --render-spa DUFS_RENDER_SPA=true
--assets <path> DUFS_ASSETS=/assets --assets <path> DUFS_ASSETS=/assets
--log-format <format> DUFS_LOG_FORMAT=""
--tls-cert <path> DUFS_TLS_CERT=cert.pem --tls-cert <path> DUFS_TLS_CERT=cert.pem
--tls-key <path> DUFS_TLS_KEY=key.pem --tls-key <path> DUFS_TLS_KEY=key.pem
--log-format <format> DUFS_LOG_FORMAT="" ```
## Configuration File
You can specify and use the configuration file by selecting the option `--config <path-to-config.yaml>`.
The following are the configuration items:
```yaml
serve-path: '.'
bind: 0.0.0.0
port: 5000
path-prefix: /dufs
hidden:
- tmp
- '*.log'
- '*.lock'
auth:
- admin:admin@/:rw
- user:pass@/src:rw,/share
allow-all: false
allow-upload: true
allow-delete: true
allow-search: true
allow-symlink: true
allow-archive: true
enable-cors: true
render-index: true
render-try-index: true
render-spa: true
assets: ./assets/
log-format: '$remote_addr "$request" $status $http_user_agent'
tls-cert: tests/data/cert.pem
tls-key: tests/data/key_pkcs1.pem
``` ```
### Customize UI ### Customize UI

27
assets/index.css
View File

@@ -73,6 +73,10 @@ body {
display: none; display: none;
} }
.upload-file label {
cursor: pointer;
}
.searchbar { .searchbar {
display: flex; display: flex;
flex-wrap: nowrap; flex-wrap: nowrap;
@@ -103,11 +107,6 @@ body {
cursor: pointer; cursor: pointer;
} }
.upload-status span {
width: 70px;
display: inline-block;
}
.main { .main {
padding: 3.3em 1em 0; padding: 3.3em 1em 0;
} }
@@ -134,6 +133,11 @@ body {
padding-left: 0.6em; padding-left: 0.6em;
} }
.cell-status span {
width: 80px;
display: inline-block;
}
.paths-table thead a { .paths-table thead a {
color: unset; color: unset;
text-decoration: none; text-decoration: none;
@@ -208,18 +212,29 @@ body {
height: calc(100vh - 5rem); height: calc(100vh - 5rem);
border: 1px solid #ced4da; border: 1px solid #ced4da;
outline: none; outline: none;
padding: 5px;
} }
.toolbox2 { .toolbox-right {
margin-left: auto; margin-left: auto;
margin-right: 2em; margin-right: 2em;
} }
.save-btn { .save-btn {
cursor: pointer; cursor: pointer;
-webkit-user-select: none;
user-select: none; user-select: none;
} }
.user-btn {
display: flex;
align-items: center;
}
.user-name {
padding-left: 3px;
}
.not-editable { .not-editable {
font-style: italic; font-style: italic;
} }

11
assets/index.html
View File

@@ -1,5 +1,5 @@
<!DOCTYPE html> <!DOCTYPE html>
<html> <html lang="en-US">
<head> <head>
<meta charset="utf-8" /> <meta charset="utf-8" />
@@ -48,7 +48,7 @@
d="M7.646 1.146a.5.5 0 0 1 .708 0l3 3a.5.5 0 0 1-.708.708L8.5 2.707V11.5a.5.5 0 0 1-1 0V2.707L5.354 4.854a.5.5 0 1 1-.708-.708l3-3z" /> d="M7.646 1.146a.5.5 0 0 1 .708 0l3 3a.5.5 0 0 1-.708.708L8.5 2.707V11.5a.5.5 0 0 1-1 0V2.707L5.354 4.854a.5.5 0 1 1-.708-.708l3-3z" />
</svg> </svg>
</label> </label>
<input type="file" id="file" name="file" multiple> <input type="file" id="file" title="Upload files" name="file" multiple>
</div> </div>
<div class="control new-folder hidden" title="New folder"> <div class="control new-folder hidden" title="New folder">
<svg width="16" height="16" viewBox="0 0 16 16"> <svg width="16" height="16" viewBox="0 0 16 16">
@@ -74,10 +74,10 @@
d="M11.742 10.344a6.5 6.5 0 1 0-1.397 1.398h-.001c.03.04.062.078.098.115l3.85 3.85a1 1 0 0 0 1.415-1.414l-3.85-3.85a1.007 1.007 0 0 0-.115-.1zM12 6.5a5.5 5.5 0 1 1-11 0 5.5 5.5 0 0 1 11 0z" /> d="M11.742 10.344a6.5 6.5 0 1 0-1.397 1.398h-.001c.03.04.062.078.098.115l3.85 3.85a1 1 0 0 0 1.415-1.414l-3.85-3.85a1.007 1.007 0 0 0-.115-.1zM12 6.5a5.5 5.5 0 1 1-11 0 5.5 5.5 0 0 1 11 0z" />
</svg> </svg>
</div> </div>
<input id="search" name="q" type="text" maxlength="128" autocomplete="off" tabindex="1"> <input id="search" title="Searching for folders or files" name="q" type="text" maxlength="128" autocomplete="off" tabindex="1">
<input type="submit" hidden /> <input type="submit" hidden />
</form> </form>
<div class="toolbox2"> <div class="toolbox-right">
<div class="login-btn hidden" title="Login for upload/move/delete/edit permissions"> <div class="login-btn hidden" title="Login for upload/move/delete/edit permissions">
<svg width="16" height="16" viewBox="0 0 16 16"> <svg width="16" height="16" viewBox="0 0 16 16">
<path fill-rule="evenodd" <path fill-rule="evenodd"
@@ -91,6 +91,7 @@
<path <path
d="M8 8a3 3 0 1 0 0-6 3 3 0 0 0 0 6Zm2-3a2 2 0 1 1-4 0 2 2 0 0 1 4 0Zm4 8c0 1-1 1-1 1H3s-1 0-1-1 1-4 6-4 6 3 6 4Zm-1-.004c-.001-.246-.154-.986-.832-1.664C11.516 10.68 10.289 10 8 10c-2.29 0-3.516.68-4.168 1.332-.678.678-.83 1.418-.832 1.664h10Z" /> d="M8 8a3 3 0 1 0 0-6 3 3 0 0 0 0 6Zm2-3a2 2 0 1 1-4 0 2 2 0 0 1 4 0Zm4 8c0 1-1 1-1 1H3s-1 0-1-1 1-4 6-4 6 3 6 4Zm-1-.004c-.001-.246-.154-.986-.832-1.664C11.516 10.68 10.289 10 8 10c-2.29 0-3.516.68-4.168 1.332-.678.678-.83 1.418-.832 1.664h10Z" />
</svg> </svg>
<span class="user-name"></span>
</div> </div>
<div class="save-btn hidden" title="Save file"> <div class="save-btn hidden" title="Save file">
<svg viewBox="0 0 1024 1024" width="24" height="24"> <svg viewBox="0 0 1024 1024" width="24" height="24">
@@ -121,7 +122,7 @@
</div> </div>
<div class="editor-page hidden"> <div class="editor-page hidden">
<div class="not-editable hidden"></div> <div class="not-editable hidden"></div>
<textarea class="editor hidden" cols="10"></textarea> <textarea id="editor" class="editor hidden" aria-label="Editor" cols="10"></textarea>
</div> </div>
</div> </div>
<script> <script>

56
assets/index.js
View File

@@ -10,7 +10,7 @@
* @typedef {object} DATA * @typedef {object} DATA
* @property {string} href * @property {string} href
* @property {string} uri_prefix * @property {string} uri_prefix
* @property {"Index" | "Edit"} kind * @property {"Index" | "Edit" | "View"} kind
* @property {PathItem[]} paths * @property {PathItem[]} paths
* @property {boolean} allow_upload * @property {boolean} allow_upload
* @property {boolean} allow_delete * @property {boolean} allow_delete
@@ -55,7 +55,8 @@ const ICONS = {
download: `<svg width="16" height="16" viewBox="0 0 16 16"><path d="M.5 9.9a.5.5 0 0 1 .5.5v2.5a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1v-2.5a.5.5 0 0 1 1 0v2.5a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2v-2.5a.5.5 0 0 1 .5-.5z"/><path d="M7.646 11.854a.5.5 0 0 0 .708 0l3-3a.5.5 0 0 0-.708-.708L8.5 10.293V1.5a.5.5 0 0 0-1 0v8.793L5.354 8.146a.5.5 0 1 0-.708.708l3 3z"/></svg>`, download: `<svg width="16" height="16" viewBox="0 0 16 16"><path d="M.5 9.9a.5.5 0 0 1 .5.5v2.5a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1v-2.5a.5.5 0 0 1 1 0v2.5a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2v-2.5a.5.5 0 0 1 .5-.5z"/><path d="M7.646 11.854a.5.5 0 0 0 .708 0l3-3a.5.5 0 0 0-.708-.708L8.5 10.293V1.5a.5.5 0 0 0-1 0v8.793L5.354 8.146a.5.5 0 1 0-.708.708l3 3z"/></svg>`,
move: `<svg width="16" height="16" viewBox="0 0 16 16"><path fill-rule="evenodd" d="M1.5 1.5A.5.5 0 0 0 1 2v4.8a2.5 2.5 0 0 0 2.5 2.5h9.793l-3.347 3.346a.5.5 0 0 0 .708.708l4.2-4.2a.5.5 0 0 0 0-.708l-4-4a.5.5 0 0 0-.708.708L13.293 8.3H3.5A1.5 1.5 0 0 1 2 6.8V2a.5.5 0 0 0-.5-.5z"/></svg>`, move: `<svg width="16" height="16" viewBox="0 0 16 16"><path fill-rule="evenodd" d="M1.5 1.5A.5.5 0 0 0 1 2v4.8a2.5 2.5 0 0 0 2.5 2.5h9.793l-3.347 3.346a.5.5 0 0 0 .708.708l4.2-4.2a.5.5 0 0 0 0-.708l-4-4a.5.5 0 0 0-.708.708L13.293 8.3H3.5A1.5 1.5 0 0 1 2 6.8V2a.5.5 0 0 0-.5-.5z"/></svg>`,
edit: `<svg width="16" height="16" viewBox="0 0 16 16"><path d="M12.146.146a.5.5 0 0 1 .708 0l3 3a.5.5 0 0 1 0 .708l-10 10a.5.5 0 0 1-.168.11l-5 2a.5.5 0 0 1-.65-.65l2-5a.5.5 0 0 1 .11-.168l10-10zM11.207 2.5 13.5 4.793 14.793 3.5 12.5 1.207 11.207 2.5zm1.586 3L10.5 3.207 4 9.707V10h.5a.5.5 0 0 1 .5.5v.5h.5a.5.5 0 0 1 .5.5v.5h.293l6.5-6.5zm-9.761 5.175-.106.106-1.528 3.821 3.821-1.528.106-.106A.5.5 0 0 1 5 12.5V12h-.5a.5.5 0 0 1-.5-.5V11h-.5a.5.5 0 0 1-.468-.325z"/></svg>`, edit: `<svg width="16" height="16" viewBox="0 0 16 16"><path d="M12.146.146a.5.5 0 0 1 .708 0l3 3a.5.5 0 0 1 0 .708l-10 10a.5.5 0 0 1-.168.11l-5 2a.5.5 0 0 1-.65-.65l2-5a.5.5 0 0 1 .11-.168l10-10zM11.207 2.5 13.5 4.793 14.793 3.5 12.5 1.207 11.207 2.5zm1.586 3L10.5 3.207 4 9.707V10h.5a.5.5 0 0 1 .5.5v.5h.5a.5.5 0 0 1 .5.5v.5h.293l6.5-6.5zm-9.761 5.175-.106.106-1.528 3.821 3.821-1.528.106-.106A.5.5 0 0 1 5 12.5V12h-.5a.5.5 0 0 1-.5-.5V11h-.5a.5.5 0 0 1-.468-.325z"/></svg>`,
delete: `<svg width="16" height="16" fill="currentColor"viewBox="0 0 16 16"><path d="M6.854 7.146a.5.5 0 1 0-.708.708L7.293 9l-1.147 1.146a.5.5 0 0 0 .708.708L8 9.707l1.146 1.147a.5.5 0 0 0 .708-.708L8.707 9l1.147-1.146a.5.5 0 0 0-.708-.708L8 8.293 6.854 7.146z"/><path d="M14 14V4.5L9.5 0H4a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h8a2 2 0 0 0 2-2zM9.5 3A1.5 1.5 0 0 0 11 4.5h2V14a1 1 0 0 1-1 1H4a1 1 0 0 1-1-1V2a1 1 0 0 1 1-1h5.5v2z"/></svg>`, delete: `<svg width="16" height="16" viewBox="0 0 16 16"><path d="M6.854 7.146a.5.5 0 1 0-.708.708L7.293 9l-1.147 1.146a.5.5 0 0 0 .708.708L8 9.707l1.146 1.147a.5.5 0 0 0 .708-.708L8.707 9l1.147-1.146a.5.5 0 0 0-.708-.708L8 8.293 6.854 7.146z"/><path d="M14 14V4.5L9.5 0H4a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h8a2 2 0 0 0 2-2zM9.5 3A1.5 1.5 0 0 0 11 4.5h2V14a1 1 0 0 1-1 1H4a1 1 0 0 1-1-1V2a1 1 0 0 1 1-1h5.5v2z"/></svg>`,
view: `<svg width="16" height="16" viewBox="0 0 16 16"><path d="M4 0a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h8a2 2 0 0 0 2-2V2a2 2 0 0 0-2-2zm0 1h8a1 1 0 0 1 1 1v12a1 1 0 0 1-1 1H4a1 1 0 0 1-1-1V2a1 1 0 0 1 1-1"/></svg>`,
} }
/** /**
@@ -86,6 +87,10 @@ let $editor;
* @type Element * @type Element
*/ */
let $userBtn; let $userBtn;
/**
* @type Element
*/
let $userName;
function ready() { function ready() {
$pathsTable = document.querySelector(".paths-table") $pathsTable = document.querySelector(".paths-table")
@@ -95,6 +100,7 @@ function ready() {
$emptyFolder = document.querySelector(".empty-folder"); $emptyFolder = document.querySelector(".empty-folder");
$editor = document.querySelector(".editor"); $editor = document.querySelector(".editor");
$userBtn = document.querySelector(".user-btn"); $userBtn = document.querySelector(".user-btn");
$userName = document.querySelector(".user-name");
addBreadcrumb(DATA.href, DATA.uri_prefix); addBreadcrumb(DATA.href, DATA.uri_prefix);
@@ -108,7 +114,12 @@ function ready() {
document.title = `Edit ${DATA.href} - Dufs`; document.title = `Edit ${DATA.href} - Dufs`;
document.querySelector(".editor-page").classList.remove("hidden");; document.querySelector(".editor-page").classList.remove("hidden");;
setupEditPage(); setupEditorPage();
} else if (DATA.kind == "View") {
document.title = `View ${DATA.href} - Dufs`;
document.querySelector(".editor-page").classList.remove("hidden");;
setupEditorPage();
} }
} }
@@ -178,10 +189,10 @@ class Uploader {
const now = Date.now(); const now = Date.now();
const speed = (event.loaded - this.uploaded) / (now - this.lastUptime) * 1000; const speed = (event.loaded - this.uploaded) / (now - this.lastUptime) * 1000;
const [speedValue, speedUnit] = formatSize(speed); const [speedValue, speedUnit] = formatSize(speed);
const speedText = `${speedValue}${speedUnit.toLowerCase()}/s`; const speedText = `${speedValue} ${speedUnit}/s`;
const progress = formatPercent((event.loaded / event.total) * 100); const progress = formatPercent((event.loaded / event.total) * 100);
const duration = formatDuration((event.total - event.loaded) / speed) const duration = formatDuration((event.total - event.loaded) / speed)
this.$uploadStatus.innerHTML = `<span>${speedText}</span><span>${progress}</span><span>${duration}</span>`; this.$uploadStatus.innerHTML = `<span>${speedText}</span><span>${progress} ${duration}</span>`;
this.uploaded = event.loaded; this.uploaded = event.loaded;
this.lastUptime = now; this.lastUptime = now;
} }
@@ -252,7 +263,7 @@ function addBreadcrumb(href, uri_prefix) {
} }
const encodedName = encodedStr(name); const encodedName = encodedStr(name);
if (i === 0) { if (i === 0) {
$breadcrumb.insertAdjacentHTML("beforeend", `<a href="${path}"><svg width="16" height="16" viewBox="0 0 16 16"><path d="M6.5 14.5v-3.505c0-.245.25-.495.5-.495h2c.25 0 .5.25.5.5v3.5a.5.5 0 0 0 .5.5h4a.5.5 0 0 0 .5-.5v-7a.5.5 0 0 0-.146-.354L13 5.793V2.5a.5.5 0 0 0-.5-.5h-1a.5.5 0 0 0-.5.5v1.293L8.354 1.146a.5.5 0 0 0-.708 0l-6 6A.5.5 0 0 0 1.5 7.5v7a.5.5 0 0 0 .5.5h4a.5.5 0 0 0 .5-.5z"/></svg></a>`); $breadcrumb.insertAdjacentHTML("beforeend", `<a href="${path}" title="Root"><svg width="16" height="16" viewBox="0 0 16 16"><path d="M6.5 14.5v-3.505c0-.245.25-.495.5-.495h2c.25 0 .5.25.5.5v3.5a.5.5 0 0 0 .5.5h4a.5.5 0 0 0 .5-.5v-7a.5.5 0 0 0-.146-.354L13 5.793V2.5a.5.5 0 0 0-.5-.5h-1a.5.5 0 0 0-.5.5v1.293L8.354 1.146a.5.5 0 0 0-.708 0l-6 6A.5.5 0 0 0 1.5 7.5v7a.5.5 0 0 0 .5.5h4a.5.5 0 0 0 .5-.5z"/></svg></a>`);
} else if (i === len - 1) { } else if (i === len - 1) {
$breadcrumb.insertAdjacentHTML("beforeend", `<b>${encodedName}</b>`); $breadcrumb.insertAdjacentHTML("beforeend", `<b>${encodedName}</b>`);
} else { } else {
@@ -316,13 +327,13 @@ function renderPathsTableHead() {
<tr> <tr>
${headerItems.map(item => { ${headerItems.map(item => {
let svg = `<svg width="12" height="12" viewBox="0 0 16 16"><path fill-rule="evenodd" d="M11.5 15a.5.5 0 0 0 .5-.5V2.707l3.146 3.147a.5.5 0 0 0 .708-.708l-4-4a.5.5 0 0 0-.708 0l-4 4a.5.5 0 1 0 .708.708L11 2.707V14.5a.5.5 0 0 0 .5.5zm-7-14a.5.5 0 0 1 .5.5v11.793l3.146-3.147a.5.5 0 0 1 .708.708l-4 4a.5.5 0 0 1-.708 0l-4-4a.5.5 0 0 1 .708-.708L4 13.293V1.5a.5.5 0 0 1 .5-.5z"/></svg>`; let svg = `<svg width="12" height="12" viewBox="0 0 16 16"><path fill-rule="evenodd" d="M11.5 15a.5.5 0 0 0 .5-.5V2.707l3.146 3.147a.5.5 0 0 0 .708-.708l-4-4a.5.5 0 0 0-.708 0l-4 4a.5.5 0 1 0 .708.708L11 2.707V14.5a.5.5 0 0 0 .5.5zm-7-14a.5.5 0 0 1 .5.5v11.793l3.146-3.147a.5.5 0 0 1 .708.708l-4 4a.5.5 0 0 1-.708 0l-4-4a.5.5 0 0 1 .708-.708L4 13.293V1.5a.5.5 0 0 1 .5-.5z"/></svg>`;
let order = "asc"; let order = "desc";
if (PARAMS.sort === item.name) { if (PARAMS.sort === item.name) {
if (PARAMS.order === "asc") { if (PARAMS.order === "desc") {
order = "desc"; order = "asc";
svg = `<svg width="12" height="12" viewBox="0 0 16 16"><path fill-rule="evenodd" d="M8 15a.5.5 0 0 0 .5-.5V2.707l3.146 3.147a.5.5 0 0 0 .708-.708l-4-4a.5.5 0 0 0-.708 0l-4 4a.5.5 0 1 0 .708.708L7.5 2.707V14.5a.5.5 0 0 0 .5.5z"/></svg>`
} else {
svg = `<svg width="12" height="12" viewBox="0 0 16 16"><path fill-rule="evenodd" d="M8 1a.5.5 0 0 1 .5.5v11.793l3.146-3.147a.5.5 0 0 1 .708.708l-4 4a.5.5 0 0 1-.708 0l-4-4a.5.5 0 0 1 .708-.708L7.5 13.293V1.5A.5.5 0 0 1 8 1z"/></svg>` svg = `<svg width="12" height="12" viewBox="0 0 16 16"><path fill-rule="evenodd" d="M8 1a.5.5 0 0 1 .5.5v11.793l3.146-3.147a.5.5 0 0 1 .708.708l-4 4a.5.5 0 0 1-.708 0l-4-4a.5.5 0 0 1 .708-.708L7.5 13.293V1.5A.5.5 0 0 1 8 1z"/></svg>`
} else {
svg = `<svg width="12" height="12" viewBox="0 0 16 16"><path fill-rule="evenodd" d="M8 15a.5.5 0 0 0 .5-.5V2.707l3.146 3.147a.5.5 0 0 0 .708-.708l-4-4a.5.5 0 0 0-.708 0l-4 4a.5.5 0 1 0 .708.708L7.5 2.707V14.5a.5.5 0 0 0 .5.5z"/></svg>`
} }
} }
const qs = new URLSearchParams({ ...PARAMS, order, sort: item.name }).toString(); const qs = new URLSearchParams({ ...PARAMS, order, sort: item.name }).toString();
@@ -364,6 +375,7 @@ function addPath(file, index) {
let actionDownload = ""; let actionDownload = "";
let actionMove = ""; let actionMove = "";
let actionEdit = ""; let actionEdit = "";
let actionView = "";
let isDir = file.path_type.endsWith("Dir"); let isDir = file.path_type.endsWith("Dir");
if (isDir) { if (isDir) {
url += "/"; url += "/";
@@ -389,9 +401,13 @@ function addPath(file, index) {
actionDelete = ` actionDelete = `
<div onclick="deletePath(${index})" class="action-btn" id="deleteBtn${index}" title="Delete">${ICONS.delete}</div>`; <div onclick="deletePath(${index})" class="action-btn" id="deleteBtn${index}" title="Delete">${ICONS.delete}</div>`;
} }
if (!actionEdit && !isDir) {
actionView = `<a class="action-btn" title="View file" target="_blank" href="${url}?view">${ICONS.view}</a>`;
}
let actionCell = ` let actionCell = `
<td class="cell-actions"> <td class="cell-actions">
${actionDownload} ${actionDownload}
${actionView}
${actionMove} ${actionMove}
${actionDelete} ${actionDelete}
${actionEdit} ${actionEdit}
@@ -438,7 +454,7 @@ function setupDropzone() {
function setupAuth() { function setupAuth() {
if (DATA.user) { if (DATA.user) {
$userBtn.classList.remove("hidden"); $userBtn.classList.remove("hidden");
$userBtn.title = DATA.user; $userName.textContent = DATA.user;
} else { } else {
const $loginBtn = document.querySelector(".login-btn"); const $loginBtn = document.querySelector(".login-btn");
$loginBtn.classList.remove("hidden"); $loginBtn.classList.remove("hidden");
@@ -499,13 +515,14 @@ function setupNewFile() {
}); });
} }
async function setupEditPage() { async function setupEditorPage() {
const url = baseUrl(); const url = baseUrl();
const $download = document.querySelector(".download"); const $download = document.querySelector(".download");
$download.classList.remove("hidden"); $download.classList.remove("hidden");
$download.href = url; $download.href = url;
if (DATA.kind == "Edit") {
const $moveFile = document.querySelector(".move-file"); const $moveFile = document.querySelector(".move-file");
$moveFile.classList.remove("hidden"); $moveFile.classList.remove("hidden");
$moveFile.addEventListener("click", async () => { $moveFile.addEventListener("click", async () => {
@@ -526,6 +543,13 @@ async function setupEditPage() {
}); });
}) })
const $saveBtn = document.querySelector(".save-btn");
$saveBtn.classList.remove("hidden");
$saveBtn.addEventListener("click", saveChange);
} else if (DATA.kind == "View") {
$editor.readonly = true;
}
if (!DATA.editable) { if (!DATA.editable) {
const $notEditable = document.querySelector(".not-editable"); const $notEditable = document.querySelector(".not-editable");
const url = baseUrl(); const url = baseUrl();
@@ -539,10 +563,6 @@ async function setupEditPage() {
return; return;
} }
const $saveBtn = document.querySelector(".save-btn");
$saveBtn.classList.remove("hidden");
$saveBtn.addEventListener("click", saveChange);
$editor.classList.remove("hidden"); $editor.classList.remove("hidden");
try { try {
const res = await fetch(baseUrl()); const res = await fetch(baseUrl());
@@ -669,7 +689,7 @@ async function checkAuth() {
await assertResOK(res); await assertResOK(res);
document.querySelector(".login-btn").classList.add("hidden"); document.querySelector(".login-btn").classList.add("hidden");
$userBtn.classList.remove("hidden"); $userBtn.classList.remove("hidden");
$userBtn.title = ""; $userName.textContent = "";
} }
/** /**

559
src/args.rs
View File

@@ -2,17 +2,14 @@ use anyhow::{bail, Context, Result};
use clap::builder::PossibleValuesParser; use clap::builder::PossibleValuesParser;
use clap::{value_parser, Arg, ArgAction, ArgMatches, Command}; use clap::{value_parser, Arg, ArgAction, ArgMatches, Command};
use clap_complete::{generate, Generator, Shell}; use clap_complete::{generate, Generator, Shell};
#[cfg(feature = "tls")] use serde::{Deserialize, Deserializer};
use rustls::{Certificate, PrivateKey}; use smart_default::SmartDefault;
use std::env; use std::env;
use std::net::IpAddr; use std::net::IpAddr;
use std::path::{Path, PathBuf}; use std::path::{Path, PathBuf};
use crate::auth::AccessControl; use crate::auth::AccessControl;
use crate::auth::AuthMethod; use crate::http_logger::HttpLogger;
use crate::log_http::{LogHttp, DEFAULT_LOG_FORMAT};
#[cfg(feature = "tls")]
use crate::tls::{load_certs, load_private_key};
use crate::utils::encode_uri; use crate::utils::encode_uri;
pub fn build_cli() -> Command { pub fn build_cli() -> Command {
@@ -25,12 +22,20 @@ pub fn build_cli() -> Command {
env!("CARGO_PKG_REPOSITORY") env!("CARGO_PKG_REPOSITORY")
)) ))
.arg( .arg(
Arg::new("serve_path") Arg::new("serve-path")
.env("DUFS_SERVE_PATH") .env("DUFS_SERVE_PATH")
.hide_env(true) .hide_env(true)
.default_value(".")
.value_parser(value_parser!(PathBuf)) .value_parser(value_parser!(PathBuf))
.help("Specific path to serve"), .help("Specific path to serve [default: .]"),
)
.arg(
Arg::new("config")
.env("DUFS_CONFIG")
.hide_env(true)
.short('c')
.long("config")
.value_parser(value_parser!(PathBuf))
.help("Specify configuration file"),
) )
.arg( .arg(
Arg::new("bind") Arg::new("bind")
@@ -49,9 +54,8 @@ pub fn build_cli() -> Command {
.hide_env(true) .hide_env(true)
.short('p') .short('p')
.long("port") .long("port")
.default_value("5000")
.value_parser(value_parser!(u16)) .value_parser(value_parser!(u16))
.help("Specify port to listen on") .help("Specify port to listen on [default: 5000]")
.value_name("port"), .value_name("port"),
) )
.arg( .arg(
@@ -67,7 +71,9 @@ pub fn build_cli() -> Command {
.env("DUFS_HIDDEN") .env("DUFS_HIDDEN")
.hide_env(true) .hide_env(true)
.long("hidden") .long("hidden")
.help("Hide paths from directory listings, separated by `,`") .action(ArgAction::Append)
.value_delimiter(',')
.help("Hide paths from directory listings, e.g. tmp,*.log,*.lock")
.value_name("value"), .value_name("value"),
) )
.arg( .arg(
@@ -76,13 +82,13 @@ pub fn build_cli() -> Command {
.hide_env(true) .hide_env(true)
.short('a') .short('a')
.long("auth") .long("auth")
.help("Add auth role") .help("Add auth roles, e.g. user:pass@/dir1:rw,/dir2")
.action(ArgAction::Append) .action(ArgAction::Append)
.value_delimiter('|')
.value_name("rules"), .value_name("rules"),
) )
.arg( .arg(
Arg::new("auth-method") Arg::new("auth-method")
.hide(true)
.env("DUFS_AUTH_METHOD") .env("DUFS_AUTH_METHOD")
.hide_env(true) .hide_env(true)
.long("auth-method") .long("auth-method")
@@ -177,9 +183,24 @@ pub fn build_cli() -> Command {
.env("DUFS_ASSETS") .env("DUFS_ASSETS")
.hide_env(true) .hide_env(true)
.long("assets") .long("assets")
.help("Use custom assets to override builtin assets") .help("Set the path to the assets directory for overriding the built-in assets")
.value_parser(value_parser!(PathBuf)) .value_parser(value_parser!(PathBuf))
.value_name("path") .value_name("path")
)
.arg(
Arg::new("log-format")
.env("DUFS_LOG_FORMAT")
.hide_env(true)
.long("log-format")
.value_name("format")
.help("Customize http log format"),
)
.arg(
Arg::new("completions")
.long("completions")
.value_name("shell")
.value_parser(value_parser!(Shell))
.help("Print shell completion script for <shell>"),
); );
#[cfg(feature = "tls")] #[cfg(feature = "tls")]
@@ -203,38 +224,38 @@ pub fn build_cli() -> Command {
.help("Path to the SSL/TLS certificate's private key"), .help("Path to the SSL/TLS certificate's private key"),
); );
app.arg( app
Arg::new("log-format")
.env("DUFS_LOG_FORMAT")
.hide_env(true)
.long("log-format")
.value_name("format")
.help("Customize http log format"),
)
.arg(
Arg::new("completions")
.long("completions")
.value_name("shell")
.value_parser(value_parser!(Shell))
.help("Print shell completion script for <shell>"),
)
} }
pub fn print_completions<G: Generator>(gen: G, cmd: &mut Command) { pub fn print_completions<G: Generator>(gen: G, cmd: &mut Command) {
generate(gen, cmd, cmd.get_name().to_string(), &mut std::io::stdout()); generate(gen, cmd, cmd.get_name().to_string(), &mut std::io::stdout());
} }
#[derive(Debug)] #[derive(Debug, Deserialize, SmartDefault, PartialEq)]
#[serde(default)]
#[serde(rename_all = "kebab-case")]
pub struct Args { pub struct Args {
#[serde(default = "default_serve_path")]
#[default(default_serve_path())]
pub serve_path: PathBuf,
#[serde(deserialize_with = "deserialize_bind_addrs")]
#[serde(rename = "bind")]
#[serde(default = "default_addrs")]
#[default(default_addrs())]
pub addrs: Vec<BindAddr>, pub addrs: Vec<BindAddr>,
#[serde(default = "default_port")]
#[default(default_port())]
pub port: u16, pub port: u16,
pub path: PathBuf, #[serde(skip)]
pub path_is_file: bool, pub path_is_file: bool,
pub path_prefix: String, pub path_prefix: String,
#[serde(skip)]
pub uri_prefix: String, pub uri_prefix: String,
#[serde(deserialize_with = "deserialize_string_or_vec")]
pub hidden: Vec<String>, pub hidden: Vec<String>,
pub auth_method: AuthMethod, #[serde(deserialize_with = "deserialize_access_control")]
pub auth: AccessControl, pub auth: AccessControl,
pub allow_all: bool,
pub allow_upload: bool, pub allow_upload: bool,
pub allow_delete: bool, pub allow_delete: bool,
pub allow_search: bool, pub allow_search: bool,
@@ -244,12 +265,12 @@ pub struct Args {
pub render_spa: bool, pub render_spa: bool,
pub render_try_index: bool, pub render_try_index: bool,
pub enable_cors: bool, pub enable_cors: bool,
pub assets_path: Option<PathBuf>, pub assets: Option<PathBuf>,
pub log_http: LogHttp, #[serde(deserialize_with = "deserialize_log_http")]
#[cfg(feature = "tls")] #[serde(rename = "log-format")]
pub tls: Option<(Vec<Certificate>, PrivateKey)>, pub http_logger: HttpLogger,
#[cfg(not(feature = "tls"))] pub tls_cert: Option<PathBuf>,
pub tls: Option<()>, pub tls_key: Option<PathBuf>,
} }
impl Args { impl Args {
@@ -258,95 +279,164 @@ impl Args {
/// If a parsing error occurred, exit the process and print out informative /// If a parsing error occurred, exit the process and print out informative
/// error message to user. /// error message to user.
pub fn parse(matches: ArgMatches) -> Result<Args> { pub fn parse(matches: ArgMatches) -> Result<Args> {
let port = *matches.get_one::<u16>("port").unwrap(); let mut args = Self::default();
let addrs = matches
.get_many::<String>("bind") if let Some(config_path) = matches.get_one::<PathBuf>("config") {
.map(|bind| bind.map(|v| v.as_str()).collect()) let contents = std::fs::read_to_string(config_path)
.unwrap_or_else(|| vec!["0.0.0.0", "::"]); .with_context(|| format!("Failed to read config at {}", config_path.display()))?;
let addrs: Vec<BindAddr> = Args::parse_addrs(&addrs)?; args = serde_yaml::from_str(&contents)
let path = Args::parse_path(matches.get_one::<PathBuf>("serve_path").unwrap())?; .with_context(|| format!("Failed to load config at {}", config_path.display()))?;
let path_is_file = path.metadata()?.is_file(); }
let path_prefix = matches
.get_one::<String>("path-prefix") if let Some(path) = matches.get_one::<PathBuf>("serve-path") {
.map(|v| v.trim_matches('/').to_owned()) args.serve_path = path.clone()
.unwrap_or_default(); }
let uri_prefix = if path_prefix.is_empty() {
args.serve_path = Self::sanitize_path(args.serve_path)?;
if let Some(port) = matches.get_one::<u16>("port") {
args.port = *port
}
if let Some(addrs) = matches.get_many::<String>("bind") {
let addrs: Vec<_> = addrs.map(|v| v.as_str()).collect();
args.addrs = BindAddr::parse_addrs(&addrs)?;
}
args.path_is_file = args.serve_path.metadata()?.is_file();
if let Some(path_prefix) = matches.get_one::<String>("path-prefix") {
args.path_prefix = path_prefix.clone();
}
args.path_prefix = args.path_prefix.trim_matches('/').to_string();
args.uri_prefix = if args.path_prefix.is_empty() {
"/".to_owned() "/".to_owned()
} else { } else {
format!("/{}/", &encode_uri(&path_prefix)) format!("/{}/", &encode_uri(&args.path_prefix))
}; };
let hidden: Vec<String> = matches
.get_one::<String>("hidden") if let Some(hidden) = matches.get_many::<String>("hidden") {
.map(|v| v.split(',').map(|x| x.to_string()).collect()) args.hidden = hidden.cloned().collect();
.unwrap_or_default(); } else {
let enable_cors = matches.get_flag("enable-cors"); let mut hidden = vec![];
let auth: Vec<&str> = matches std::mem::swap(&mut args.hidden, &mut hidden);
.get_many::<String>("auth") args.hidden = hidden
.map(|auth| auth.map(|v| v.as_str()).collect()) .into_iter()
.unwrap_or_default(); .flat_map(|v| v.split(',').map(|v| v.to_string()).collect::<Vec<String>>())
let auth_method = match matches.get_one::<String>("auth-method").unwrap().as_str() { .collect();
"basic" => AuthMethod::Basic, }
_ => AuthMethod::Digest,
}; if !args.enable_cors {
let auth = AccessControl::new(&auth)?; args.enable_cors = matches.get_flag("enable-cors");
let allow_upload = matches.get_flag("allow-all") || matches.get_flag("allow-upload"); }
let allow_delete = matches.get_flag("allow-all") || matches.get_flag("allow-delete");
let allow_search = matches.get_flag("allow-all") || matches.get_flag("allow-search"); if let Some(rules) = matches.get_many::<String>("auth") {
let allow_symlink = matches.get_flag("allow-all") || matches.get_flag("allow-symlink"); let rules: Vec<_> = rules.map(|v| v.as_str()).collect();
let allow_archive = matches.get_flag("allow-all") || matches.get_flag("allow-archive"); args.auth = AccessControl::new(&rules)?;
let render_index = matches.get_flag("render-index"); }
let render_try_index = matches.get_flag("render-try-index");
let render_spa = matches.get_flag("render-spa"); if !args.allow_all {
args.allow_all = matches.get_flag("allow-all");
}
let allow_all = args.allow_all;
if !args.allow_upload {
args.allow_upload = allow_all || matches.get_flag("allow-upload");
}
if !args.allow_delete {
args.allow_delete = allow_all || matches.get_flag("allow-delete");
}
if !args.allow_search {
args.allow_search = allow_all || matches.get_flag("allow-search");
}
if !args.allow_symlink {
args.allow_symlink = allow_all || matches.get_flag("allow-symlink");
}
if !args.allow_archive {
args.allow_archive = allow_all || matches.get_flag("allow-archive");
}
if !args.render_index {
args.render_index = matches.get_flag("render-index");
}
if !args.render_try_index {
args.render_try_index = matches.get_flag("render-try-index");
}
if !args.render_spa {
args.render_spa = matches.get_flag("render-spa");
}
if let Some(log_format) = matches.get_one::<String>("log-format") {
args.http_logger = log_format.parse()?;
}
if let Some(assets_path) = matches.get_one::<PathBuf>("assets") {
args.assets = Some(assets_path.clone());
}
if let Some(assets_path) = &args.assets {
args.assets = Some(Args::sanitize_assets_path(assets_path)?);
}
#[cfg(feature = "tls")] #[cfg(feature = "tls")]
let tls = match ( {
matches.get_one::<PathBuf>("tls-cert"), if let Some(tls_cert) = matches.get_one::<PathBuf>("tls-cert") {
matches.get_one::<PathBuf>("tls-key"), args.tls_cert = Some(tls_cert.clone())
) { }
(Some(certs_file), Some(key_file)) => {
let certs = load_certs(certs_file)?; if let Some(tls_key) = matches.get_one::<PathBuf>("tls-key") {
let key = load_private_key(key_file)?; args.tls_key = Some(tls_key.clone())
Some((certs, key)) }
match (&args.tls_cert, &args.tls_key) {
(Some(_), Some(_)) => {}
(Some(_), _) => bail!("No tls-key set"),
(_, Some(_)) => bail!("No tls-cert set"),
(None, None) => {}
}
} }
_ => None,
};
#[cfg(not(feature = "tls"))] #[cfg(not(feature = "tls"))]
let tls = None; {
let log_http: LogHttp = matches args.tls_cert = None;
.get_one::<String>("log-format") args.tls_key = None;
.map(|v| v.as_str())
.unwrap_or(DEFAULT_LOG_FORMAT)
.parse()?;
let assets_path = match matches.get_one::<PathBuf>("assets") {
Some(v) => Some(Args::parse_assets_path(v)?),
None => None,
};
Ok(Args {
addrs,
port,
path,
path_is_file,
path_prefix,
uri_prefix,
hidden,
auth_method,
auth,
enable_cors,
allow_delete,
allow_upload,
allow_search,
allow_symlink,
allow_archive,
render_index,
render_try_index,
render_spa,
tls,
log_http,
assets_path,
})
} }
fn parse_addrs(addrs: &[&str]) -> Result<Vec<BindAddr>> { Ok(args)
}
fn sanitize_path<P: AsRef<Path>>(path: P) -> Result<PathBuf> {
let path = path.as_ref();
if !path.exists() {
bail!("Path `{}` doesn't exist", path.display());
}
env::current_dir()
.and_then(|mut p| {
p.push(path); // If path is absolute, it replaces the current path.
std::fs::canonicalize(p)
})
.with_context(|| format!("Failed to access path `{}`", path.display()))
}
fn sanitize_assets_path<P: AsRef<Path>>(path: P) -> Result<PathBuf> {
let path = Self::sanitize_path(path)?;
if !path.join("index.html").exists() {
bail!("Path `{}` doesn't contains index.html", path.display());
}
Ok(path)
}
}
#[derive(Debug, Clone, PartialEq, Eq, PartialOrd, Ord)]
pub enum BindAddr {
Address(IpAddr),
Path(PathBuf),
}
impl BindAddr {
fn parse_addrs(addrs: &[&str]) -> Result<Vec<Self>> {
let mut bind_addrs = vec![]; let mut bind_addrs = vec![];
let mut invalid_addrs = vec![]; let mut invalid_addrs = vec![];
for addr in addrs { for addr in addrs {
@@ -368,32 +458,221 @@ impl Args {
} }
Ok(bind_addrs) Ok(bind_addrs)
} }
fn parse_path<P: AsRef<Path>>(path: P) -> Result<PathBuf> {
let path = path.as_ref();
if !path.exists() {
bail!("Path `{}` doesn't exist", path.display());
} }
env::current_dir() fn deserialize_bind_addrs<'de, D>(deserializer: D) -> Result<Vec<BindAddr>, D::Error>
.and_then(|mut p| { where
p.push(path); // If path is absolute, it replaces the current path. D: Deserializer<'de>,
std::fs::canonicalize(p) {
}) struct StringOrVec;
.with_context(|| format!("Failed to access path `{}`", path.display()))
impl<'de> serde::de::Visitor<'de> for StringOrVec {
type Value = Vec<BindAddr>;
fn expecting(&self, formatter: &mut std::fmt::Formatter) -> std::fmt::Result {
formatter.write_str("string or list of strings")
} }
fn parse_assets_path<P: AsRef<Path>>(path: P) -> Result<PathBuf> { fn visit_str<E>(self, s: &str) -> Result<Self::Value, E>
let path = Self::parse_path(path)?; where
if !path.join("index.html").exists() { E: serde::de::Error,
bail!("Path `{}` doesn't contains index.html", path.display()); {
BindAddr::parse_addrs(&[s]).map_err(serde::de::Error::custom)
} }
Ok(path)
fn visit_seq<S>(self, seq: S) -> Result<Self::Value, S::Error>
where
S: serde::de::SeqAccess<'de>,
{
let addrs: Vec<&'de str> =
Deserialize::deserialize(serde::de::value::SeqAccessDeserializer::new(seq))?;
BindAddr::parse_addrs(&addrs).map_err(serde::de::Error::custom)
} }
} }
#[derive(Debug, Clone, PartialEq, Eq, PartialOrd, Ord)] deserializer.deserialize_any(StringOrVec)
pub enum BindAddr { }
Address(IpAddr),
Path(PathBuf), fn deserialize_string_or_vec<'de, D>(deserializer: D) -> Result<Vec<String>, D::Error>
where
D: Deserializer<'de>,
{
struct StringOrVec;
impl<'de> serde::de::Visitor<'de> for StringOrVec {
type Value = Vec<String>;
fn expecting(&self, formatter: &mut std::fmt::Formatter) -> std::fmt::Result {
formatter.write_str("string or list of strings")
}
fn visit_str<E>(self, s: &str) -> Result<Self::Value, E>
where
E: serde::de::Error,
{
Ok(vec![s.to_owned()])
}
fn visit_seq<S>(self, seq: S) -> Result<Self::Value, S::Error>
where
S: serde::de::SeqAccess<'de>,
{
Deserialize::deserialize(serde::de::value::SeqAccessDeserializer::new(seq))
}
}
deserializer.deserialize_any(StringOrVec)
}
fn deserialize_access_control<'de, D>(deserializer: D) -> Result<AccessControl, D::Error>
where
D: Deserializer<'de>,
{
let rules: Vec<&str> = Vec::deserialize(deserializer)?;
AccessControl::new(&rules).map_err(serde::de::Error::custom)
}
fn deserialize_log_http<'de, D>(deserializer: D) -> Result<HttpLogger, D::Error>
where
D: Deserializer<'de>,
{
let value: String = Deserialize::deserialize(deserializer)?;
value.parse().map_err(serde::de::Error::custom)
}
fn default_serve_path() -> PathBuf {
PathBuf::from(".")
}
fn default_addrs() -> Vec<BindAddr> {
BindAddr::parse_addrs(&["0.0.0.0", "::"]).unwrap()
}
fn default_port() -> u16 {
5000
}
#[cfg(test)]
mod tests {
use super::*;
use assert_fs::prelude::*;
#[test]
fn test_default() {
let cli = build_cli();
let matches = cli.try_get_matches_from(vec![""]).unwrap();
let args = Args::parse(matches).unwrap();
let cwd = Args::sanitize_path(std::env::current_dir().unwrap()).unwrap();
assert_eq!(args.serve_path, cwd);
assert_eq!(args.port, default_port());
assert_eq!(args.addrs, default_addrs());
}
#[test]
fn test_args_from_cli1() {
let tmpdir = assert_fs::TempDir::new().unwrap();
let cli = build_cli();
let matches = cli
.try_get_matches_from(vec![
"",
"--hidden",
"tmp,*.log,*.lock",
&tmpdir.to_string_lossy(),
])
.unwrap();
let args = Args::parse(matches).unwrap();
assert_eq!(args.serve_path, Args::sanitize_path(&tmpdir).unwrap());
assert_eq!(args.hidden, ["tmp", "*.log", "*.lock"]);
}
#[test]
fn test_args_from_cli2() {
let cli = build_cli();
let matches = cli
.try_get_matches_from(vec![
"", "--hidden", "tmp", "--hidden", "*.log", "--hidden", "*.lock",
])
.unwrap();
let args = Args::parse(matches).unwrap();
assert_eq!(args.hidden, ["tmp", "*.log", "*.lock"]);
}
#[test]
fn test_args_from_empty_config_file() {
let tmpdir = assert_fs::TempDir::new().unwrap();
let config_file = tmpdir.child("config.yaml");
config_file.write_str("").unwrap();
let cli = build_cli();
let matches = cli
.try_get_matches_from(vec!["", "-c", &config_file.to_string_lossy()])
.unwrap();
let args = Args::parse(matches).unwrap();
let cwd = Args::sanitize_path(std::env::current_dir().unwrap()).unwrap();
assert_eq!(args.serve_path, cwd);
assert_eq!(args.port, default_port());
assert_eq!(args.addrs, default_addrs());
}
#[test]
fn test_args_from_config_file1() {
let tmpdir = assert_fs::TempDir::new().unwrap();
let config_file = tmpdir.child("config.yaml");
let contents = format!(
r#"
serve-path: {}
bind: 0.0.0.0
port: 3000
allow-upload: true
hidden: tmp,*.log,*.lock
"#,
tmpdir.display()
);
config_file.write_str(&contents).unwrap();
let cli = build_cli();
let matches = cli
.try_get_matches_from(vec!["", "-c", &config_file.to_string_lossy()])
.unwrap();
let args = Args::parse(matches).unwrap();
assert_eq!(args.serve_path, Args::sanitize_path(&tmpdir).unwrap());
assert_eq!(
args.addrs,
vec![BindAddr::Address("0.0.0.0".parse().unwrap())]
);
assert_eq!(args.hidden, ["tmp", "*.log", "*.lock"]);
assert_eq!(args.port, 3000);
assert!(args.allow_upload);
}
#[test]
fn test_args_from_config_file2() {
let tmpdir = assert_fs::TempDir::new().unwrap();
let config_file = tmpdir.child("config.yaml");
let contents = r#"
bind:
- 127.0.0.1
- 192.168.8.10
hidden:
- tmp
- '*.log'
- '*.lock'
"#;
config_file.write_str(contents).unwrap();
let cli = build_cli();
let matches = cli
.try_get_matches_from(vec!["", "-c", &config_file.to_string_lossy()])
.unwrap();
let args = Args::parse(matches).unwrap();
assert_eq!(
args.addrs,
vec![
BindAddr::Address("127.0.0.1".parse().unwrap()),
BindAddr::Address("192.168.8.10".parse().unwrap())
]
);
assert_eq!(args.hidden, ["tmp", "*.log", "*.lock"]);
}
} }

229
src/auth.rs
View File

@@ -11,10 +11,10 @@ use std::{
}; };
use uuid::Uuid; use uuid::Uuid;
use crate::utils::unix_now; use crate::{args::Args, utils::unix_now};
const REALM: &str = "DUFS"; const REALM: &str = "DUFS";
const DIGEST_AUTH_TIMEOUT: u32 = 86400; const DIGEST_AUTH_TIMEOUT: u32 = 604800; // 7 days
lazy_static! { lazy_static! {
static ref NONCESTARTHASH: Context = { static ref NONCESTARTHASH: Context = {
@@ -25,49 +25,64 @@ lazy_static! {
}; };
} }
#[derive(Debug, Default)] #[derive(Debug, Clone, PartialEq)]
pub struct AccessControl { pub struct AccessControl {
use_hashed_password: bool,
users: IndexMap<String, (String, AccessPaths)>, users: IndexMap<String, (String, AccessPaths)>,
anony: Option<AccessPaths>, anony: Option<AccessPaths>,
} }
impl Default for AccessControl {
fn default() -> Self {
AccessControl {
use_hashed_password: false,
anony: Some(AccessPaths::new(AccessPerm::ReadWrite)),
users: IndexMap::new(),
}
}
}
impl AccessControl { impl AccessControl {
pub fn new(raw_rules: &[&str]) -> Result<Self> { pub fn new(raw_rules: &[&str]) -> Result<Self> {
if raw_rules.is_empty() { if raw_rules.is_empty() {
return Ok(AccessControl { return Ok(Default::default());
anony: Some(AccessPaths::new(AccessPerm::ReadWrite)),
users: IndexMap::new(),
});
} }
let new_raw_rules = compact_split_rules(raw_rules);
if new_raw_rules.len() != raw_rules.len() {
eprintln!("Warning: deprecate the use of `|` to separate auth rules.")
}
let mut use_hashed_password = false;
let create_err = |v: &str| anyhow!("Invalid auth `{v}`"); let create_err = |v: &str| anyhow!("Invalid auth `{v}`");
let mut anony = None; let mut anony = None;
let mut anony_paths = vec![]; let mut anony_paths = vec![];
let mut users = IndexMap::new(); let mut users = IndexMap::new();
for rule in raw_rules { for rule in &new_raw_rules {
let (user, list) = rule.split_once('@').ok_or_else(|| create_err(rule))?; let (account, paths) = split_account_paths(rule).ok_or_else(|| create_err(rule))?;
if user.is_empty() && anony.is_some() { if account.is_empty() && anony.is_some() {
bail!("Invalid auth, duplicate anonymous rules"); bail!("Invalid auth, duplicate anonymous rules");
} }
let mut paths = AccessPaths::default(); let mut access_paths = AccessPaths::default();
for value in list.trim_matches(',').split(',') { for item in paths.trim_matches(',').split(',') {
let (path, perm) = match value.split_once(':') { let (path, perm) = match item.split_once(':') {
None => (value, AccessPerm::ReadOnly), None => (item, AccessPerm::ReadOnly),
Some((path, "rw")) => (path, AccessPerm::ReadWrite), Some((path, "rw")) => (path, AccessPerm::ReadWrite),
_ => return Err(create_err(rule)), _ => return Err(create_err(rule)),
}; };
if user.is_empty() { if account.is_empty() {
anony_paths.push((path, perm)); anony_paths.push((path, perm));
} }
paths.add(path, perm); access_paths.add(path, perm);
} }
if user.is_empty() { if account.is_empty() {
anony = Some(paths); anony = Some(access_paths);
} else if let Some((user, pass)) = user.split_once(':') { } else if let Some((user, pass)) = account.split_once(':') {
if user.is_empty() || pass.is_empty() { if user.is_empty() || pass.is_empty() {
return Err(create_err(rule)); return Err(create_err(rule));
} }
users.insert(user.to_string(), (pass.to_string(), paths)); if pass.starts_with("$6$") {
use_hashed_password = true;
}
users.insert(user.to_string(), (pass.to_string(), access_paths));
} else { } else {
return Err(create_err(rule)); return Err(create_err(rule));
} }
@@ -77,7 +92,11 @@ impl AccessControl {
paths.add(path, perm) paths.add(path, perm)
} }
} }
Ok(Self { users, anony }) Ok(Self {
use_hashed_password,
users,
anony,
})
} }
pub fn exist(&self) -> bool { pub fn exist(&self) -> bool {
@@ -89,18 +108,14 @@ impl AccessControl {
path: &str, path: &str,
method: &Method, method: &Method,
authorization: Option<&HeaderValue>, authorization: Option<&HeaderValue>,
auth_method: AuthMethod,
) -> (Option<String>, Option<AccessPaths>) { ) -> (Option<String>, Option<AccessPaths>) {
if let Some(authorization) = authorization { if let Some(authorization) = authorization {
if let Some(user) = auth_method.get_user(authorization) { if let Some(user) = get_auth_user(authorization) {
if let Some((pass, paths)) = self.users.get(&user) { if let Some((pass, paths)) = self.users.get(&user) {
if method == Method::OPTIONS { if method == Method::OPTIONS {
return (Some(user), Some(AccessPaths::new(AccessPerm::ReadOnly))); return (Some(user), Some(AccessPaths::new(AccessPerm::ReadOnly)));
} }
if auth_method if check_auth(authorization, method.as_str(), &user, pass).is_some() {
.check(authorization, method.as_str(), &user, pass)
.is_some()
{
return (Some(user), paths.find(path, !is_readonly_method(method))); return (Some(user), paths.find(path, !is_readonly_method(method)));
} else { } else {
return (None, None); return (None, None);
@@ -243,78 +258,58 @@ impl AccessPerm {
} }
} }
fn is_readonly_method(method: &Method) -> bool { pub fn www_authenticate(args: &Args) -> Result<HeaderValue> {
method == Method::GET let value = if args.auth.use_hashed_password {
|| method == Method::OPTIONS format!("Basic realm=\"{}\"", REALM)
|| method == Method::HEAD } else {
|| method.as_str() == "PROPFIND" let nonce = create_nonce()?;
format!(
"Digest realm=\"{}\", nonce=\"{}\", qop=\"auth\", Basic realm=\"{}\"",
REALM, nonce, REALM
)
};
Ok(HeaderValue::from_str(&value)?)
} }
#[derive(Debug, Clone)] pub fn get_auth_user(authorization: &HeaderValue) -> Option<String> {
pub enum AuthMethod { if let Some(value) = strip_prefix(authorization.as_bytes(), b"Basic ") {
Basic, let value: Vec<u8> = general_purpose::STANDARD.decode(value).ok()?;
Digest,
}
impl AuthMethod {
pub fn www_auth(&self) -> Result<String> {
match self {
AuthMethod::Basic => Ok(format!("Basic realm=\"{REALM}\"")),
AuthMethod::Digest => Ok(format!(
"Digest realm=\"{}\",nonce=\"{}\",qop=\"auth\"",
REALM,
create_nonce()?,
)),
}
}
pub fn get_user(&self, authorization: &HeaderValue) -> Option<String> {
match self {
AuthMethod::Basic => {
let value: Vec<u8> = general_purpose::STANDARD
.decode(strip_prefix(authorization.as_bytes(), b"Basic ")?)
.ok()?;
let parts: Vec<&str> = std::str::from_utf8(&value).ok()?.split(':').collect(); let parts: Vec<&str> = std::str::from_utf8(&value).ok()?.split(':').collect();
Some(parts[0].to_string()) Some(parts[0].to_string())
} } else if let Some(value) = strip_prefix(authorization.as_bytes(), b"Digest ") {
AuthMethod::Digest => { let digest_map = to_headermap(value).ok()?;
let digest_value = strip_prefix(authorization.as_bytes(), b"Digest ")?; let username = digest_map.get(b"username".as_ref())?;
let digest_map = to_headermap(digest_value).ok()?; std::str::from_utf8(username).map(|v| v.to_string()).ok()
digest_map } else {
.get(b"username".as_ref()) None
.and_then(|b| std::str::from_utf8(b).ok())
.map(|v| v.to_string())
}
} }
} }
fn check( pub fn check_auth(
&self,
authorization: &HeaderValue, authorization: &HeaderValue,
method: &str, method: &str,
auth_user: &str, auth_user: &str,
auth_pass: &str, auth_pass: &str,
) -> Option<()> { ) -> Option<()> {
match self { if let Some(value) = strip_prefix(authorization.as_bytes(), b"Basic ") {
AuthMethod::Basic => { let value: Vec<u8> = general_purpose::STANDARD.decode(value).ok()?;
let basic_value: Vec<u8> = general_purpose::STANDARD let parts: Vec<&str> = std::str::from_utf8(&value).ok()?.split(':').collect();
.decode(strip_prefix(authorization.as_bytes(), b"Basic ")?)
.ok()?;
let parts: Vec<&str> = std::str::from_utf8(&basic_value).ok()?.split(':').collect();
if parts[0] != auth_user { if parts[0] != auth_user {
return None; return None;
} }
if parts[1] == auth_pass { if auth_pass.starts_with("$6$") {
if let Ok(()) = sha_crypt::sha512_check(parts[1], auth_pass) {
return Some(());
}
} else if parts[1] == auth_pass {
return Some(()); return Some(());
} }
None None
} } else if let Some(value) = strip_prefix(authorization.as_bytes(), b"Digest ") {
AuthMethod::Digest => { let digest_map = to_headermap(value).ok()?;
let digest_value = strip_prefix(authorization.as_bytes(), b"Digest ")?;
let digest_map = to_headermap(digest_value).ok()?;
if let (Some(username), Some(nonce), Some(user_response)) = ( if let (Some(username), Some(nonce), Some(user_response)) = (
digest_map digest_map
.get(b"username".as_ref()) .get(b"username".as_ref())
@@ -382,8 +377,8 @@ impl AuthMethod {
} }
} }
None None
} } else {
} None
} }
} }
@@ -415,6 +410,13 @@ fn validate_nonce(nonce: &[u8]) -> Result<bool> {
bail!("invalid nonce"); bail!("invalid nonce");
} }
fn is_readonly_method(method: &Method) -> bool {
method == Method::GET
|| method == Method::OPTIONS
|| method == Method::HEAD
|| method.as_str() == "PROPFIND"
}
fn strip_prefix<'a>(search: &'a [u8], prefix: &[u8]) -> Option<&'a [u8]> { fn strip_prefix<'a>(search: &'a [u8], prefix: &[u8]) -> Option<&'a [u8]> {
let l = prefix.len(); let l = prefix.len();
if search.len() < l { if search.len() < l {
@@ -478,10 +480,75 @@ fn create_nonce() -> Result<String> {
Ok(n[..34].to_string()) Ok(n[..34].to_string())
} }
fn split_account_paths(s: &str) -> Option<(&str, &str)> {
let i = s.find("@/")?;
Some((&s[0..i], &s[i + 1..]))
}
/// Compatible with deprecated usage of `|` for role separation
fn compact_split_rules(rules: &[&str]) -> Vec<String> {
let mut output = vec![];
for rule in rules {
let parts: Vec<&str> = rule.split('|').collect();
let mut rules_list = vec![];
let mut concated_part = String::new();
for (i, part) in parts.iter().enumerate() {
if part.contains("@/") {
concated_part.push_str(part);
let mut concated_part_tmp = String::new();
std::mem::swap(&mut concated_part_tmp, &mut concated_part);
rules_list.push(concated_part_tmp);
continue;
}
concated_part.push_str(part);
if i < parts.len() - 1 {
concated_part.push('|');
}
}
if !concated_part.is_empty() {
rules_list.push(concated_part)
}
output.extend(rules_list);
}
output
}
#[cfg(test)] #[cfg(test)]
mod tests { mod tests {
use super::*; use super::*;
#[test]
fn test_split_account_paths() {
assert_eq!(
split_account_paths("user:pass@/:rw"),
Some(("user:pass", "/:rw"))
);
assert_eq!(
split_account_paths("user:pass@@/:rw"),
Some(("user:pass@", "/:rw"))
);
assert_eq!(
split_account_paths("user:pass@1@/:rw"),
Some(("user:pass@1", "/:rw"))
);
}
#[test]
fn test_compact_split_rules() {
assert_eq!(
compact_split_rules(&["user1:pass1@/:rw|user2:pass2@/:rw"]),
["user1:pass1@/:rw", "user2:pass2@/:rw"]
);
assert_eq!(
compact_split_rules(&["user1:pa|ss1@/:rw|user2:pa|ss2@/:rw"]),
["user1:pa|ss1@/:rw", "user2:pa|ss2@/:rw"]
);
assert_eq!(
compact_split_rules(&["user1:pa|ss1@/:rw|@/"]),
["user1:pa|ss1@/:rw", "@/"]
);
}
#[test] #[test]
fn test_access_paths() { fn test_access_paths() {
let mut paths = AccessPaths::default(); let mut paths = AccessPaths::default();

28
src/log_http.rs → src/http_logger.rs
View File

@@ -1,23 +1,29 @@
use std::{collections::HashMap, str::FromStr, sync::Arc}; use std::{collections::HashMap, str::FromStr};
use crate::{args::Args, server::Request}; use crate::{auth::get_auth_user, server::Request};
pub const DEFAULT_LOG_FORMAT: &str = r#"$remote_addr "$request" $status"#; pub const DEFAULT_LOG_FORMAT: &str = r#"$remote_addr "$request" $status"#;
#[derive(Debug)] #[derive(Debug, Clone, PartialEq)]
pub struct LogHttp { pub struct HttpLogger {
elements: Vec<LogElement>, elements: Vec<LogElement>,
} }
#[derive(Debug)] impl Default for HttpLogger {
fn default() -> Self {
DEFAULT_LOG_FORMAT.parse().unwrap()
}
}
#[derive(Debug, Clone, PartialEq)]
enum LogElement { enum LogElement {
Variable(String), Variable(String),
Header(String), Header(String),
Literal(String), Literal(String),
} }
impl LogHttp { impl HttpLogger {
pub fn data(&self, req: &Request, args: &Arc<Args>) -> HashMap<String, String> { pub fn data(&self, req: &Request) -> HashMap<String, String> {
let mut data = HashMap::default(); let mut data = HashMap::default();
for element in self.elements.iter() { for element in self.elements.iter() {
match element { match element {
@@ -26,10 +32,8 @@ impl LogHttp {
data.insert(name.to_string(), format!("{} {}", req.method(), req.uri())); data.insert(name.to_string(), format!("{} {}", req.method(), req.uri()));
} }
"remote_user" => { "remote_user" => {
if let Some(user) = req if let Some(user) =
.headers() req.headers().get("authorization").and_then(get_auth_user)
.get("authorization")
.and_then(|v| args.auth_method.get_user(v))
{ {
data.insert(name.to_string(), user); data.insert(name.to_string(), user);
} }
@@ -66,7 +70,7 @@ impl LogHttp {
} }
} }
impl FromStr for LogHttp { impl FromStr for HttpLogger {
type Err = anyhow::Error; type Err = anyhow::Error;
fn from_str(s: &str) -> Result<Self, Self::Err> { fn from_str(s: &str) -> Result<Self, Self::Err> {
let mut elements = vec![]; let mut elements = vec![];

26
src/main.rs
View File

@@ -1,6 +1,6 @@
mod args; mod args;
mod auth; mod auth;
mod log_http; mod http_logger;
mod logger; mod logger;
mod server; mod server;
mod streamer; mod streamer;
@@ -16,7 +16,7 @@ extern crate log;
use crate::args::{build_cli, print_completions, Args}; use crate::args::{build_cli, print_completions, Args};
use crate::server::{Request, Server}; use crate::server::{Request, Server};
#[cfg(feature = "tls")] #[cfg(feature = "tls")]
use crate::tls::{TlsAcceptor, TlsStream}; use crate::tls::{load_certs, load_private_key, TlsAcceptor, TlsStream};
use anyhow::{anyhow, Context, Result}; use anyhow::{anyhow, Context, Result};
use std::net::{IpAddr, SocketAddr, TcpListener as StdTcpListener}; use std::net::{IpAddr, SocketAddr, TcpListener as StdTcpListener};
@@ -88,9 +88,12 @@ fn serve(
BindAddr::Address(ip) => { BindAddr::Address(ip) => {
let incoming = create_addr_incoming(SocketAddr::new(*ip, port)) let incoming = create_addr_incoming(SocketAddr::new(*ip, port))
.with_context(|| format!("Failed to bind `{ip}:{port}`"))?; .with_context(|| format!("Failed to bind `{ip}:{port}`"))?;
match args.tls.as_ref() {
match (&args.tls_cert, &args.tls_key) {
#[cfg(feature = "tls")] #[cfg(feature = "tls")]
Some((certs, key)) => { (Some(cert_file), Some(key_file)) => {
let certs = load_certs(cert_file)?;
let key = load_private_key(key_file)?;
let config = ServerConfig::builder() let config = ServerConfig::builder()
.with_safe_defaults() .with_safe_defaults()
.with_no_client_auth() .with_no_client_auth()
@@ -105,11 +108,7 @@ fn serve(
tokio::spawn(hyper::Server::builder(accepter).serve(new_service)); tokio::spawn(hyper::Server::builder(accepter).serve(new_service));
handles.push(server); handles.push(server);
} }
#[cfg(not(feature = "tls"))] (None, None) => {
Some(_) => {
unreachable!()
}
None => {
let new_service = make_service_fn(move |socket: &AddrStream| { let new_service = make_service_fn(move |socket: &AddrStream| {
let remote_addr = socket.remote_addr(); let remote_addr = socket.remote_addr();
serve_func(Some(remote_addr)) serve_func(Some(remote_addr))
@@ -118,6 +117,9 @@ fn serve(
tokio::spawn(hyper::Server::builder(incoming).serve(new_service)); tokio::spawn(hyper::Server::builder(incoming).serve(new_service));
handles.push(server); handles.push(server);
} }
_ => {
unreachable!()
}
}; };
} }
BindAddr::Path(path) => { BindAddr::Path(path) => {
@@ -195,7 +197,11 @@ fn print_listening(args: Arc<Args>) -> Result<()> {
IpAddr::V4(_) => format!("{}:{}", addr, args.port), IpAddr::V4(_) => format!("{}:{}", addr, args.port),
IpAddr::V6(_) => format!("[{}]:{}", addr, args.port), IpAddr::V6(_) => format!("[{}]:{}", addr, args.port),
}; };
let protocol = if args.tls.is_some() { "https" } else { "http" }; let protocol = if args.tls_cert.is_some() {
"https"
} else {
"http"
};
format!("{}://{}{}", protocol, addr, args.uri_prefix) format!("{}://{}{}", protocol, addr, args.uri_prefix)
} }
BindAddr::Path(path) => path.display().to_string(), BindAddr::Path(path) => path.display().to_string(),

203
src/server.rs
View File

@@ -1,6 +1,6 @@
#![allow(clippy::too_many_arguments)] #![allow(clippy::too_many_arguments)]
use crate::auth::{AccessPaths, AccessPerm}; use crate::auth::{www_authenticate, AccessPaths, AccessPerm};
use crate::streamer::Streamer; use crate::streamer::Streamer;
use crate::utils::{ use crate::utils::{
decode_uri, encode_uri, get_file_mtime_and_mode, get_file_name, glob, try_get_file_name, decode_uri, encode_uri, get_file_mtime_and_mode, get_file_name, glob, try_get_file_name,
@@ -15,9 +15,9 @@ use async_zip::{Compression, ZipDateTime, ZipEntryBuilder};
use chrono::{LocalResult, TimeZone, Utc}; use chrono::{LocalResult, TimeZone, Utc};
use futures::TryStreamExt; use futures::TryStreamExt;
use headers::{ use headers::{
AcceptRanges, AccessControlAllowCredentials, AccessControlAllowOrigin, ContentLength, AcceptRanges, AccessControlAllowCredentials, AccessControlAllowOrigin, CacheControl,
ContentType, ETag, HeaderMap, HeaderMapExt, IfModifiedSince, IfNoneMatch, IfRange, ContentLength, ContentType, ETag, HeaderMap, HeaderMapExt, IfModifiedSince, IfNoneMatch,
LastModified, Range, IfRange, LastModified, Range,
}; };
use hyper::header::{ use hyper::header::{
HeaderValue, AUTHORIZATION, CONTENT_DISPOSITION, CONTENT_LENGTH, CONTENT_RANGE, CONTENT_TYPE, HeaderValue, AUTHORIZATION, CONTENT_DISPOSITION, CONTENT_LENGTH, CONTENT_RANGE, CONTENT_TYPE,
@@ -71,13 +71,13 @@ impl Server {
encode_uri(&format!( encode_uri(&format!(
"{}{}", "{}{}",
&args.uri_prefix, &args.uri_prefix,
get_file_name(&args.path) get_file_name(&args.serve_path)
)), )),
] ]
} else { } else {
vec![] vec![]
}; };
let html = match args.assets_path.as_ref() { let html = match args.assets.as_ref() {
Some(path) => Cow::Owned(std::fs::read_to_string(path.join("index.html"))?), Some(path) => Cow::Owned(std::fs::read_to_string(path.join("index.html"))?),
None => Cow::Borrowed(INDEX_HTML), None => Cow::Borrowed(INDEX_HTML),
}; };
@@ -96,9 +96,9 @@ impl Server {
addr: Option<SocketAddr>, addr: Option<SocketAddr>,
) -> Result<Response, hyper::Error> { ) -> Result<Response, hyper::Error> {
let uri = req.uri().clone(); let uri = req.uri().clone();
let assets_prefix = self.assets_prefix.clone(); let assets_prefix = &self.assets_prefix;
let enable_cors = self.args.enable_cors; let enable_cors = self.args.enable_cors;
let mut http_log_data = self.args.log_http.data(&req, &self.args); let mut http_log_data = self.args.http_logger.data(&req);
if let Some(addr) = addr { if let Some(addr) = addr {
http_log_data.insert("remote_addr".to_string(), addr.ip().to_string()); http_log_data.insert("remote_addr".to_string(), addr.ip().to_string());
} }
@@ -106,8 +106,8 @@ impl Server {
let mut res = match self.clone().handle(req).await { let mut res = match self.clone().handle(req).await {
Ok(res) => { Ok(res) => {
http_log_data.insert("status".to_string(), res.status().as_u16().to_string()); http_log_data.insert("status".to_string(), res.status().as_u16().to_string());
if !uri.path().starts_with(&assets_prefix) { if !uri.path().starts_with(assets_prefix) {
self.args.log_http.log(&http_log_data, None); self.args.http_logger.log(&http_log_data, None);
} }
res res
} }
@@ -117,7 +117,7 @@ impl Server {
*res.status_mut() = status; *res.status_mut() = status;
http_log_data.insert("status".to_string(), status.as_u16().to_string()); http_log_data.insert("status".to_string(), status.as_u16().to_string());
self.args self.args
.log_http .http_logger
.log(&http_log_data, Some(err.to_string())); .log(&http_log_data, Some(err.to_string()));
res res
} }
@@ -149,12 +149,7 @@ impl Server {
} }
}; };
let guard = self.args.auth.guard( let guard = self.args.auth.guard(&relative_path, &method, authorization);
&relative_path,
&method,
authorization,
self.args.auth_method.clone(),
);
let (user, access_paths) = match guard { let (user, access_paths) = match guard {
(None, None) => { (None, None) => {
@@ -185,7 +180,7 @@ impl Server {
.iter() .iter()
.any(|v| v.as_str() == req_path) .any(|v| v.as_str() == req_path)
{ {
self.handle_send_file(&self.args.path, headers, head_only, &mut res) self.handle_send_file(&self.args.serve_path, headers, head_only, &mut res)
.await?; .await?;
} else { } else {
status_not_found(&mut res); status_not_found(&mut res);
@@ -295,7 +290,10 @@ impl Server {
} }
} else if is_file { } else if is_file {
if query_params.contains_key("edit") { if query_params.contains_key("edit") {
self.handle_edit_file(path, head_only, user, &mut res) self.handle_deal_file(path, DataKind::Edit, head_only, user, &mut res)
.await?;
} else if query_params.contains_key("view") {
self.handle_deal_file(path, DataKind::View, head_only, user, &mut res)
.await?; .await?;
} else { } else {
self.handle_send_file(path, headers, head_only, &mut res) self.handle_send_file(path, headers, head_only, &mut res)
@@ -432,7 +430,12 @@ impl Server {
futures::pin_mut!(body_reader); futures::pin_mut!(body_reader);
io::copy(&mut body_reader, &mut file).await?; let ret = io::copy(&mut body_reader, &mut file).await;
if ret.is_err() {
tokio::fs::remove_file(&path).await?;
ret?;
}
*res.status_mut() = StatusCode::CREATED; *res.status_mut() = StatusCode::CREATED;
Ok(()) Ok(())
@@ -460,7 +463,7 @@ impl Server {
) -> Result<()> { ) -> Result<()> {
let mut paths = vec![]; let mut paths = vec![];
if exist { if exist {
paths = match self.list_dir(path, path, access_paths).await { paths = match self.list_dir(path, path, access_paths.clone()).await {
Ok(paths) => paths, Ok(paths) => paths,
Err(_) => { Err(_) => {
status_forbid(res); status_forbid(res);
@@ -468,7 +471,16 @@ impl Server {
} }
} }
}; };
self.send_index(path, paths, exist, query_params, head_only, user, res) self.send_index(
path,
paths,
exist,
query_params,
head_only,
user,
access_paths,
res,
)
} }
async fn handle_search_dir( async fn handle_search_dir(
@@ -490,6 +502,7 @@ impl Server {
let hidden = Arc::new(self.args.hidden.to_vec()); let hidden = Arc::new(self.args.hidden.to_vec());
let hidden = hidden.clone(); let hidden = hidden.clone();
let running = self.running.clone(); let running = self.running.clone();
let access_paths = access_paths.clone();
let search_paths = tokio::task::spawn_blocking(move || { let search_paths = tokio::task::spawn_blocking(move || {
let mut paths: Vec<PathBuf> = vec![]; let mut paths: Vec<PathBuf> = vec![];
for dir in access_paths.leaf_paths(&path_buf) { for dir in access_paths.leaf_paths(&path_buf) {
@@ -534,7 +547,16 @@ impl Server {
} }
} }
} }
self.send_index(path, paths, true, query_params, head_only, user, res) self.send_index(
path,
paths,
true,
query_params,
head_only,
user,
access_paths,
res,
)
} }
async fn handle_zip_dir( async fn handle_zip_dir(
@@ -601,7 +623,7 @@ impl Server {
res: &mut Response, res: &mut Response,
) -> Result<()> { ) -> Result<()> {
if path.extension().is_none() { if path.extension().is_none() {
let path = self.args.path.join(INDEX_NAME); let path = self.args.serve_path.join(INDEX_NAME);
self.handle_send_file(&path, headers, head_only, res) self.handle_send_file(&path, headers, head_only, res)
.await?; .await?;
} else { } else {
@@ -617,7 +639,7 @@ impl Server {
res: &mut Response, res: &mut Response,
) -> Result<bool> { ) -> Result<bool> {
if let Some(name) = req_path.strip_prefix(&self.assets_prefix) { if let Some(name) = req_path.strip_prefix(&self.assets_prefix) {
match self.args.assets_path.as_ref() { match self.args.assets.as_ref() {
Some(assets_path) => { Some(assets_path) => {
let path = assets_path.join(name); let path = assets_path.join(name);
self.handle_send_file(&path, headers, false, res).await?; self.handle_send_file(&path, headers, false, res).await?;
@@ -627,13 +649,15 @@ impl Server {
*res.body_mut() = Body::from(INDEX_JS); *res.body_mut() = Body::from(INDEX_JS);
res.headers_mut().insert( res.headers_mut().insert(
"content-type", "content-type",
HeaderValue::from_static("application/javascript"), HeaderValue::from_static("application/javascript; charset=UTF-8"),
); );
} }
"index.css" => { "index.css" => {
*res.body_mut() = Body::from(INDEX_CSS); *res.body_mut() = Body::from(INDEX_CSS);
res.headers_mut() res.headers_mut().insert(
.insert("content-type", HeaderValue::from_static("text/css")); "content-type",
HeaderValue::from_static("text/css; charset=UTF-8"),
);
} }
"favicon.ico" => { "favicon.ico" => {
*res.body_mut() = Body::from(FAVICON_ICO); *res.body_mut() = Body::from(FAVICON_ICO);
@@ -647,7 +671,11 @@ impl Server {
} }
res.headers_mut().insert( res.headers_mut().insert(
"cache-control", "cache-control",
HeaderValue::from_static("max-age=2592000, public"), HeaderValue::from_static("public, max-age=31536000, immutable"),
);
res.headers_mut().insert(
"x-content-type-options",
HeaderValue::from_static("nosniff"),
); );
Ok(true) Ok(true)
} else { } else {
@@ -748,22 +776,26 @@ impl Server {
Ok(()) Ok(())
} }
async fn handle_edit_file( async fn handle_deal_file(
&self, &self,
path: &Path, path: &Path,
kind: DataKind,
head_only: bool, head_only: bool,
user: Option<String>, user: Option<String>,
res: &mut Response, res: &mut Response,
) -> Result<()> { ) -> Result<()> {
let (file, meta) = tokio::join!(fs::File::open(path), fs::metadata(path),); let (file, meta) = tokio::join!(fs::File::open(path), fs::metadata(path),);
let (file, meta) = (file?, meta?); let (file, meta) = (file?, meta?);
let href = format!("/{}", normalize_path(path.strip_prefix(&self.args.path)?)); let href = format!(
"/{}",
normalize_path(path.strip_prefix(&self.args.serve_path)?)
);
let mut buffer: Vec<u8> = vec![]; let mut buffer: Vec<u8> = vec![];
file.take(1024).read_to_end(&mut buffer).await?; file.take(1024).read_to_end(&mut buffer).await?;
let editable = meta.len() <= TEXT_MAX_SIZE && content_inspector::inspect(&buffer).is_text(); let editable = meta.len() <= TEXT_MAX_SIZE && content_inspector::inspect(&buffer).is_text();
let data = EditData { let data = EditData {
href, href,
kind: DataKind::Edit, kind,
uri_prefix: self.args.uri_prefix.clone(), uri_prefix: self.args.uri_prefix.clone(),
allow_upload: self.args.allow_upload, allow_upload: self.args.allow_upload,
allow_delete: self.args.allow_delete, allow_delete: self.args.allow_delete,
@@ -803,12 +835,15 @@ impl Server {
}, },
None => 1, None => 1,
}; };
let mut paths = match self.to_pathitem(path, &self.args.path).await? { let mut paths = match self.to_pathitem(path, &self.args.serve_path).await? {
Some(v) => vec![v], Some(v) => vec![v],
None => vec![], None => vec![],
}; };
if depth != 0 { if depth != 0 {
match self.list_dir(path, &self.args.path, access_paths).await { match self
.list_dir(path, &self.args.serve_path, access_paths)
.await
{
Ok(child) => paths.extend(child), Ok(child) => paths.extend(child),
Err(_) => { Err(_) => {
status_forbid(res); status_forbid(res);
@@ -828,7 +863,7 @@ impl Server {
} }
async fn handle_propfind_file(&self, path: &Path, res: &mut Response) -> Result<()> { async fn handle_propfind_file(&self, path: &Path, res: &mut Response) -> Result<()> {
if let Some(pathitem) = self.to_pathitem(path, &self.args.path).await? { if let Some(pathitem) = self.to_pathitem(path, &self.args.serve_path).await? {
res_multistatus(res, &pathitem.to_dav_xml(self.args.uri_prefix.as_str())); res_multistatus(res, &pathitem.to_dav_xml(self.args.uri_prefix.as_str()));
} else { } else {
status_not_found(res); status_not_found(res);
@@ -928,32 +963,16 @@ impl Server {
query_params: &HashMap<String, String>, query_params: &HashMap<String, String>,
head_only: bool, head_only: bool,
user: Option<String>, user: Option<String>,
access_paths: AccessPaths,
res: &mut Response, res: &mut Response,
) -> Result<()> { ) -> Result<()> {
if let Some(sort) = query_params.get("sort") { if let Some(sort) = query_params.get("sort") {
if sort == "name" { if sort == "name" {
paths.sort_by(|v1, v2| match v1.path_type.cmp(&v2.path_type) { paths.sort_by(|v1, v2| v1.sort_by_name(v2))
Ordering::Equal => {
alphanumeric_sort::compare_str(v1.name.clone(), v2.name.clone())
}
v => v,
})
} else if sort == "mtime" { } else if sort == "mtime" {
paths.sort_by(|v1, v2| match v1.path_type.cmp(&v2.path_type) { paths.sort_by(|v1, v2| v1.sort_by_mtime(v2))
Ordering::Equal => v1.mtime.cmp(&v2.mtime),
v => v,
})
} else if sort == "size" { } else if sort == "size" {
paths.sort_by(|v1, v2| match v1.path_type.cmp(&v2.path_type) { paths.sort_by(|v1, v2| v1.sort_by_size(v2))
Ordering::Equal => {
if v1.is_dir() {
alphanumeric_sort::compare_str(v1.name.clone(), v2.name.clone())
} else {
v1.size.unwrap_or(0).cmp(&v2.size.unwrap_or(0))
}
}
v => v,
})
} }
if query_params if query_params
.get("order") .get("order")
@@ -963,7 +982,7 @@ impl Server {
paths.reverse() paths.reverse()
} }
} else { } else {
paths.sort_unstable(); paths.sort_by(|v1, v2| v1.sort_by_name(v2))
} }
if query_params.contains_key("simple") { if query_params.contains_key("simple") {
let output = paths let output = paths
@@ -987,13 +1006,17 @@ impl Server {
} }
return Ok(()); return Ok(());
} }
let href = format!("/{}", normalize_path(path.strip_prefix(&self.args.path)?)); let href = format!(
"/{}",
normalize_path(path.strip_prefix(&self.args.serve_path)?)
);
let readwrite = access_paths.perm().readwrite();
let data = IndexData { let data = IndexData {
kind: DataKind::Index, kind: DataKind::Index,
href, href,
uri_prefix: self.args.uri_prefix.clone(), uri_prefix: self.args.uri_prefix.clone(),
allow_upload: self.args.allow_upload, allow_upload: self.args.allow_upload && readwrite,
allow_delete: self.args.allow_delete, allow_delete: self.args.allow_delete && readwrite,
allow_search: self.args.allow_search, allow_search: self.args.allow_search,
allow_archive: self.args.allow_archive, allow_archive: self.args.allow_archive,
dir_exists: exist, dir_exists: exist,
@@ -1014,6 +1037,12 @@ impl Server {
}; };
res.headers_mut() res.headers_mut()
.typed_insert(ContentLength(output.as_bytes().len() as u64)); .typed_insert(ContentLength(output.as_bytes().len() as u64));
res.headers_mut()
.typed_insert(CacheControl::new().with_no_cache());
res.headers_mut().insert(
"x-content-type-options",
HeaderValue::from_static("nosniff"),
);
if head_only { if head_only {
return Ok(()); return Ok(());
} }
@@ -1022,9 +1051,9 @@ impl Server {
} }
fn auth_reject(&self, res: &mut Response) -> Result<()> { fn auth_reject(&self, res: &mut Response) -> Result<()> {
let value = self.args.auth_method.www_auth()?;
set_webdav_headers(res); set_webdav_headers(res);
res.headers_mut().insert(WWW_AUTHENTICATE, value.parse()?); res.headers_mut()
.append(WWW_AUTHENTICATE, www_authenticate(&self.args)?);
// set 401 to make the browser pop up the login box // set 401 to make the browser pop up the login box
*res.status_mut() = StatusCode::UNAUTHORIZED; *res.status_mut() = StatusCode::UNAUTHORIZED;
Ok(()) Ok(())
@@ -1034,7 +1063,7 @@ impl Server {
fs::canonicalize(path) fs::canonicalize(path)
.await .await
.ok() .ok()
.map(|v| v.starts_with(&self.args.path)) .map(|v| v.starts_with(&self.args.serve_path))
.unwrap_or_default() .unwrap_or_default()
} }
@@ -1057,12 +1086,10 @@ impl Server {
}; };
let authorization = headers.get(AUTHORIZATION); let authorization = headers.get(AUTHORIZATION);
let guard = self.args.auth.guard( let guard = self
&relative_path, .args
req.method(), .auth
authorization, .guard(&relative_path, req.method(), authorization);
self.args.auth_method.clone(),
);
match guard { match guard {
(_, Some(_)) => {} (_, Some(_)) => {}
@@ -1102,14 +1129,14 @@ impl Server {
fn join_path(&self, path: &str) -> Option<PathBuf> { fn join_path(&self, path: &str) -> Option<PathBuf> {
if path.is_empty() { if path.is_empty() {
return Some(self.args.path.clone()); return Some(self.args.serve_path.clone());
} }
let path = if cfg!(windows) { let path = if cfg!(windows) {
path.replace('/', "\\") path.replace('/', "\\")
} else { } else {
path.to_string() path.to_string()
}; };
Some(self.args.path.join(path)) Some(self.args.serve_path.join(path))
} }
async fn list_dir( async fn list_dir(
@@ -1175,10 +1202,11 @@ impl Server {
} }
} }
#[derive(Debug, Serialize)] #[derive(Debug, Serialize, PartialEq)]
enum DataKind { enum DataKind {
Index, Index,
Edit, Edit,
View,
} }
#[derive(Debug, Serialize)] #[derive(Debug, Serialize)]
@@ -1265,9 +1293,42 @@ impl PathItem {
), ),
} }
} }
pub fn base_name(&self) -> &str { pub fn base_name(&self) -> &str {
self.name.split('/').last().unwrap_or_default() self.name.split('/').last().unwrap_or_default()
} }
pub fn sort_by_name(&self, other: &Self) -> Ordering {
match self.path_type.cmp(&other.path_type) {
Ordering::Equal => {
alphanumeric_sort::compare_str(self.name.to_lowercase(), other.name.to_lowercase())
}
v => v,
}
}
pub fn sort_by_mtime(&self, other: &Self) -> Ordering {
match self.path_type.cmp(&other.path_type) {
Ordering::Equal => self.mtime.cmp(&other.mtime),
v => v,
}
}
pub fn sort_by_size(&self, other: &Self) -> Ordering {
match self.path_type.cmp(&other.path_type) {
Ordering::Equal => {
if self.is_dir() {
alphanumeric_sort::compare_str(
self.name.to_lowercase(),
other.name.to_lowercase(),
)
} else {
self.size.unwrap_or(0).cmp(&other.size.unwrap_or(0))
}
}
v => v,
}
}
} }
#[derive(Debug, Serialize, Eq, PartialEq)] #[derive(Debug, Serialize, Eq, PartialEq)]

9
tests/assets.rs
View File

@@ -32,7 +32,7 @@ fn asset_js(server: TestServer) -> Result<(), Error> {
assert_eq!(resp.status(), 200); assert_eq!(resp.status(), 200);
assert_eq!( assert_eq!(
resp.headers().get("content-type").unwrap(), resp.headers().get("content-type").unwrap(),
"application/javascript" "application/javascript; charset=UTF-8"
); );
Ok(()) Ok(())
} }
@@ -46,7 +46,10 @@ fn asset_css(server: TestServer) -> Result<(), Error> {
); );
let resp = reqwest::blocking::get(url)?; let resp = reqwest::blocking::get(url)?;
assert_eq!(resp.status(), 200); assert_eq!(resp.status(), 200);
assert_eq!(resp.headers().get("content-type").unwrap(), "text/css"); assert_eq!(
resp.headers().get("content-type").unwrap(),
"text/css; charset=UTF-8"
);
Ok(()) Ok(())
} }
@@ -90,7 +93,7 @@ fn asset_js_with_prefix(
assert_eq!(resp.status(), 200); assert_eq!(resp.status(), 200);
assert_eq!( assert_eq!(
resp.headers().get("content-type").unwrap(), resp.headers().get("content-type").unwrap(),
"application/javascript" "application/javascript; charset=UTF-8"
); );
Ok(()) Ok(())
} }

75
tests/auth.rs
View File

@@ -18,20 +18,48 @@ fn no_auth(#[with(&["--auth", "user:pass@/:rw", "-A"])] server: TestServer) -> R
} }
#[rstest] #[rstest]
fn auth(#[with(&["--auth", "user:pass@/:rw", "-A"])] server: TestServer) -> Result<(), Error> { #[case(server(&["--auth", "user:pass@/:rw", "-A"]), "user", "pass")]
#[case(server(&["--auth", "user:pa:ss@1@/:rw", "-A"]), "user", "pa:ss@1")]
fn auth(#[case] server: TestServer, #[case] user: &str, #[case] pass: &str) -> Result<(), Error> {
let url = format!("{}file1", server.url()); let url = format!("{}file1", server.url());
let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?; let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
assert_eq!(resp.status(), 401); assert_eq!(resp.status(), 401);
let resp = fetch!(b"PUT", &url) let resp = fetch!(b"PUT", &url)
.body(b"abc".to_vec()) .body(b"abc".to_vec())
.send_with_digest_auth("user", "pass")?; .send_with_digest_auth(user, pass)?;
assert_eq!(resp.status(), 201);
Ok(())
}
const HASHED_PASSWORD_AUTH: &str = "user:$6$gQxZwKyWn/ZmWEA2$4uV7KKMnSUnET2BtWTj/9T5.Jq3h/MdkOlnIl5hdlTxDZ4MZKmJ.kl6C.NL9xnNPqC4lVHC1vuI0E5cLpTJX81@/:rw"; // user:pass
#[rstest]
fn auth_hashed_password(
#[with(&["--auth", HASHED_PASSWORD_AUTH, "-A"])] server: TestServer,
) -> Result<(), Error> {
let url = format!("{}file1", server.url());
let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
assert_eq!(resp.status(), 401);
if let Err(err) = fetch!(b"PUT", &url)
.body(b"abc".to_vec())
.send_with_digest_auth("user", "pass")
{
assert_eq!(
format!("{err:?}"),
r#"DigestAuth(MissingRequired("realm", "Basic realm=\"DUFS\""))"#
);
}
let resp = fetch!(b"PUT", &url)
.body(b"abc".to_vec())
.basic_auth("user", Some("pass"))
.send()?;
assert_eq!(resp.status(), 201); assert_eq!(resp.status(), 201);
Ok(()) Ok(())
} }
#[rstest] #[rstest]
fn auth_and_public( fn auth_and_public(
#[with(&["--auth", "user:pass@/:rw|@/", "-A"])] server: TestServer, #[with(&["-a", "user:pass@/:rw", "-a", "@/", "-A"])] server: TestServer,
) -> Result<(), Error> { ) -> Result<(), Error> {
let url = format!("{}file1", server.url()); let url = format!("{}file1", server.url());
let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?; let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
@@ -65,6 +93,20 @@ fn auth_skip_on_options_method(
#[rstest] #[rstest]
fn auth_check( fn auth_check(
#[with(&["--auth", "user:pass@/:rw", "--auth", "user2:pass2@/", "-A"])] server: TestServer,
) -> Result<(), Error> {
let url = format!("{}index.html", server.url());
let resp = fetch!(b"WRITEABLE", &url).send()?;
assert_eq!(resp.status(), 401);
let resp = fetch!(b"WRITEABLE", &url).send_with_digest_auth("user2", "pass2")?;
assert_eq!(resp.status(), 403);
let resp = fetch!(b"WRITEABLE", &url).send_with_digest_auth("user", "pass")?;
assert_eq!(resp.status(), 200);
Ok(())
}
#[rstest]
fn auth_compact_rules(
#[with(&["--auth", "user:pass@/:rw|user2:pass2@/", "-A"])] server: TestServer, #[with(&["--auth", "user:pass@/:rw|user2:pass2@/", "-A"])] server: TestServer,
) -> Result<(), Error> { ) -> Result<(), Error> {
let url = format!("{}index.html", server.url()); let url = format!("{}index.html", server.url());
@@ -79,7 +121,7 @@ fn auth_check(
#[rstest] #[rstest]
fn auth_readonly( fn auth_readonly(
#[with(&["--auth", "user:pass@/:rw|user2:pass2@/", "-A"])] server: TestServer, #[with(&["--auth", "user:pass@/:rw", "--auth", "user2:pass2@/", "-A"])] server: TestServer,
) -> Result<(), Error> { ) -> Result<(), Error> {
let url = format!("{}index.html", server.url()); let url = format!("{}index.html", server.url());
let resp = fetch!(b"GET", &url).send()?; let resp = fetch!(b"GET", &url).send()?;
@@ -96,7 +138,7 @@ fn auth_readonly(
#[rstest] #[rstest]
fn auth_nest( fn auth_nest(
#[with(&["--auth", "user:pass@/:rw|user2:pass2@/", "--auth", "user3:pass3@/dir1:rw", "-A"])] #[with(&["--auth", "user:pass@/:rw", "--auth", "user2:pass2@/", "--auth", "user3:pass3@/dir1:rw", "-A"])]
server: TestServer, server: TestServer,
) -> Result<(), Error> { ) -> Result<(), Error> {
let url = format!("{}dir1/file1", server.url()); let url = format!("{}dir1/file1", server.url());
@@ -125,8 +167,8 @@ fn auth_nest_share(
} }
#[rstest] #[rstest]
#[case(server(&["--auth", "user:pass@/:rw", "--auth-method", "basic", "-A"]), "user", "pass")] #[case(server(&["--auth", "user:pass@/:rw", "-A"]), "user", "pass")]
#[case(server(&["--auth", "u1:p1@/:rw", "--auth-method", "basic", "-A"]), "u1", "p1")] #[case(server(&["--auth", "u1:p1@/:rw", "-A"]), "u1", "p1")]
fn auth_basic( fn auth_basic(
#[case] server: TestServer, #[case] server: TestServer,
#[case] user: &str, #[case] user: &str,
@@ -213,3 +255,22 @@ fn no_auth_propfind_dir(
assert!(body.contains("<D:href>/dir1/</D:href>")); assert!(body.contains("<D:href>/dir1/</D:href>"));
Ok(()) Ok(())
} }
#[rstest]
fn auth_data(
#[with(&["-a", "user:pass@/:rw", "-a", "@/", "-A"])] server: TestServer,
) -> Result<(), Error> {
let resp = reqwest::blocking::get(server.url())?;
let content = resp.text()?;
let json = utils::retrive_json(&content).unwrap();
assert_eq!(json["allow_delete"], serde_json::Value::Bool(false));
assert_eq!(json["allow_upload"], serde_json::Value::Bool(false));
let resp = fetch!(b"GET", server.url())
.basic_auth("user", Some("pass"))
.send()?;
let content = resp.text()?;
let json = utils::retrive_json(&content).unwrap();
assert_eq!(json["allow_delete"], serde_json::Value::Bool(true));
assert_eq!(json["allow_upload"], serde_json::Value::Bool(true));
Ok(())
}

4
tests/bind.rs
View File

@@ -76,9 +76,7 @@ fn validate_printed_urls(tmpdir: TempDir, port: u16, #[case] args: &[&str]) -> R
.collect::<Vec<_>>(); .collect::<Vec<_>>();
assert!(!urls.is_empty()); assert!(!urls.is_empty());
for url in urls { reqwest::blocking::get(urls[0])?.error_for_status()?;
reqwest::blocking::get(url)?.error_for_status()?;
}
child.kill()?; child.kill()?;

56
tests/config.rs Normal file
View File

@@ -0,0 +1,56 @@
mod fixtures;
mod utils;
use assert_cmd::prelude::*;
use assert_fs::TempDir;
use diqwest::blocking::WithDigestAuth;
use fixtures::{port, tmpdir, wait_for_port, Error};
use rstest::rstest;
use std::path::PathBuf;
use std::process::{Command, Stdio};
#[rstest]
fn use_config_file(tmpdir: TempDir, port: u16) -> Result<(), Error> {
let config_path = get_config_path().display().to_string();
let mut child = Command::cargo_bin("dufs")?
.arg(tmpdir.path())
.arg("-p")
.arg(port.to_string())
.args(["--config", &config_path])
.stdout(Stdio::piped())
.spawn()?;
wait_for_port(port);
let url = format!("http://localhost:{port}/dufs/index.html");
let resp = fetch!(b"GET", &url).send()?;
assert_eq!(resp.status(), 401);
let url = format!("http://localhost:{port}/dufs/index.html");
let resp = fetch!(b"GET", &url).send_with_digest_auth("user", "pass")?;
assert_eq!(resp.text()?, "This is index.html");
let url = format!("http://localhost:{port}/dufs?simple");
let resp = fetch!(b"GET", &url).send_with_digest_auth("user", "pass")?;
let text: String = resp.text().unwrap();
assert!(text.split('\n').any(|c| c == "dir1/"));
assert!(!text.split('\n').any(|c| c == "dir3/"));
assert!(!text.split('\n').any(|c| c == "test.txt"));
let url = format!("http://localhost:{port}/dufs/dir1/upload.txt");
let resp = fetch!(b"PUT", &url)
.body("Hello")
.send_with_digest_auth("user", "pass")?;
assert_eq!(resp.status(), 201);
child.kill()?;
Ok(())
}
fn get_config_path() -> PathBuf {
let mut path = std::env::current_dir().expect("Failed to get current directory");
path.push("tests");
path.push("data");
path.push("config.yaml");
path
}

9
tests/data/config.yaml Normal file
View File

@@ -0,0 +1,9 @@
bind:
- 0.0.0.0
path-prefix: dufs
hidden:
- dir3
- test.txt
auth:
- user:pass@/:rw
allow-upload: true

8
tests/log_http.rs → tests/http_logger.rs
View File

@@ -12,7 +12,7 @@ use std::process::{Command, Stdio};
#[rstest] #[rstest]
#[case(&["-a", "user:pass@/:rw", "--log-format", "$remote_user"], false)] #[case(&["-a", "user:pass@/:rw", "--log-format", "$remote_user"], false)]
#[case(&["-a", "user:pass@/:rw", "--log-format", "$remote_user", "--auth-method", "basic"], true)] #[case(&["-a", "user:pass@/:rw", "--log-format", "$remote_user"], true)]
fn log_remote_user( fn log_remote_user(
tmpdir: TempDir, tmpdir: TempDir,
port: u16, port: u16,
@@ -41,7 +41,7 @@ fn log_remote_user(
assert_eq!(resp.status(), 200); assert_eq!(resp.status(), 200);
let mut buf = [0; 1000]; let mut buf = [0; 2048];
let buf_len = stdout.read(&mut buf)?; let buf_len = stdout.read(&mut buf)?;
let output = std::str::from_utf8(&buf[0..buf_len])?; let output = std::str::from_utf8(&buf[0..buf_len])?;
@@ -69,10 +69,12 @@ fn no_log(tmpdir: TempDir, port: u16, #[case] args: &[&str]) -> Result<(), Error
let resp = fetch!(b"GET", &format!("http://localhost:{port}")).send()?; let resp = fetch!(b"GET", &format!("http://localhost:{port}")).send()?;
assert_eq!(resp.status(), 200); assert_eq!(resp.status(), 200);
let mut buf = [0; 1000]; let mut buf = [0; 2048];
let buf_len = stdout.read(&mut buf)?; let buf_len = stdout.read(&mut buf)?;
let output = std::str::from_utf8(&buf[0..buf_len])?; let output = std::str::from_utf8(&buf[0..buf_len])?;
assert_eq!(output.lines().last().unwrap(), ""); assert_eq!(output.lines().last().unwrap(), "");
child.kill()?;
Ok(()) Ok(())
} }

22
tests/tls.rs
View File

@@ -7,6 +7,8 @@ use predicates::str::contains;
use reqwest::blocking::ClientBuilder; use reqwest::blocking::ClientBuilder;
use rstest::rstest; use rstest::rstest;
use crate::fixtures::port;
/// Can start the server with TLS and receive encrypted responses. /// Can start the server with TLS and receive encrypted responses.
#[rstest] #[rstest]
#[case(server(&[ #[case(server(&[
@@ -33,8 +35,16 @@ fn tls_works(#[case] server: TestServer) -> Result<(), Error> {
/// Wrong path for cert throws error. /// Wrong path for cert throws error.
#[rstest] #[rstest]
fn wrong_path_cert() -> Result<(), Error> { fn wrong_path_cert() -> Result<(), Error> {
let port = port().to_string();
Command::cargo_bin("dufs")? Command::cargo_bin("dufs")?
.args(["--tls-cert", "wrong", "--tls-key", "tests/data/key.pem"]) .args([
"--tls-cert",
"wrong",
"--tls-key",
"tests/data/key.pem",
"--port",
&port,
])
.assert() .assert()
.failure() .failure()
.stderr(contains("Failed to access `wrong`")); .stderr(contains("Failed to access `wrong`"));
@@ -45,8 +55,16 @@ fn wrong_path_cert() -> Result<(), Error> {
/// Wrong paths for key throws errors. /// Wrong paths for key throws errors.
#[rstest] #[rstest]
fn wrong_path_key() -> Result<(), Error> { fn wrong_path_key() -> Result<(), Error> {
let port = port().to_string();
Command::cargo_bin("dufs")? Command::cargo_bin("dufs")?
.args(["--tls-cert", "tests/data/cert.pem", "--tls-key", "wrong"]) .args([
"--tls-cert",
"tests/data/cert.pem",
"--tls-key",
"wrong",
"--port",
&port,
])
.assert() .assert()
.failure() .failure()
.stderr(contains("Failed to access `wrong`")); .stderr(contains("Failed to access `wrong`"));

3
tests/utils.rs
View File

@@ -59,7 +59,8 @@ pub fn encode_uri(v: &str) -> String {
parts.join("/") parts.join("/")
} }
fn retrive_json(content: &str) -> Option<Value> { #[allow(dead_code)]
pub fn retrive_json(content: &str) -> Option<Value> {
let lines: Vec<&str> = content.lines().collect(); let lines: Vec<&str> = content.lines().collect();
let line = lines.iter().find(|v| v.contains("DATA ="))?; let line = lines.iter().find(|v| v.contains("DATA ="))?;
let line_col = line.find("DATA =").unwrap() + 6; let line_col = line.find("DATA =").unwrap() + 6;