chore: release v0.36.0

* chore: release 0.35.0

* update release profile

.dockerignore

@@ -0,0 +1,13 @@
+# Directories
+/.git/
+/.github/
+/target/
+/examples/
+/docs/
+/benches/
+/tmp/
+
+# Files
+.gitignore
+*.md
+LICENSE*

.github/ISSUE_TEMPLATE/bug_report.md

@@ -0,0 +1,17 @@
+---
+name: Bug report
+about: Create a report to help us improve 
+---
+
+**Problem**
+
+<!-- A clear and concise description of what the bug is. -->
+
+**Log**
+
+If applicable, add logs to help explain your problem.
+
+**Environment:**
+ - Dufs version:
+ - Browser/Webdav Info: 
+ - OS Info: 

.github/ISSUE_TEMPLATE/feature_requst.md

@@ -0,0 +1,16 @@
+---
+name: Feature Request
+about: If you have any interesting advice, you can tell us.
+---
+
+## Specific Demand
+
+<!--
+What feature do you need, please describe it in detail.
+-->
+
+## Implement Suggestion
+
+<!--
+If you have any suggestion for complete this feature, you can tell us.
+-->

.github/workflows/ci.yaml

@@ -29,16 +29,12 @@ jobs:
       RUSTFLAGS: --deny warnings
 
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
 
     - name: Install Rust Toolchain Components
-      uses: actions-rs/toolchain@v1
-      with:
-        components: clippy, rustfmt
-        override: true
-        toolchain: stable
+      uses: dtolnay/rust-toolchain@stable
 
-    - uses: Swatinem/rust-cache@v1
+    - uses: Swatinem/rust-cache@v2
 
     - name: Test
       run: cargo test --all

.github/workflows/release.yaml

@@ -6,64 +6,105 @@ on:
     - v[0-9]+.[0-9]+.[0-9]+*
 
 jobs:
-  all:
-    name: All
+  release:
+    name: Publish to Github Releases
+    permissions:
+      contents: write
+    outputs:
+      rc: ${{ steps.check-tag.outputs.rc }}
 
     strategy:
       matrix:
-        target:
-        - aarch64-unknown-linux-musl
-        - aarch64-apple-darwin
-        - x86_64-apple-darwin
-        - x86_64-pc-windows-msvc
-        - x86_64-unknown-linux-musl
         include:
         - target: aarch64-unknown-linux-musl
           os: ubuntu-latest
           use-cross: true
+          cargo-flags: ""
         - target: aarch64-apple-darwin
           os: macos-latest
           use-cross: true
+          cargo-flags: ""
+        - target: aarch64-pc-windows-msvc
+          os: windows-latest
+          use-cross: true
+          cargo-flags: "--no-default-features"
         - target: x86_64-apple-darwin
           os: macos-latest
+          cargo-flags: ""
         - target: x86_64-pc-windows-msvc
           os: windows-latest
+          cargo-flags: ""
         - target: x86_64-unknown-linux-musl
           os: ubuntu-latest
           use-cross: true
-
+          cargo-flags: ""
+        - target: i686-unknown-linux-musl
+          os: ubuntu-latest
+          use-cross: true
+          cargo-flags: ""
+        - target: i686-pc-windows-msvc
+          os: windows-latest
+          use-cross: true
+          cargo-flags: ""
+        - target: armv7-unknown-linux-musleabihf
+          os: ubuntu-latest
+          use-cross: true
+          cargo-flags: ""
+        - target: arm-unknown-linux-musleabihf
+          os: ubuntu-latest
+          use-cross: true
+          cargo-flags: ""
+        - target: mips-unknown-linux-musl
+          os: ubuntu-latest
+          use-cross: true
+          cargo-flags: "--no-default-features"
+        - target: mipsel-unknown-linux-musl
+          os: ubuntu-latest
+          use-cross: true
+          cargo-flags: "--no-default-features"
+        - target: mips64-unknown-linux-gnuabi64
+          os: ubuntu-latest
+          use-cross: true
+          cargo-flags: "--no-default-features"
+        - target: mips64el-unknown-linux-gnuabi64
+          os: ubuntu-latest
+          use-cross: true
+          cargo-flags: "--no-default-features"
     runs-on: ${{matrix.os}}
+    env:
+      BUILD_CMD: cargo
 
     steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v3
 
     - name: Check Tag
       id: check-tag
       shell: bash
       run: |
-        tag=${GITHUB_REF##*/}
-        echo "::set-output name=version::$tag"
-        if [[ "$tag" =~ [0-9]+.[0-9]+.[0-9]+$ ]]; then
-          echo "::set-output name=rc::false"
+        ver=${GITHUB_REF##*/}
+        echo "version=$ver" >> $GITHUB_OUTPUT
+        if [[ "$ver" =~ [0-9]+.[0-9]+.[0-9]+$ ]]; then
+          echo "rc=false" >> $GITHUB_OUTPUT
         else
-          echo "::set-output name=rc::true"
+          echo "rc=true" >> $GITHUB_OUTPUT
         fi
 
 
     - name: Install Rust Toolchain Components
-      uses: actions-rs/toolchain@v1
+      uses: dtolnay/rust-toolchain@stable
       with:
-        override: true
-        target: ${{ matrix.target }}
-        toolchain: stable
-        profile: minimal # minimal component installation (ie, no documentation)
+        targets: ${{ matrix.target }}
 
-    - name: Install prerequisites
+    - name: Install cross
+      if: matrix.use-cross
+      uses: taiki-e/install-action@v2
+      with:
+        tool: cross
+  
+    - name: Overwrite build command env variable
+      if: matrix.use-cross
       shell: bash
-      run: |
-        case ${{ matrix.target }} in
-          aarch64-unknown-linux-musl) sudo apt-get -y update ; sudo apt-get -y install gcc-aarch64-linux-gnu ;;
-        esac
+      run: echo "BUILD_CMD=cross" >> $GITHUB_ENV
 
     - name: Show Version Information (Rust, cargo, GCC)
       shell: bash
@@ -76,11 +117,8 @@ jobs:
         rustc -V
       
     - name: Build
-      uses: actions-rs/cargo@v1
-      with:
-        use-cross: ${{ matrix.use-cross }}
-        command: build
-        args: --locked --release --target=${{ matrix.target }}
+      shell: bash
+      run: $BUILD_CMD build --locked --release --target=${{ matrix.target }} ${{ matrix.cargo-flags }}
 
     - name: Build Archive
       shell: bash
@@ -92,8 +130,7 @@ jobs:
         set -euxo pipefail
 
         bin=${GITHUB_REPOSITORY##*/}
-        src=`pwd`
-        dist=$src/dist
+        dist_dir=`pwd`/dist
         name=$bin-$version-$target
         executable=target/$target/release/$bin
 
@@ -101,22 +138,22 @@ jobs:
           executable=$executable.exe
         fi
 
-        mkdir $dist
-        cp $executable $dist
-        cd $dist
+        mkdir $dist_dir
+        cp $executable $dist_dir
+        cd $dist_dir
 
         if [[ "$RUNNER_OS" == "Windows" ]]; then
-            archive=$dist/$name.zip
+            archive=$dist_dir/$name.zip
             7z a $archive *
-            echo "::set-output name=archive::`pwd -W`/$name.zip"
+            echo "archive=dist/$name.zip" >> $GITHUB_OUTPUT
         else
-            archive=$dist/$name.tar.gz
-            tar czf $archive *
-            echo "::set-output name=archive::$archive"
+            archive=$dist_dir/$name.tar.gz
+            tar -czf $archive *
+            echo "archive=dist/$name.tar.gz" >> $GITHUB_OUTPUT
         fi
 
     - name: Publish Archive
-      uses: softprops/action-gh-release@v0.1.5
+      uses: softprops/action-gh-release@v1
       if: ${{ startsWith(github.ref, 'refs/tags/') }}
       with:
         draft: false
@@ -124,3 +161,47 @@ jobs:
         prerelease: ${{ steps.check-tag.outputs.rc == 'true' }}
       env:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  docker:
+    name: Publish to Docker Hub
+    if: startsWith(github.ref, 'refs/tags/')
+    runs-on: ubuntu-latest
+    needs: release
+    steps:
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+      - name: Login to DockerHub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Build and push
+        uses: docker/build-push-action@v4
+        with:
+          build-args: |
+            REPO=${{ github.repository }}
+            VER=${{ github.ref_name }}
+          platforms: |
+            linux/amd64
+            linux/arm64
+            linux/386
+            linux/arm/v7
+          push: ${{ needs.release.outputs.rc == 'false' }}
+          tags: ${{ github.repository }}:latest, ${{ github.repository }}:${{ github.ref_name }}
+
+  publish-crate:
+    name: Publish to crates.io
+    if: ${{ needs.release.outputs.rc == 'false' }}
+    runs-on: ubuntu-latest
+    needs: release
+    steps:
+      - uses: actions/checkout@v3
+
+      - uses: dtolnay/rust-toolchain@stable
+
+      - name: Publish
+        env:
+          CARGO_REGISTRY_TOKEN: ${{ secrets.CRATES_IO_API_TOKEN }}
+        run: cargo publish

CHANGELOG.md

@@ -0,0 +1,521 @@
+# Changelog
+
+All notable changes to this project will be documented in this file.
+
+## [0.36.0] - 2023-08-24
+
+### Bug Fixes
+
+- Ui readonly if no write perm ([#258](https://github.com/sigoden/dufs/issues/258))
+
+### Testing
+
+- Remove dependency on native tls ([#255](https://github.com/sigoden/dufs/issues/255))
+
+## [0.35.0] - 2023-08-14
+
+### Bug Fixes
+
+- Search should ignore entry path ([#235](https://github.com/sigoden/dufs/issues/235))
+- Typo __ASSERTS_PREFIX__ ([#252](https://github.com/sigoden/dufs/issues/252))
+
+### Features
+
+- Sort by type first, then sort by name/mtime/size ([#241](https://github.com/sigoden/dufs/issues/241))
+
+## [0.34.2] - 2023-06-05
+
+### Bug Fixes
+
+- Ui refresh page after login ([#230](https://github.com/sigoden/dufs/issues/230))
+- Webdav only see public folder even logging in ([#231](https://github.com/sigoden/dufs/issues/231))
+
+## [0.34.1] - 2023-06-02
+
+### Bug Fixes
+
+- Auth logic ([#224](https://github.com/sigoden/dufs/issues/224))
+- Allow all cors headers and methods ([#225](https://github.com/sigoden/dufs/issues/225))
+
+### Refactor
+
+- Ui checkAuth ([#226](https://github.com/sigoden/dufs/issues/226))
+
+## [0.34.0] - 2023-06-01
+
+### Bug Fixes
+
+- URL-encoded filename when downloading in safari ([#203](https://github.com/sigoden/dufs/issues/203))
+- Ui path table show move action ([#219](https://github.com/sigoden/dufs/issues/219))
+- Ui set default max uploading to 1 ([#220](https://github.com/sigoden/dufs/issues/220))
+
+### Features
+
+- Webui editing support multiple encodings ([#197](https://github.com/sigoden/dufs/issues/197))
+- Add timestamp metadata to generated zip file ([#204](https://github.com/sigoden/dufs/issues/204))
+- Show precise file size with decimal ([#210](https://github.com/sigoden/dufs/issues/210))
+- [**breaking**] New auth ([#218](https://github.com/sigoden/dufs/issues/218))
+
+### Refactor
+
+- Cli positional rename root => SERVE_PATH([#215](https://github.com/sigoden/dufs/issues/215))
+
+## [0.33.0] - 2023-03-17
+
+### Bug Fixes
+
+- Cors allow-request-header add content-type ([#184](https://github.com/sigoden/dufs/issues/184))
+- Hidden don't works on some files ([#188](https://github.com/sigoden/dufs/issues/188))
+- Basic auth sometimes does not work ([#194](https://github.com/sigoden/dufs/issues/194))
+
+### Features
+
+- Guess plain text encoding then set content-type charset ([#186](https://github.com/sigoden/dufs/issues/186))
+
+### Refactor
+
+- Improve error handle ([#195](https://github.com/sigoden/dufs/issues/195))
+
+## [0.32.0] - 2023-02-22
+
+### Bug Fixes
+
+- Set the STOPSIGNAL to SIGINT for Dockerfile
+- Remove Method::Options auth check ([#168](https://github.com/sigoden/dufs/issues/168))
+- Clear search input also clear query ([#178](https://github.com/sigoden/dufs/issues/178))
+
+### Features
+
+- [**breaking**] Add option --allow-archive ([#152](https://github.com/sigoden/dufs/issues/152))
+- Use env var for args ([#170](https://github.com/sigoden/dufs/issues/170))
+- Hiding only directories instead of files ([#175](https://github.com/sigoden/dufs/issues/175))
+- API to search and list directories ([#177](https://github.com/sigoden/dufs/issues/177))
+- Support edit files ([#179](https://github.com/sigoden/dufs/issues/179))
+- Support new file ([#180](https://github.com/sigoden/dufs/issues/180))
+- Ui improves the login experience ([#182](https://github.com/sigoden/dufs/issues/182))
+
+## [0.31.0] - 2022-11-11
+
+### Bug Fixes
+
+- Auth not works with --path-prefix ([#138](https://github.com/sigoden/dufs/issues/138))
+- Don't search on empty query string ([#140](https://github.com/sigoden/dufs/issues/140))
+- Status code for MKCOL on existing resource ([#142](https://github.com/sigoden/dufs/issues/142))
+- Panic on PROPFIND // ([#144](https://github.com/sigoden/dufs/issues/144))
+
+### Features
+
+- Support unix sockets ([#145](https://github.com/sigoden/dufs/issues/145))
+
+## [0.30.0] - 2022-09-09
+
+### Bug Fixes
+
+- Hide path by ext name ([#126](https://github.com/sigoden/dufs/issues/126))
+
+### Features
+
+- Support sort by name, mtime, size ([#128](https://github.com/sigoden/dufs/issues/128))
+- Add --assets options to override assets ([#134](https://github.com/sigoden/dufs/issues/134))
+
+## [0.29.0] - 2022-08-03
+
+### Bug Fixes
+
+- Table row hover highlighting in dark mode ([#122](https://github.com/sigoden/dufs/issues/122))
+
+### Features
+
+- Support ecdsa tls cert ([#119](https://github.com/sigoden/dufs/issues/119))
+
+## [0.28.0] - 2022-08-01
+
+### Bug Fixes
+
+- File path contains special characters ([#114](https://github.com/sigoden/dufs/issues/114))
+
+### Features
+
+- Add table row hover ([#115](https://github.com/sigoden/dufs/issues/115))
+- Support customize http log format ([#116](https://github.com/sigoden/dufs/issues/116))
+
+## [0.27.0] - 2022-07-25
+
+### Features
+
+- Improve hidden to support glob ([#108](https://github.com/sigoden/dufs/issues/108))
+- Adjust digest auth timeout to 1day ([#110](https://github.com/sigoden/dufs/issues/110))
+
+## [0.26.0] - 2022-07-11
+
+### Bug Fixes
+
+- Cors headers ([#100](https://github.com/sigoden/dufs/issues/100))
+
+### Features
+
+- Make --path-prefix works on serving single file ([#102](https://github.com/sigoden/dufs/issues/102))
+
+## [0.25.0] - 2022-07-06
+
+### Features
+
+- Ui supports creating folder ([#91](https://github.com/sigoden/dufs/issues/91))
+- Ui supports move folder/file to new path ([#92](https://github.com/sigoden/dufs/issues/92))
+- Check permission on move/copy destination ([#93](https://github.com/sigoden/dufs/issues/93))
+- Add completions ([#97](https://github.com/sigoden/dufs/issues/97))
+- Limit the number of concurrent uploads ([#98](https://github.com/sigoden/dufs/issues/98))
+
+## [0.24.0] - 2022-07-02
+
+### Bug Fixes
+
+- Unexpected stack overflow when searching a lot ([#87](https://github.com/sigoden/dufs/issues/87))
+
+### Features
+
+- Allow search with --render-try-index ([#88](https://github.com/sigoden/dufs/issues/88))
+
+## [0.23.1] - 2022-06-30
+
+### Bug Fixes
+
+- Safari layout and compatibility ([#83](https://github.com/sigoden/dufs/issues/83))
+- Permissions of unzipped files ([#84](https://github.com/sigoden/dufs/issues/84))
+
+## [0.23.0] - 2022-06-29
+
+### Features
+
+- Use feature to conditional support tls ([#77](https://github.com/sigoden/dufs/issues/77))
+
+### Ci
+
+- Support more platforms ([#76](https://github.com/sigoden/dufs/issues/76))
+
+## [0.22.0] - 2022-06-26
+
+### Features
+
+- Support hiding folders with --hidden ([#73](https://github.com/sigoden/dufs/issues/73))
+
+## [0.21.0] - 2022-06-23
+
+### Bug Fixes
+
+- Escape name contains html escape code ([#65](https://github.com/sigoden/dufs/issues/65))
+
+### Features
+
+- Use custom logger with timestamp in rfc3339 ([#67](https://github.com/sigoden/dufs/issues/67))
+
+### Refactor
+
+- Split css/js from index.html ([#68](https://github.com/sigoden/dufs/issues/68))
+
+## [0.20.0] - 2022-06-20
+
+### Bug Fixes
+
+- DecodeURI searching string ([#61](https://github.com/sigoden/dufs/issues/61))
+
+### Features
+
+- Added basic auth ([#60](https://github.com/sigoden/dufs/issues/60))
+- Add option --allow-search ([#62](https://github.com/sigoden/dufs/issues/62))
+
+## [0.19.0] - 2022-06-19
+
+### Features
+
+- [**breaking**] Path level access control ([#52](https://github.com/sigoden/dufs/issues/52))
+- Serve single file ([#54](https://github.com/sigoden/dufs/issues/54))
+- Ui hidden root dirname ([#58](https://github.com/sigoden/dufs/issues/58))
+- Reactive webpage ([#51](https://github.com/sigoden/dufs/issues/51))
+- [**breaking**] Rename to dufs ([#59](https://github.com/sigoden/dufs/issues/59))
+
+### Refactor
+
+- [**breaking**] Rename --cors to --enable-cors ([#57](https://github.com/sigoden/dufs/issues/57))
+
+## [0.18.0] - 2022-06-18
+
+### Features
+
+- Add option --render-try-index ([#47](https://github.com/sigoden/dufs/issues/47))
+- Add slash to end of dir href
+
+## [0.17.1] - 2022-06-16
+
+### Bug Fixes
+
+- Range request ([#44](https://github.com/sigoden/dufs/issues/44))
+
+## [0.17.0] - 2022-06-15
+
+### Bug Fixes
+
+- Webdav propfind dir with slash ([#42](https://github.com/sigoden/dufs/issues/42))
+
+### Features
+
+- Listen both ipv4 and ipv6 by default ([#40](https://github.com/sigoden/dufs/issues/40))
+
+### Refactor
+
+- Trivial changes ([#41](https://github.com/sigoden/dufs/issues/41))
+
+## [0.16.0] - 2022-06-12
+
+### Features
+
+- Implement head method ([#33](https://github.com/sigoden/dufs/issues/33))
+- Display upload speed and time left ([#34](https://github.com/sigoden/dufs/issues/34))
+- Support tls-key in pkcs#8 format ([#35](https://github.com/sigoden/dufs/issues/35))
+- Options method return status 200
+
+### Testing
+
+- Add integration tests ([#36](https://github.com/sigoden/dufs/issues/36))
+
+## [0.15.1] - 2022-06-11
+
+### Bug Fixes
+
+- Cannot upload ([#32](https://github.com/sigoden/dufs/issues/32))
+
+## [0.15.0] - 2022-06-10
+
+### Bug Fixes
+
+- Encode webdav href as uri ([#28](https://github.com/sigoden/dufs/issues/28))
+- Query dir param
+
+### Features
+
+- Add basic dark theme ([#29](https://github.com/sigoden/dufs/issues/29))
+- Add empty state placeholder to page([#30](https://github.com/sigoden/dufs/issues/30))
+
+## [0.14.0] - 2022-06-07
+
+### Bug Fixes
+
+- Send index page with content-type ([#26](https://github.com/sigoden/dufs/issues/26))
+
+### Features
+
+- Support ipv6 ([#25](https://github.com/sigoden/dufs/issues/25))
+- Add favicon ([#27](https://github.com/sigoden/dufs/issues/27))
+
+## [0.13.2] - 2022-06-06
+
+### Bug Fixes
+
+- Filename xml escaping
+- Escape path-prefix/url-prefix different
+
+## [0.13.1] - 2022-06-05
+
+### Bug Fixes
+
+- Escape filename ([#21](https://github.com/sigoden/dufs/issues/21))
+
+### Refactor
+
+- Use logger ([#22](https://github.com/sigoden/dufs/issues/22))
+
+## [0.13.0] - 2022-06-05
+
+### Bug Fixes
+
+- Ctrl+c not exit sometimes
+
+### Features
+
+- Implement more webdav methods ([#13](https://github.com/sigoden/dufs/issues/13))
+- Use digest auth ([#14](https://github.com/sigoden/dufs/issues/14))
+- Add webdav proppatch handler ([#18](https://github.com/sigoden/dufs/issues/18))
+
+## [0.12.1] - 2022-06-04
+
+### Features
+
+- Support webdav ([#10](https://github.com/sigoden/dufs/issues/10))
+- Remove unzip uploaded feature ([#11](https://github.com/sigoden/dufs/issues/11))
+
+## [0.11.0] - 2022-06-03
+
+### Features
+
+- Support gracefully shutdown server
+- Listen 0.0.0.0 by default
+
+## [0.10.1] - 2022-06-02
+
+### Bug Fixes
+
+- Panic when bind already used port
+
+## [0.10.0] - 2022-06-02
+
+### Bug Fixes
+
+- Remove unzip file even failed to unzip
+- Rename --no-auth-read to --no-auth-access
+- Broken ui
+
+### Documentation
+
+- Refactor readme
+
+### Features
+
+- Change auth logic/options
+- Improve ui
+
+### Refactor
+
+- Small improvement
+
+## [0.9.0] - 2022-06-02
+
+### Documentation
+
+- Improve readme
+
+### Features
+
+- Support path prefix
+- List all ifaces when listening 0.0.0.0
+- Support tls
+
+## [0.8.0] - 2022-06-01
+
+### Bug Fixes
+
+- Some typos
+- Caught 500 if no permission to access dir
+
+### Features
+
+- Cli add allow-symlink option
+- Add some headers to res
+- Support render-index/render-spa
+
+## [0.7.0] - 2022-05-31
+
+### Bug Fixes
+
+- Downloaded zip file has no.zip ext in firefox
+- Unzip override existed file in uploadonly mode
+- Miss file 500
+- Not found dir when allow_upload is false
+
+### Features
+
+- Drag and drop uploads, upload folder
+
+## [0.6.0] - 2022-05-31
+
+### Features
+
+- Delete confirm
+- Distinct upload and delete operation
+- Support range requests
+
+### Refactor
+
+- Improve code quality
+
+## [0.5.0] - 2022-05-30
+
+### Features
+
+- Add mime and cache headers to response
+- Add no-auth-read options
+- Unzip zip file when unload
+
+## [0.4.0] - 2022-05-29
+
+### Features
+
+- Replace --static option to --no-edit
+- Add cors
+
+## [0.3.0] - 2022-05-29
+
+### Documentation
+
+- Update readme demo png
+
+### Features
+
+- Automatically create dir while uploading
+- Support searching
+
+### Refactor
+
+- Handler zip
+
+### Styling
+
+- Optimize css
+
+## [0.2.1] - 2022-05-28
+
+### Bug Fixes
+
+- Cannot upload in root
+- Optimize download zip
+
+### Documentation
+
+- Improve readme
+
+### Features
+
+- Aware RUST_LOG
+
+## [0.2.0] - 2022-05-28
+
+### Documentation
+
+- Update demo png
+- Improve readme
+
+### Features
+
+- Add logger
+- Download folder as zip file
+
+## [0.1.0] - 2022-05-26
+
+### Bug Fixes
+
+- Caught server error when symlink broken
+
+### Documentation
+
+- Improve readme
+- Update readme
+
+### Features
+
+- Add basic auth and readonly mode
+- Support delete operation
+- Remove parent path
+
+### Styling
+
+- Cargo fmt
+- Update index page
+
+### Build
+
+- Remove dev deps
+
+### Ci
+
+- Init ci
+
+<!-- generated by git-cliff -->

Cargo.toml

@@ -1,34 +1,69 @@
 [package]
-name = "duf"
-version = "0.5.0"
+name = "dufs"
+version = "0.36.0"
 edition = "2021"
 authors = ["sigoden <sigoden@gmail.com>"]
-description = "Duf is a simple file server."
+description = "Dufs is a distinctive utility file server"
 license = "MIT OR Apache-2.0"
-homepage = "https://github.com/sigoden/duf"
-repository = "https://github.com/sigoden/duf"
-autotests = false
+homepage = "https://github.com/sigoden/dufs"
+repository = "https://github.com/sigoden/dufs"
 categories = ["command-line-utilities", "web-programming::http-server"]
-keywords = ["static", "file", "server", "http", "cli"]
+keywords = ["static", "file", "server", "webdav", "cli"]
 
 [dependencies]
-clap = { version = "3", default-features = false, features = ["std", "cargo"] }
-tokio = { version = "1", features = ["rt-multi-thread", "macros", "fs", "io-util"]}
+clap = { version = "4", features = ["wrap_help", "env"] }
+clap_complete = "4"
+chrono = { version = "0.4", default-features = false, features = ["clock"] }
+tokio = { version = "1", features = ["rt-multi-thread", "macros", "fs", "io-util", "signal"]}
+tokio-util = { version = "0.7",  features = ["io-util", "compat"] }
 hyper = { version = "0.14", features = ["http1", "server", "tcp", "stream"] }
-percent-encoding = "2.1"
+percent-encoding = "2.3"
 serde = { version = "1", features = ["derive"] }
 serde_json = "1"
-tokio-util = { version = "0.7", features = ["codec", "io-util"] }
 futures = "0.3"
-base64 = "0.13"
+base64 = "0.21"
+async_zip = { version = "0.0.15", default-features = false, features = ["deflate", "chrono", "tokio"] }
+headers = "0.3"
+mime_guess = "2.0"
+if-addrs = "0.10.1"
+rustls = { version = "0.21", default-features = false, features = ["tls12"], optional = true }
+rustls-pemfile = { version = "1", optional = true }
+tokio-rustls = { version = "0.24", optional = true }
+md5 = "0.7"
+lazy_static = "1.4"
+uuid = { version = "1.4", features = ["v4", "fast-rng"] }
+urlencoding = "2.1"
+xml-rs = "0.8"
 log = "0.4"
-simple_logger = "2.1.0"
-async_zip = "0.0.7"
-async-walkdir = "0.2.0"
-headers = "0.3.7"
-mime_guess = "2.0.4"
+socket2 = "0.5"
+async-stream = "0.3"
+walkdir = "2.3"
+form_urlencoded = "1.2"
+alphanumeric-sort = "1.4"
+content_inspector = "0.2"
+anyhow = "1.0"
+chardetng = "0.1"
+glob = "0.3.1"
+indexmap = "2.0"
+
+[features]
+default = ["tls"]
+tls = ["rustls", "rustls-pemfile", "tokio-rustls"]
+
+[dev-dependencies]
+assert_cmd = "2"
+reqwest = { version = "0.11", features = ["blocking", "multipart", "rustls-tls"], default-features = false }
+assert_fs = "1"
+port_check = "0.1"
+rstest = "0.18"
+regex = "1"
+url = "2"
+diqwest = { version = "1", features = ["blocking", "rustls-tls"], default-features = false }
+predicates = "3"
 
 [profile.release]
+opt-level = 3
 lto = true
-strip = true
-opt-level = "z"
+codegen-units = 1
+panic = "abort"
+strip = "symbols"

Dockerfile

@@ -0,0 +1,19 @@
+FROM alpine as builder
+ARG REPO VER TARGETPLATFORM
+RUN if [ "$TARGETPLATFORM" = "linux/amd64" ]; then \ 
+        TARGET="x86_64-unknown-linux-musl"; \
+    elif [  "$TARGETPLATFORM" = "linux/arm64" ]; then \
+        TARGET="aarch64-unknown-linux-musl"; \
+    elif [  "$TARGETPLATFORM" = "linux/386" ]; then \
+        TARGET="i686-unknown-linux-musl"; \
+    elif [  "$TARGETPLATFORM" = "linux/arm/v7" ]; then \
+        TARGET="armv7-unknown-linux-musleabihf"; \
+    fi && \
+    wget https://github.com/${REPO}/releases/download/${VER}/dufs-${VER}-${TARGET}.tar.gz && \
+    tar -xf dufs-${VER}-${TARGET}.tar.gz && \
+    mv dufs /bin/
+
+FROM scratch
+COPY --from=builder /bin/dufs /bin/dufs
+STOPSIGNAL SIGINT
+ENTRYPOINT ["/bin/dufs"]

README.md

@@ -1,21 +1,22 @@
-# Duf
+# Dufs
 
-[![CI](https://github.com/sigoden/duf/actions/workflows/ci.yaml/badge.svg)](https://github.com/sigoden/duf/actions/workflows/ci.yaml)
-[![Crates](https://img.shields.io/crates/v/duf.svg)](https://crates.io/crates/duf)
+[![CI](https://github.com/sigoden/dufs/actions/workflows/ci.yaml/badge.svg)](https://github.com/sigoden/dufs/actions/workflows/ci.yaml)
+[![Crates](https://img.shields.io/crates/v/dufs.svg)](https://crates.io/crates/dufs)
 
-Duf is a simple file server.
+Dufs is a distinctive utility file server that supports static serving, uploading, searching, accessing control, webdav...
 
-![demo](https://user-images.githubusercontent.com/4012553/170853369-dfcdc4c7-4864-4401-bf49-6e41ffe05df3.png)
+![demo](https://user-images.githubusercontent.com/4012553/220513063-ff0f186b-ac54-4682-9af4-47a9781dee0d.png)
 
 ## Features
 
 - Serve static files
 - Download folder as zip file
-- Search files
-- Upload files
-- Delete files
-- Basic authentication
-- Unzip zip file when upload
+- Upload files and folders (Drag & Drop)
+- Create/Edit/Search files
+- Partial responses (Parallel/Resume download)
+- Access control
+- Support https
+- Support webdav
 - Easy to use with curl
 
 ## Install
@@ -23,71 +24,334 @@ Duf is a simple file server.
 ### With cargo
 
 ```
-cargo install duf
+cargo install dufs
+```
+
+### With docker
+
+```
+docker run -v `pwd`:/data -p 5000:5000 --rm -it sigoden/dufs /data -A
+```
+
+### With [Homebrew](https://brew.sh)
+
+```
+brew install dufs
 ```
 
 ### Binaries on macOS, Linux, Windows
 
-Download from [Github Releases](https://github.com/sigoden/duf/releases), unzip and add duf to your $PATH.
+Download from [Github Releases](https://github.com/sigoden/dufs/releases), unzip and add dufs to your $PATH.
 
-## Usage
-
-You can run this command to start serving your current working directory on 127.0.0.1:5000 by default.
+## CLI
 
 ```
-duf
+Dufs is a distinctive utility file server - https://github.com/sigoden/dufs
+
+Usage: dufs [OPTIONS] [serve_path]
+
+Arguments:
+  [serve_path]  Specific path to serve [default: .]
+
+Options:
+  -b, --bind <addrs>         Specify bind address or unix socket
+  -p, --port <port>          Specify port to listen on [default: 5000]
+      --path-prefix <path>   Specify a path prefix
+      --hidden <value>       Hide paths from directory listings, separated by `,`
+  -a, --auth <rules>         Add auth role
+      --auth-method <value>  Select auth method [default: digest] [possible values: basic, digest]
+  -A, --allow-all            Allow all operations
+      --allow-upload         Allow upload files/folders
+      --allow-delete         Allow delete files/folders
+      --allow-search         Allow search files/folders
+      --allow-symlink        Allow symlink to files/folders outside root directory
+      --allow-archive        Allow zip archive generation
+      --enable-cors          Enable CORS, sets `Access-Control-Allow-Origin: *`
+      --render-index         Serve index.html when requesting a directory, returns 404 if not found index.html
+      --render-try-index     Serve index.html when requesting a directory, returns directory listing if not found index.html
+      --render-spa           Serve SPA(Single Page Application)
+      --assets <path>        Use custom assets to override builtin assets
+      --tls-cert <path>      Path to an SSL/TLS certificate to serve with HTTPS
+      --tls-key <path>       Path to the SSL/TLS certificate's private key
+      --log-format <format>  Customize http log format
+      --completions <shell>  Print shell completion script for <shell> [possible values: bash, elvish, fish, powershell, zsh]
+  -h, --help                 Print help
+  -V, --version              Print version
 ```
 
-...or specify which folder you want to serve.
+## Examples
+
+Serve current working directory in readonly mode
 
 ```
-duf folder_name
+dufs
 ```
 
-Only serve static files, disable editing operations such as update or delete
+Allow all operations like upload/delete/search/create/edit...
+
 ```
-duf --readonly
+dufs -A
 ```
 
-Finally, run this command to see a list of all available option
+Only allow upload operation
 
-### Curl
+```
+dufs --allow-upload
+```
+
+Serve a specific directory
+
+```
+dufs Downloads
+```
+
+Serve a single file
+
+```
+dufs linux-distro.iso
+```
+
+Serve a single-page application like react/vue
+
+```
+dufs --render-spa
+```
+
+Serve a static website with index.html
+
+```
+dufs --render-index
+```
+
+Require username/password
+
+```
+dufs -a admin:123@/:rw
+```
+
+Listen on specific host:ip 
+
+```
+dufs -b 127.0.0.1 -p 80
+```
+
+Listen on unix socket
+```
+dufs -b /tmp/dufs.socket
+```
+
+Use https
+
+```
+dufs --tls-cert my.crt --tls-key my.key
+```
+
+## API
+
+Upload a file
+
+```
+curl -T path-to-file http://127.0.0.1:5000/new-path/path-to-file
+```
 
 Download a file
 ```
-curl http://127.0.0.1:5000/some-file
-
-curl -o some-file2 http://127.0.0.1:5000/some-file
+curl http://127.0.0.1:5000/path-to-file
 ```
 
 Download a folder as zip file
 
 ```
-curl -o some-folder.zip http://127.0.0.1:5000/some-folder?zip
-```
-
-Upload a file
-
-```
-curl --upload-file some-file http://127.0.0.1:5000/some-file
-```
-
-Unzip zip file when unload
-
-```
-curl --upload-file some-folder.zip http://127.0.0.1:5000/some-folder.zip?unzip
+curl -o path-to-folder.zip http://127.0.0.1:5000/path-to-folder?zip
 ```
 
 Delete a file/folder
 
 ```
-curl -X DELETE http://127.0.0.1:5000/some-file
+curl -X DELETE http://127.0.0.1:5000/path-to-file-or-folder
 ```
 
+Create a directory
+
+```
+curl -X MKCOL https://127.0.0.1:5000/path-to-folder
+```
+
+Move the file/folder to the new path
+
+```
+curl -X MOVE https://127.0.0.1:5000/path -H "Destination: https://127.0.0.1:5000/new-path"
+```
+
+List/search directory contents
+
+```
+curl http://127.0.0.1:5000?simple                 # output names only, just like `ls -1`
+curl http://127.0.0.1:5000?json                   # output paths in json format
+curl http://127.0.0.1:5000?q=Dockerfile&simple    # search for files, just like `find -name Dockerfile`
+```
+
+With authorization
+
+```
+curl --user user:pass --digest http://192.168.8.10:5000/file  # digest auth
+curl --user user:pass http://192.168.8.10:5000/file           # basic auth
+```
+
+<details>
+<summary><h2>Advanced topics</h2></summary>
+
+### Access Control
+
+Dufs supports account based access control. You can control who can do what on which path with `--auth`/`-a`.
+
+```
+dufs -a [user:pass]@path[:rw][,path[:rw]...][|...]
+```
+
+1. Multiple rules are separated by "|"
+2. User and pass are the account name and password, if omitted, it is an anonymous user
+3. One rule can set multiple paths, separated by ","
+4. Add `:rw` after the path to indicate that the path has read and write permissions, otherwise the path has readonly permissions.
+
+```
+dufs -A -a admin:admin@/:rw
+```
+`admin` has all permissions for all paths.
+
+```
+dufs -A -a admin:admin@/:rw -a guest:guest@/
+```
+`guest` has readonly permissions for all paths.
+
+```
+dufs -A -a admin:admin@/:rw -a @/
+```
+All paths is public, everyone can view/download it.
+
+```
+dufs -A -a admin:admin@/:rw -a user1:pass1@/user1:rw -a user2:pass2@/user2
+dufs -A -a "admin:admin@/:rw|user1:pass1@/user1:rw|user2:pass2@/user2"
+```
+`user1` has all permissions for `/user1/*` path.
+`user2` has all permissions for `/user2/*` path.
+
+```
+dufs -A -a user:pass@/dir1:rw,/dir2:rw,dir3
+```
+`user` has all permissions for `/dir1/*` and `/dir2/*`, has readonly permissions for `/dir3/`.
+
+```
+dufs -a admin:admin@/
+```
+Since dufs only allows viewing/downloading, `admin` can only view/download files.
+
+### Hide Paths
+
+Dufs supports hiding paths from directory listings via option `--hidden <glob>,...`.
+
+```
+dufs --hidden .git,.DS_Store,tmp
+```
+
+> The glob used in --hidden only matches file and directory names, not paths. So `--hidden dir1/file` is invalid.
+
+```sh
+dufs --hidden '.*'            # hidden dotfiles
+dufs --hidden '*/'            # hidden all folders
+dufs --hidden '*.log,*.lock'  # hidden by exts
+```
+
+### Log Format
+
+Dufs supports customize http log format with option `--log-format`.
+
+The log format can use following variables.
+
+| variable     | description                                                               |
+| ------------ | ------------------------------------------------------------------------- |
+| $remote_addr | client address                                                            |
+| $remote_user | user name supplied with authentication                                    |
+| $request     | full original request line                                                |
+| $status      | response status                                                           |
+| $http_       | arbitrary request header field. examples: $http_user_agent, $http_referer |
+
+
+The default log format is `'$remote_addr "$request" $status'`.
+```
+2022-08-06T06:59:31+08:00 INFO - 127.0.0.1 "GET /" 200
+```
+
+Disable http log
+```
+dufs --log-format=''
+```
+
+Log user-agent
+```
+dufs --log-format '$remote_addr "$request" $status $http_user_agent'
+```
+```
+2022-08-06T06:53:55+08:00 INFO - 127.0.0.1 "GET /" 200 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
+```
+
+Log remote-user
+```
+dufs --log-format '$remote_addr $remote_user "$request" $status' -a /@admin:admin -a /folder1@user1:pass1
+```
+```
+2022-08-06T07:04:37+08:00 INFO - 127.0.0.1 admin "GET /" 200
+```
+
+## Environment variables
+
+All options can be set using environment variables prefixed with `DUFS_`.
+
+```
+  [SERVE_PATH]                DUFS_SERVE_PATH=/dir
+  -b, --bind <addrs>          DUFS_BIND=0.0.0.0
+  -p, --port <port>           DUFS_PORT=5000
+      --path-prefix <path>    DUFS_PATH_PREFIX=/path
+      --hidden <value>        DUFS_HIDDEN=*.log
+  -a, --auth <rules>          DUFS_AUTH="admin:admin@/:rw|@/" 
+      --auth-method <value>   DUFS_AUTH_METHOD=basic
+  -A, --allow-all             DUFS_ALLOW_ALL=true
+      --allow-upload          DUFS_ALLOW_UPLOAD=true
+      --allow-delete          DUFS_ALLOW_DELETE=true
+      --allow-search          DUFS_ALLOW_SEARCH=true
+      --allow-symlink         DUFS_ALLOW_SYMLINK=true
+      --allow-archive         DUFS_ALLOW_ARCHIVE=true
+      --enable-cors           DUFS_ENABLE_CORS=true
+      --render-index          DUFS_RENDER_INDEX=true
+      --render-try-index      DUFS_RENDER_TRY_INDEX=true
+      --render-spa            DUFS_RENDER_SPA=true
+      --assets <path>         DUFS_ASSETS=/assets
+      --tls-cert <path>       DUFS_TLS_CERT=cert.pem
+      --tls-key <path>        DUFS_TLS_KEY=key.pem
+      --log-format <format>   DUFS_LOG_FORMAT=""
+```
+
+### Customize UI
+
+Dufs allows users to customize the UI with your own assets.
+
+```
+dufs --assets my-assets-dir/
+```
+
+Your assets folder must contains a `index.html` file.
+
+`index.html` can use the following placeholder variables to retrieve internal data.
+
+- `__INDEX_DATA__`: directory listing data
+- `__ASSETS_PREFIX__`: assets url prefix
+
+</details>
+
 ## License
 
-Copyright (c) 2022 duf-developers.
+Copyright (c) 2022 dufs-developers.
 
-duf is made available under the terms of either the MIT License or the Apache License 2.0, at your option.
+dufs is made available under the terms of either the MIT License or the Apache License 2.0, at your option.
 
 See the LICENSE-APACHE and LICENSE-MIT files for license details.

assets/index.css

@@ -0,0 +1,281 @@
+html {
+  font-family: -apple-system, BlinkMacSystemFont, Roboto, Helvetica, Arial, sans-serif;
+  line-height: 1.5;
+  color: #24292e;
+}
+
+body {
+  /* prevent premature breadcrumb wrapping on mobile */
+  min-width: 500px;
+  margin: 0;
+}
+
+.hidden {
+  display: none !important;
+}
+
+.head {
+  display: flex;
+  flex-wrap: wrap;
+  align-items: center;
+  padding: 0.6em 1em;
+  position: fixed;
+  width: 100%;
+  background-color: white;
+}
+
+.breadcrumb {
+  font-size: 1.25em;
+  padding-right: 0.6em;
+}
+
+.breadcrumb>a {
+  color: #0366d6;
+  text-decoration: none;
+}
+
+.breadcrumb>a:hover {
+  text-decoration: underline;
+}
+
+/* final breadcrumb */
+.breadcrumb>b {
+  color: #24292e;
+}
+
+.breadcrumb>.separator {
+  color: #586069;
+  padding: 0 0.25em;
+}
+
+.breadcrumb svg {
+  height: 100%;
+  fill: rgba(3, 47, 98, 0.5);
+}
+
+.toolbox {
+  display: flex;
+  margin-right: 10px;
+}
+
+.toolbox>a,
+.toolbox>div {
+  /* vertically align with breadcrumb text */
+  height: 1.1rem;
+}
+
+.toolbox .control {
+  cursor: pointer;
+  padding-left: 0.25em;
+}
+
+.upload-file input {
+  display: none;
+}
+
+.searchbar {
+  display: flex;
+  flex-wrap: nowrap;
+  width: 246px;
+  height: 22px;
+  background-color: #fafafa;
+  transition: all .15s;
+  border: 1px #ddd solid;
+  border-radius: 15px;
+  margin-bottom: 2px;
+}
+
+.searchbar #search {
+  box-sizing: border-box;
+  width: 100%;
+  height: 100%;
+  font-size: 16px;
+  line-height: 16px;
+  padding: 1px;
+  background-color: transparent;
+  border: none;
+  outline: none;
+}
+
+.searchbar .icon {
+  color: #9a9a9a;
+  padding: 3px 3px;
+  cursor: pointer;
+}
+
+.upload-status span {
+  width: 70px;
+  display: inline-block;
+}
+
+.main {
+  padding: 3.3em 1em 0;
+}
+
+.empty-folder {
+  font-style: italic;
+}
+
+.uploaders-table th,
+.paths-table th {
+  text-align: left;
+  font-weight: unset;
+  color: #5c5c5c;
+  white-space: nowrap;
+}
+
+.uploaders-table td,
+.paths-table td {
+  white-space: nowrap;
+}
+
+.uploaders-table .cell-status {
+  width: 80px;
+  padding-left: 0.6em;
+}
+
+.paths-table thead a {
+  color: unset;
+  text-decoration: none;
+}
+
+.paths-table thead a>span {
+  padding-left: 2px;
+}
+
+.paths-table tbody tr:hover {
+  background-color: #fafafa;
+}
+
+.paths-table .cell-actions {
+  width: 90px;
+  display: flex;
+  padding-left: 0.6em;
+}
+
+.paths-table .cell-mtime {
+  width: 120px;
+  padding-left: 0.6em;
+}
+
+.paths-table .cell-size {
+  text-align: right;
+  width: 70px;
+  padding-left: 0.6em;
+}
+
+.path svg {
+  height: 16px;
+  fill: rgba(3, 47, 98, 0.5);
+  padding-right: 0.5em;
+  vertical-align: text-top;
+}
+
+.path {
+  list-style: none;
+}
+
+.path a {
+  color: #0366d6;
+  text-overflow: ellipsis;
+  white-space: nowrap;
+  overflow: hidden;
+  display: block;
+  text-decoration: none;
+  max-width: calc(100vw - 375px);
+  min-width: 200px;
+}
+
+.path a:hover {
+  text-decoration: underline;
+}
+
+.action-btn {
+  padding-right: 0.3em;
+  cursor: pointer;
+}
+
+.uploaders-table {
+  padding: 0.5em 0;
+}
+
+.uploader {
+  padding-right: 1em;
+}
+
+.editor {
+  width: 100%;
+  height: calc(100vh - 5rem);
+  border: 1px solid #ced4da;
+  outline: none;
+}
+
+.toolbox2 {
+  margin-left: auto;
+  margin-right: 2em;
+}
+
+.save-btn {
+  cursor: pointer;
+  user-select: none;
+}
+
+.not-editable {
+  font-style: italic;
+}
+
+@media (min-width: 768px) {
+  .path a {
+    min-width: 400px;
+  }
+}
+
+/* dark theme */
+@media (prefers-color-scheme: dark) {
+  body {
+    background-color: #000;
+  }
+
+  html,
+  .breadcrumb>b,
+  .searchbar #search {
+    color: #fff;
+  }
+
+  .uploaders-table th,
+  .paths-table th {
+    color: #ddd;
+  }
+
+  svg,
+  .path svg,
+  .breadcrumb svg {
+    fill: #fff;
+  }
+
+  .head {
+    background-color: #111;
+  }
+
+  .searchbar {
+    background-color: #111;
+    border-color: #fff6;
+  }
+
+  .searchbar svg {
+    fill: #fff6;
+  }
+
+  .path a {
+    color: #3191ff;
+  }
+
+  .paths-table tbody tr:hover {
+    background-color: #1a1a1a;
+  }
+
+  .editor {
+    background: black;
+    color: white;
+  }
+}

assets/index.html

@@ -0,0 +1,132 @@
+<!DOCTYPE html>
+<html>
+
+<head>
+  <meta charset="utf-8" />
+  <meta name="viewport" content="width=device-width" />
+  <link rel="icon" type="image/x-icon" href="__ASSETS_PREFIX__favicon.ico">
+  <link rel="stylesheet" href="__ASSETS_PREFIX__index.css">
+  <script>
+    DATA = __INDEX_DATA__
+  </script>
+  <script src="__ASSETS_PREFIX__index.js"></script>
+</head>
+
+<body>
+  <div class="head">
+    <div class="breadcrumb"></div>
+    <div class="toolbox">
+      <a href="" class="control download hidden" title="Download file" download="">
+        <svg width="16" height="16" viewBox="0 0 16 16">
+          <path
+            d="M.5 9.9a.5.5 0 0 1 .5.5v2.5a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1v-2.5a.5.5 0 0 1 1 0v2.5a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2v-2.5a.5.5 0 0 1 .5-.5z" />
+          <path
+            d="M7.646 11.854a.5.5 0 0 0 .708 0l3-3a.5.5 0 0 0-.708-.708L8.5 10.293V1.5a.5.5 0 0 0-1 0v8.793L5.354 8.146a.5.5 0 1 0-.708.708l3 3z" />
+        </svg>
+      </a>
+      <div class="control move-file hidden" title="Move to new path">
+        <svg class="icon-move" width="16" height="16" viewBox="0 0 16 16">
+          <path fill-rule="evenodd"
+            d="M1.5 1.5A.5.5 0 0 0 1 2v4.8a2.5 2.5 0 0 0 2.5 2.5h9.793l-3.347 3.346a.5.5 0 0 0 .708.708l4.2-4.2a.5.5 0 0 0 0-.708l-4-4a.5.5 0 0 0-.708.708L13.293 8.3H3.5A1.5 1.5 0 0 1 2 6.8V2a.5.5 0 0 0-.5-.5z">
+          </path>
+        </svg>
+      </div>
+      <div class="control delete-file hidden" title="Delete">
+        <svg class="icon-delete" width="16" height="16" fill="currentColor" viewBox="0 0 16 16">
+          <path
+            d="M6.854 7.146a.5.5 0 1 0-.708.708L7.293 9l-1.147 1.146a.5.5 0 0 0 .708.708L8 9.707l1.146 1.147a.5.5 0 0 0 .708-.708L8.707 9l1.147-1.146a.5.5 0 0 0-.708-.708L8 8.293 6.854 7.146z" />
+          <path
+            d="M14 14V4.5L9.5 0H4a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h8a2 2 0 0 0 2-2zM9.5 3A1.5 1.5 0 0 0 11 4.5h2V14a1 1 0 0 1-1 1H4a1 1 0 0 1-1-1V2a1 1 0 0 1 1-1h5.5v2z" />
+        </svg>
+      </div>
+      <div class="control upload-file hidden" title="Upload files">
+        <label for="file">
+          <svg width="16" height="16" viewBox="0 0 16 16">
+            <path
+              d="M.5 9.9a.5.5 0 0 1 .5.5v2.5a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1v-2.5a.5.5 0 0 1 1 0v2.5a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2v-2.5a.5.5 0 0 1 .5-.5z" />
+            <path
+              d="M7.646 1.146a.5.5 0 0 1 .708 0l3 3a.5.5 0 0 1-.708.708L8.5 2.707V11.5a.5.5 0 0 1-1 0V2.707L5.354 4.854a.5.5 0 1 1-.708-.708l3-3z" />
+          </svg>
+        </label>
+        <input type="file" id="file" name="file" multiple>
+      </div>
+      <div class="control new-folder hidden" title="New folder">
+        <svg width="16" height="16" viewBox="0 0 16 16">
+          <path
+            d="m.5 3 .04.87a1.99 1.99 0 0 0-.342 1.311l.637 7A2 2 0 0 0 2.826 14H9v-1H2.826a1 1 0 0 1-.995-.91l-.637-7A1 1 0 0 1 2.19 4h11.62a1 1 0 0 1 .996 1.09L14.54 8h1.005l.256-2.819A2 2 0 0 0 13.81 3H9.828a2 2 0 0 1-1.414-.586l-.828-.828A2 2 0 0 0 6.172 1H2.5a2 2 0 0 0-2 2zm5.672-1a1 1 0 0 1 .707.293L7.586 3H2.19c-.24 0-.47.042-.683.12L1.5 2.98a1 1 0 0 1 1-.98h3.672z" />
+          <path
+            d="M13.5 10a.5.5 0 0 1 .5.5V12h1.5a.5.5 0 1 1 0 1H14v1.5a.5.5 0 1 1-1 0V13h-1.5a.5.5 0 0 1 0-1H13v-1.5a.5.5 0 0 1 .5-.5z" />
+        </svg>
+      </div>
+      <div class="control new-file hidden" title="New File">
+        <svg width="16" height="16" viewBox="0 0 16 16">
+          <path
+            d="M8 6.5a.5.5 0 0 1 .5.5v1.5H10a.5.5 0 0 1 0 1H8.5V11a.5.5 0 0 1-1 0V9.5H6a.5.5 0 0 1 0-1h1.5V7a.5.5 0 0 1 .5-.5z" />
+          <path
+            d="M14 4.5V14a2 2 0 0 1-2 2H4a2 2 0 0 1-2-2V2a2 2 0 0 1 2-2h5.5L14 4.5zm-3 0A1.5 1.5 0 0 1 9.5 3V1H4a1 1 0 0 0-1 1v12a1 1 0 0 0 1 1h8a1 1 0 0 0 1-1V4.5h-2z" />
+        </svg>
+      </div>
+    </div>
+    <form class="searchbar hidden">
+      <div class="icon">
+        <svg width="16" height="16" viewBox="0 0 16 16">
+          <path
+            d="M11.742 10.344a6.5 6.5 0 1 0-1.397 1.398h-.001c.03.04.062.078.098.115l3.85 3.85a1 1 0 0 0 1.415-1.414l-3.85-3.85a1.007 1.007 0 0 0-.115-.1zM12 6.5a5.5 5.5 0 1 1-11 0 5.5 5.5 0 0 1 11 0z" />
+        </svg>
+      </div>
+      <input id="search" name="q" type="text" maxlength="128" autocomplete="off" tabindex="1">
+      <input type="submit" hidden />
+    </form>
+    <div class="toolbox2">
+      <div class="login-btn hidden" title="Login for upload/move/delete/edit permissions">
+        <svg width="16" height="16" viewBox="0 0 16 16">
+          <path fill-rule="evenodd"
+            d="M6 3.5a.5.5 0 0 1 .5-.5h8a.5.5 0 0 1 .5.5v9a.5.5 0 0 1-.5.5h-8a.5.5 0 0 1-.5-.5v-2a.5.5 0 0 0-1 0v2A1.5 1.5 0 0 0 6.5 14h8a1.5 1.5 0 0 0 1.5-1.5v-9A1.5 1.5 0 0 0 14.5 2h-8A1.5 1.5 0 0 0 5 3.5v2a.5.5 0 0 0 1 0v-2z" />
+          <path fill-rule="evenodd"
+            d="M11.854 8.354a.5.5 0 0 0 0-.708l-3-3a.5.5 0 1 0-.708.708L10.293 7.5H1.5a.5.5 0 0 0 0 1h8.793l-2.147 2.146a.5.5 0 0 0 .708.708l3-3z" />
+        </svg>
+      </div>
+      <div class="user-btn hidden">
+        <svg width="16" height="16" viewBox="0 0 16 16">
+          <path
+            d="M8 8a3 3 0 1 0 0-6 3 3 0 0 0 0 6Zm2-3a2 2 0 1 1-4 0 2 2 0 0 1 4 0Zm4 8c0 1-1 1-1 1H3s-1 0-1-1 1-4 6-4 6 3 6 4Zm-1-.004c-.001-.246-.154-.986-.832-1.664C11.516 10.68 10.289 10 8 10c-2.29 0-3.516.68-4.168 1.332-.678.678-.83 1.418-.832 1.664h10Z" />
+        </svg>
+      </div>
+      <div class="save-btn hidden" title="Save file">
+        <svg viewBox="0 0 1024 1024" width="24" height="24">
+          <path
+            d="M426.666667 682.666667v42.666666h170.666666v-42.666666h-170.666666z m-42.666667-85.333334h298.666667v128h42.666666V418.133333L605.866667 298.666667H298.666667v426.666666h42.666666v-128h42.666667z m260.266667-384L810.666667 379.733333V810.666667H213.333333V213.333333h430.933334zM341.333333 341.333333h85.333334v170.666667H341.333333V341.333333z"
+            fill="#444444" p-id="8311"></path>
+        </svg>
+      </div>
+    </div>
+  </div>
+  <div class="main">
+    <div class="index-page hidden">
+      <div class="empty-folder hidden"></div>
+      <table class="uploaders-table hidden">
+        <thead>
+          <tr>
+            <th class="cell-name" colspan="2">Name</th>
+            <th class="cell-status">Progress</th>
+          </tr>
+        </thead>
+      </table>
+      <table class="paths-table hidden">
+        <thead>
+        </thead>
+        <tbody>
+        </tbody>
+      </table>
+    </div>
+    <div class="editor-page hidden">
+      <div class="not-editable hidden"></div>
+      <textarea class="editor hidden" cols="10"></textarea>
+    </div>
+  </div>
+  <script>
+    window.addEventListener("DOMContentLoaded", ready);
+  </script>
+</body>
+
+</html>

assets/index.js

@@ -0,0 +1,824 @@
+/**
+ * @typedef {object} PathItem
+ * @property {"Dir"|"SymlinkDir"|"File"|"SymlinkFile"} path_type
+ * @property {string} name
+ * @property {number} mtime
+ * @property {number} size
+ */
+
+/**
+ * @typedef {object} DATA
+ * @property {string} href
+ * @property {string} uri_prefix
+ * @property {"Index" | "Edit"} kind
+ * @property {PathItem[]} paths
+ * @property {boolean} allow_upload
+ * @property {boolean} allow_delete
+ * @property {boolean} allow_search
+ * @property {boolean} allow_archive
+ * @property {boolean} auth
+ * @property {string} user
+ * @property {boolean} dir_exists
+ * @property {string} editable
+ */
+
+var DUFS_MAX_UPLOADINGS = 1;
+
+/**
+ * @type {DATA} DATA
+ */
+var DATA;
+
+/**
+ * @type {PARAMS}
+ * @typedef {object} PARAMS
+ * @property {string} q
+ * @property {string} sort
+ * @property {string} order
+ */
+const PARAMS = Object.fromEntries(new URLSearchParams(window.location.search).entries());
+
+const IFRAME_FORMATS = [
+  ".pdf",
+  ".jpg", ".jpeg", ".png", ".gif", ".bmp", ".svg",
+  ".mp4", ".mov", ".avi", ".wmv", ".flv", ".webm",
+  ".mp3", ".ogg", ".wav", ".m4a",
+];
+
+const dirEmptyNote = PARAMS.q ? 'No results' : DATA.dir_exists ? 'Empty folder' : 'Folder will be created when a file is uploaded';
+
+const ICONS = {
+  dir: `<svg height="16" viewBox="0 0 14 16" width="14"><path fill-rule="evenodd" d="M13 4H7V3c0-.66-.31-1-1-1H1c-.55 0-1 .45-1 1v10c0 .55.45 1 1 1h12c.55 0 1-.45 1-1V5c0-.55-.45-1-1-1zM6 4H1V3h5v1z"></path></svg>`,
+  symlinkFile: `<svg height="16" viewBox="0 0 12 16" width="12"><path fill-rule="evenodd" d="M8.5 1H1c-.55 0-1 .45-1 1v12c0 .55.45 1 1 1h10c.55 0 1-.45 1-1V4.5L8.5 1zM11 14H1V2h7l3 3v9zM6 4.5l4 3-4 3v-2c-.98-.02-1.84.22-2.55.7-.71.48-1.19 1.25-1.45 2.3.02-1.64.39-2.88 1.13-3.73.73-.84 1.69-1.27 2.88-1.27v-2H6z"></path></svg>`,
+  symlinkDir: `<svg height="16" viewBox="0 0 14 16" width="14"><path fill-rule="evenodd" d="M13 4H7V3c0-.66-.31-1-1-1H1c-.55 0-1 .45-1 1v10c0 .55.45 1 1 1h12c.55 0 1-.45 1-1V5c0-.55-.45-1-1-1zM1 3h5v1H1V3zm6 9v-2c-.98-.02-1.84.22-2.55.7-.71.48-1.19 1.25-1.45 2.3.02-1.64.39-2.88 1.13-3.73C4.86 8.43 5.82 8 7.01 8V6l4 3-4 3H7z"></path></svg>`,
+  file: `<svg height="16" viewBox="0 0 12 16" width="12"><path fill-rule="evenodd" d="M6 5H2V4h4v1zM2 8h7V7H2v1zm0 2h7V9H2v1zm0 2h7v-1H2v1zm10-7.5V14c0 .55-.45 1-1 1H1c-.55 0-1-.45-1-1V2c0-.55.45-1 1-1h7.5L12 4.5zM11 5L8 2H1v12h10V5z"></path></svg>`,
+  download: `<svg width="16" height="16" viewBox="0 0 16 16"><path d="M.5 9.9a.5.5 0 0 1 .5.5v2.5a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1v-2.5a.5.5 0 0 1 1 0v2.5a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2v-2.5a.5.5 0 0 1 .5-.5z"/><path d="M7.646 11.854a.5.5 0 0 0 .708 0l3-3a.5.5 0 0 0-.708-.708L8.5 10.293V1.5a.5.5 0 0 0-1 0v8.793L5.354 8.146a.5.5 0 1 0-.708.708l3 3z"/></svg>`,
+  move: `<svg width="16" height="16" viewBox="0 0 16 16"><path fill-rule="evenodd" d="M1.5 1.5A.5.5 0 0 0 1 2v4.8a2.5 2.5 0 0 0 2.5 2.5h9.793l-3.347 3.346a.5.5 0 0 0 .708.708l4.2-4.2a.5.5 0 0 0 0-.708l-4-4a.5.5 0 0 0-.708.708L13.293 8.3H3.5A1.5 1.5 0 0 1 2 6.8V2a.5.5 0 0 0-.5-.5z"/></svg>`,
+  edit: `<svg width="16" height="16" viewBox="0 0 16 16"><path d="M12.146.146a.5.5 0 0 1 .708 0l3 3a.5.5 0 0 1 0 .708l-10 10a.5.5 0 0 1-.168.11l-5 2a.5.5 0 0 1-.65-.65l2-5a.5.5 0 0 1 .11-.168l10-10zM11.207 2.5 13.5 4.793 14.793 3.5 12.5 1.207 11.207 2.5zm1.586 3L10.5 3.207 4 9.707V10h.5a.5.5 0 0 1 .5.5v.5h.5a.5.5 0 0 1 .5.5v.5h.293l6.5-6.5zm-9.761 5.175-.106.106-1.528 3.821 3.821-1.528.106-.106A.5.5 0 0 1 5 12.5V12h-.5a.5.5 0 0 1-.5-.5V11h-.5a.5.5 0 0 1-.468-.325z"/></svg>`,
+  delete: `<svg width="16" height="16" fill="currentColor"viewBox="0 0 16 16"><path d="M6.854 7.146a.5.5 0 1 0-.708.708L7.293 9l-1.147 1.146a.5.5 0 0 0 .708.708L8 9.707l1.146 1.147a.5.5 0 0 0 .708-.708L8.707 9l1.147-1.146a.5.5 0 0 0-.708-.708L8 8.293 6.854 7.146z"/><path d="M14 14V4.5L9.5 0H4a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h8a2 2 0 0 0 2-2zM9.5 3A1.5 1.5 0 0 0 11 4.5h2V14a1 1 0 0 1-1 1H4a1 1 0 0 1-1-1V2a1 1 0 0 1 1-1h5.5v2z"/></svg>`,
+}
+
+/**
+ * @type Element
+ */
+let $pathsTable;
+/**
+ * @type Element
+ */
+let $pathsTableHead;
+/**
+ * @type Element
+ */
+let $pathsTableBody;
+/**
+ * @type Element
+ */
+let $uploadersTable;
+/**
+ * @type Element
+ */
+let $emptyFolder;
+/**
+ * @type Element
+ */
+let $editor;
+/**
+ * @type Element
+ */
+let $userBtn;
+
+function ready() {
+  $pathsTable = document.querySelector(".paths-table")
+  $pathsTableHead = document.querySelector(".paths-table thead");
+  $pathsTableBody = document.querySelector(".paths-table tbody");
+  $uploadersTable = document.querySelector(".uploaders-table");
+  $emptyFolder = document.querySelector(".empty-folder");
+  $editor = document.querySelector(".editor");
+  $userBtn = document.querySelector(".user-btn");
+
+  addBreadcrumb(DATA.href, DATA.uri_prefix);
+
+  if (DATA.kind == "Index") {
+    document.title = `Index of ${DATA.href} - Dufs`;
+    document.querySelector(".index-page").classList.remove("hidden");
+
+    setupIndexPage();
+
+  } else if (DATA.kind == "Edit") {
+    document.title = `Edit ${DATA.href} - Dufs`;
+    document.querySelector(".editor-page").classList.remove("hidden");;
+
+    setupEditPage();
+  }
+}
+
+
+class Uploader {
+  /**
+   * 
+   * @param {File} file 
+   * @param {string[]} dirs 
+   */
+  constructor(file, dirs) {
+    /**
+     * @type Element
+     */
+    this.$uploadStatus = null
+    this.uploaded = 0;
+    this.lastUptime = 0;
+    this.name = [...dirs, file.name].join("/");
+    this.idx = Uploader.globalIdx++;
+    this.file = file;
+  }
+
+  upload() {
+    const { idx, name } = this;
+    const url = newUrl(name);
+    const encodedName = encodedStr(name);
+    $uploadersTable.insertAdjacentHTML("beforeend", `
+  <tr id="upload${idx}" class="uploader">
+    <td class="path cell-icon">
+      ${getPathSvg()}
+    </td>
+    <td class="path cell-name">
+      <a href="${url}">${encodedName}</a>
+    </td>
+    <td class="cell-status upload-status" id="uploadStatus${idx}"></td>
+  </tr>`);
+    $uploadersTable.classList.remove("hidden");
+    $emptyFolder.classList.add("hidden");
+    this.$uploadStatus = document.getElementById(`uploadStatus${idx}`);
+    this.$uploadStatus.innerHTML = '-';
+    Uploader.queues.push(this);
+    Uploader.runQueue();
+  }
+
+  ajax() {
+    const url = newUrl(this.name);
+    this.lastUptime = Date.now();
+    const ajax = new XMLHttpRequest();
+    ajax.upload.addEventListener("progress", e => this.progress(e), false);
+    ajax.addEventListener("readystatechange", () => {
+      if (ajax.readyState === 4) {
+        if (ajax.status >= 200 && ajax.status < 300) {
+          this.complete();
+        } else {
+          this.fail();
+        }
+      }
+    })
+    ajax.addEventListener("error", () => this.fail(), false);
+    ajax.addEventListener("abort", () => this.fail(), false);
+    ajax.open("PUT", url);
+    ajax.send(this.file);
+  }
+
+
+  progress(event) {
+    const now = Date.now();
+    const speed = (event.loaded - this.uploaded) / (now - this.lastUptime) * 1000;
+    const [speedValue, speedUnit] = formatSize(speed);
+    const speedText = `${speedValue}${speedUnit.toLowerCase()}/s`;
+    const progress = formatPercent((event.loaded / event.total) * 100);
+    const duration = formatDuration((event.total - event.loaded) / speed)
+    this.$uploadStatus.innerHTML = `<span>${speedText}</span><span>${progress}</span><span>${duration}</span>`;
+    this.uploaded = event.loaded;
+    this.lastUptime = now;
+  }
+
+  complete() {
+    this.$uploadStatus.innerHTML = `✓`;
+    Uploader.runnings--;
+    Uploader.runQueue();
+  }
+
+  fail() {
+    this.$uploadStatus.innerHTML = `✗`;
+    Uploader.runnings--;
+    Uploader.runQueue();
+  }
+}
+
+Uploader.globalIdx = 0;
+
+Uploader.runnings = 0;
+
+Uploader.auth = false;
+
+/**
+ * @type Uploader[]
+ */
+Uploader.queues = [];
+
+
+Uploader.runQueue = async () => {
+  if (Uploader.runnings >= DUFS_MAX_UPLOADINGS) return;
+  if (Uploader.queues.length == 0) return;
+  Uploader.runnings++;
+  let uploader = Uploader.queues.shift();
+  if (!Uploader.auth) {
+    Uploader.auth = true;
+    try {
+      await checkAuth()
+    } catch {
+      Uploader.auth = false;
+    }
+  }
+  uploader.ajax();
+}
+
+/**
+ * Add breadcrumb
+ * @param {string} href 
+ * @param {string} uri_prefix
+ */
+function addBreadcrumb(href, uri_prefix) {
+  const $breadcrumb = document.querySelector(".breadcrumb");
+  let parts = [];
+  if (href === "/") {
+    parts = [""];
+  } else {
+    parts = href.split("/");
+  }
+  const len = parts.length;
+  let path = uri_prefix;
+  for (let i = 0; i < len; i++) {
+    const name = parts[i];
+    if (i > 0) {
+      if (!path.endsWith("/")) {
+        path += "/";
+      }
+      path += encodeURIComponent(name);
+    }
+    const encodedName = encodedStr(name);
+    if (i === 0) {
+      $breadcrumb.insertAdjacentHTML("beforeend", `<a href="${path}"><svg width="16" height="16" viewBox="0 0 16 16"><path d="M6.5 14.5v-3.505c0-.245.25-.495.5-.495h2c.25 0 .5.25.5.5v3.5a.5.5 0 0 0 .5.5h4a.5.5 0 0 0 .5-.5v-7a.5.5 0 0 0-.146-.354L13 5.793V2.5a.5.5 0 0 0-.5-.5h-1a.5.5 0 0 0-.5.5v1.293L8.354 1.146a.5.5 0 0 0-.708 0l-6 6A.5.5 0 0 0 1.5 7.5v7a.5.5 0 0 0 .5.5h4a.5.5 0 0 0 .5-.5z"/></svg></a>`);
+    } else if (i === len - 1) {
+      $breadcrumb.insertAdjacentHTML("beforeend", `<b>${encodedName}</b>`);
+    } else {
+      $breadcrumb.insertAdjacentHTML("beforeend", `<a href="${path}">${encodedName}</a>`);
+    }
+    if (i !== len - 1) {
+      $breadcrumb.insertAdjacentHTML("beforeend", `<span class="separator">/</span>`);
+    }
+  }
+}
+
+function setupIndexPage() {
+  if (DATA.allow_archive) {
+    const $download = document.querySelector(".download");
+    $download.href = baseUrl() + "?zip";
+    $download.title = "Download folder as a .zip file";
+    $download.classList.remove("hidden");
+  }
+
+  if (DATA.allow_upload) {
+    setupDropzone();
+    setupUploadFile();
+    setupNewFolder();
+    setupNewFile();
+  }
+
+  if (DATA.auth) {
+    setupAuth();
+  }
+
+  if (DATA.allow_search) {
+    setupSearch()
+  }
+
+  renderPathsTableHead();
+  renderPathsTableBody();
+}
+
+/**
+ * Render path table thead
+ */
+function renderPathsTableHead() {
+  const headerItems = [
+    {
+      name: "name",
+      props: `colspan="2"`,
+      text: "Name",
+    },
+    {
+      name: "mtime",
+      props: ``,
+      text: "Last Modified",
+    },
+    {
+      name: "size",
+      props: ``,
+      text: "Size",
+    }
+  ];
+  $pathsTableHead.insertAdjacentHTML("beforeend", `
+    <tr>
+      ${headerItems.map(item => {
+    let svg = `<svg width="12" height="12" viewBox="0 0 16 16"><path fill-rule="evenodd" d="M11.5 15a.5.5 0 0 0 .5-.5V2.707l3.146 3.147a.5.5 0 0 0 .708-.708l-4-4a.5.5 0 0 0-.708 0l-4 4a.5.5 0 1 0 .708.708L11 2.707V14.5a.5.5 0 0 0 .5.5zm-7-14a.5.5 0 0 1 .5.5v11.793l3.146-3.147a.5.5 0 0 1 .708.708l-4 4a.5.5 0 0 1-.708 0l-4-4a.5.5 0 0 1 .708-.708L4 13.293V1.5a.5.5 0 0 1 .5-.5z"/></svg>`;
+    let order = "asc";
+    if (PARAMS.sort === item.name) {
+      if (PARAMS.order === "asc") {
+        order = "desc";
+        svg = `<svg width="12" height="12" viewBox="0 0 16 16"><path fill-rule="evenodd" d="M8 15a.5.5 0 0 0 .5-.5V2.707l3.146 3.147a.5.5 0 0 0 .708-.708l-4-4a.5.5 0 0 0-.708 0l-4 4a.5.5 0 1 0 .708.708L7.5 2.707V14.5a.5.5 0 0 0 .5.5z"/></svg>`
+      } else {
+        svg = `<svg width="12" height="12" viewBox="0 0 16 16"><path fill-rule="evenodd" d="M8 1a.5.5 0 0 1 .5.5v11.793l3.146-3.147a.5.5 0 0 1 .708.708l-4 4a.5.5 0 0 1-.708 0l-4-4a.5.5 0 0 1 .708-.708L7.5 13.293V1.5A.5.5 0 0 1 8 1z"/></svg>`
+      }
+    }
+    const qs = new URLSearchParams({ ...PARAMS, order, sort: item.name }).toString();
+    const icon = `<span>${svg}</span>`
+    return `<th class="cell-${item.name}" ${item.props}><a href="?${qs}">${item.text}${icon}</a></th>`
+  }).join("\n")}
+      <th class="cell-actions">Actions</th>
+    </tr>
+  `);
+}
+
+/**
+ * Render path table tbody
+ */
+function renderPathsTableBody() {
+  if (DATA.paths && DATA.paths.length > 0) {
+    const len = DATA.paths.length;
+    if (len > 0) {
+      $pathsTable.classList.remove("hidden");
+    }
+    for (let i = 0; i < len; i++) {
+      addPath(DATA.paths[i], i);
+    }
+  } else {
+    $emptyFolder.textContent = dirEmptyNote;
+    $emptyFolder.classList.remove("hidden");
+  }
+}
+
+/**
+ * Add pathitem
+ * @param {PathItem} file 
+ * @param {number} index 
+ */
+function addPath(file, index) {
+  const encodedName = encodedStr(file.name);
+  let url = newUrl(file.name)
+  let actionDelete = "";
+  let actionDownload = "";
+  let actionMove = "";
+  let actionEdit = "";
+  let isDir = file.path_type.endsWith("Dir");
+  if (isDir) {
+    url += "/";
+    if (DATA.allow_archive) {
+      actionDownload = `
+      <div class="action-btn">
+        <a href="${url}?zip" title="Download folder as a .zip file">${ICONS.download}</a>
+      </div>`;
+    }
+  } else {
+    actionDownload = `
+    <div class="action-btn" >
+      <a href="${url}" title="Download file" download>${ICONS.download}</a>
+    </div>`;
+  }
+  if (DATA.allow_delete) {
+    if (DATA.allow_upload) {
+      actionMove = `<div onclick="movePath(${index})" class="action-btn" id="moveBtn${index}" title="Move to new path">${ICONS.move}</div>`;
+      if (!isDir) {
+        actionEdit = `<a class="action-btn" title="Edit file" target="_blank" href="${url}?edit">${ICONS.edit}</a>`;
+      }
+    }
+    actionDelete = `
+    <div onclick="deletePath(${index})" class="action-btn" id="deleteBtn${index}" title="Delete">${ICONS.delete}</div>`;
+  }
+  let actionCell = `
+  <td class="cell-actions">
+    ${actionDownload}
+    ${actionMove}
+    ${actionDelete}
+    ${actionEdit}
+  </td>`
+
+  $pathsTableBody.insertAdjacentHTML("beforeend", `
+<tr id="addPath${index}">
+  <td class="path cell-icon">
+    ${getPathSvg(file.path_type)}
+  </td>
+  <td class="path cell-name">
+    <a href="${url}" ${isDir ? "" : `target="_blank"`}>${encodedName}</a>
+  </td>
+  <td class="cell-mtime">${formatMtime(file.mtime)}</td>
+  <td class="cell-size">${formatSize(file.size).join(" ")}</td>
+  ${actionCell}
+</tr>`)
+}
+
+function setupDropzone() {
+  ["drag", "dragstart", "dragend", "dragover", "dragenter", "dragleave", "drop"].forEach(name => {
+    document.addEventListener(name, e => {
+      e.preventDefault();
+      e.stopPropagation();
+    });
+  });
+  document.addEventListener("drop", async e => {
+    if (!e.dataTransfer.items[0].webkitGetAsEntry) {
+      const files = e.dataTransfer.files.filter(v => v.size > 0);
+      for (const file of files) {
+        new Uploader(file, []).upload();
+      }
+    } else {
+      const entries = [];
+      const len = e.dataTransfer.items.length;
+      for (let i = 0; i < len; i++) {
+        entries.push(e.dataTransfer.items[i].webkitGetAsEntry());
+      }
+      addFileEntries(entries, [])
+    }
+  });
+}
+
+function setupAuth() {
+  if (DATA.user) {
+    $userBtn.classList.remove("hidden");
+    $userBtn.title = DATA.user;
+  } else {
+    const $loginBtn = document.querySelector(".login-btn");
+    $loginBtn.classList.remove("hidden");
+    $loginBtn.addEventListener("click", async () => {
+      try {
+        await checkAuth()
+        location.reload();
+      } catch (err) {
+        alert(err.message);
+      }
+    });
+  }
+}
+
+function setupSearch() {
+  const $searchbar = document.querySelector(".searchbar");
+  $searchbar.classList.remove("hidden");
+  $searchbar.addEventListener("submit", event => {
+    event.preventDefault();
+    const formData = new FormData($searchbar);
+    const q = formData.get("q");
+    let href = baseUrl();
+    if (q) {
+      href += "?q=" + q;
+    }
+    location.href = href;
+  });
+  if (PARAMS.q) {
+    document.getElementById('search').value = PARAMS.q;
+  }
+}
+
+function setupUploadFile() {
+  document.querySelector(".upload-file").classList.remove("hidden");
+  document.getElementById("file").addEventListener("change", async e => {
+    const files = e.target.files;
+    for (let file of files) {
+      new Uploader(file, []).upload();
+    }
+  });
+}
+
+function setupNewFolder() {
+  const $newFolder = document.querySelector(".new-folder");
+  $newFolder.classList.remove("hidden");
+  $newFolder.addEventListener("click", () => {
+    const name = prompt("Enter folder name");
+    if (name) createFolder(name);
+  });
+}
+
+function setupNewFile() {
+  const $newFile = document.querySelector(".new-file");
+  $newFile.classList.remove("hidden");
+  $newFile.addEventListener("click", () => {
+    const name = prompt("Enter file name");
+    if (name) createFile(name);
+  });
+}
+
+async function setupEditPage() {
+  const url = baseUrl();
+
+  const $download = document.querySelector(".download");
+  $download.classList.remove("hidden");
+  $download.href = url;
+
+  const $moveFile = document.querySelector(".move-file");
+  $moveFile.classList.remove("hidden");
+  $moveFile.addEventListener("click", async () => {
+    const query = location.href.slice(url.length);
+    const newFileUrl = await doMovePath(url);
+    if (newFileUrl) {
+      location.href = newFileUrl + query;
+    }
+  });
+
+  const $deleteFile = document.querySelector(".delete-file");
+  $deleteFile.classList.remove("hidden");
+  $deleteFile.addEventListener("click", async () => {
+    const url = baseUrl();
+    const name = baseName(url);
+    await doDeletePath(name, url, () => {
+      location.href = location.href.split("/").slice(0, -1).join("/");
+    });
+  })
+
+  if (!DATA.editable) {
+    const $notEditable = document.querySelector(".not-editable");
+    const url = baseUrl();
+    const ext = extName(baseName(url));
+    if (IFRAME_FORMATS.find(v => v === ext)) {
+      $notEditable.insertAdjacentHTML("afterend", `<iframe src="${url}" sandbox width="100%" height="${window.innerHeight - 100}px"></iframe>`)
+    } else {
+      $notEditable.classList.remove("hidden");
+      $notEditable.textContent = "Cannot edit because file is too large or binary.";
+    }
+    return;
+  }
+
+  const $saveBtn = document.querySelector(".save-btn");
+  $saveBtn.classList.remove("hidden");
+  $saveBtn.addEventListener("click", saveChange);
+
+  $editor.classList.remove("hidden");
+  try {
+    const res = await fetch(baseUrl());
+    await assertResOK(res);
+    const encoding = getEncoding(res.headers.get("content-type"));
+    if (encoding === "utf-8") {
+      $editor.value = await res.text();
+    } else {
+      const bytes = await res.arrayBuffer();
+      const dataView = new DataView(bytes)
+      const decoder = new TextDecoder(encoding)
+      $editor.value = decoder.decode(dataView);
+    }
+  } catch (err) {
+    alert(`Failed get file, ${err.message}`);
+  }
+}
+
+/**
+ * Delete path
+ * @param {number} index 
+ * @returns 
+ */
+async function deletePath(index) {
+  const file = DATA.paths[index];
+  if (!file) return;
+  await doDeletePath(file.name, newUrl(file.name), () => {
+    document.getElementById(`addPath${index}`)?.remove();
+    DATA.paths[index] = null;
+    if (!DATA.paths.find(v => !!v)) {
+      $pathsTable.classList.add("hidden");
+      $emptyFolder.textContent = dirEmptyNote;
+      $emptyFolder.classList.remove("hidden");
+    }
+  })
+}
+
+async function doDeletePath(name, url, cb) {
+  if (!confirm(`Delete \`${name}\`?`)) return;
+  try {
+    await checkAuth();
+    const res = await fetch(url, {
+      method: "DELETE",
+    });
+    await assertResOK(res);
+    cb();
+  } catch (err) {
+    alert(`Cannot delete \`${file.name}\`, ${err.message}`);
+  }
+}
+
+/**
+ * Move path
+ * @param {number} index 
+ * @returns 
+ */
+async function movePath(index) {
+  const file = DATA.paths[index];
+  if (!file) return;
+  const fileUrl = newUrl(file.name);
+  const newFileUrl = await doMovePath(fileUrl);
+  if (newFileUrl) {
+    location.href = newFileUrl.split("/").slice(0, -1).join("/");
+  }
+}
+
+async function doMovePath(fileUrl) {
+  const fileUrlObj = new URL(fileUrl)
+
+  const prefix = DATA.uri_prefix.slice(0, -1);
+
+  const filePath = decodeURIComponent(fileUrlObj.pathname.slice(prefix.length));
+
+  let newPath = prompt("Enter new path", filePath)
+  if (!newPath) return;
+  if (!newPath.startsWith("/")) newPath = "/" + newPath;
+  if (filePath === newPath) return;
+  const newFileUrl = fileUrlObj.origin + prefix + newPath.split("/").map(encodeURIComponent).join("/");
+
+  try {
+    await checkAuth();
+    const res1 = await fetch(newFileUrl, {
+      method: "HEAD",
+    });
+    if (res1.status === 200) {
+      if (!confirm("Override existing file?")) {
+        return;
+      }
+    }
+    const res2 = await fetch(fileUrl, {
+      method: "MOVE",
+      headers: {
+        "Destination": newFileUrl,
+      }
+    });
+    await assertResOK(res2);
+    return newFileUrl;
+  } catch (err) {
+    alert(`Cannot move \`${filePath}\` to \`${newPath}\`, ${err.message}`);
+  }
+}
+
+
+/**
+ * Save editor change
+ */
+async function saveChange() {
+  try {
+    await fetch(baseUrl(), {
+      method: "PUT",
+      body: $editor.value,
+    });
+    location.reload();
+  } catch (err) {
+    alert(`Failed to save file, ${err.message}`);
+  }
+}
+
+async function checkAuth() {
+  if (!DATA.auth) return;
+  const res = await fetch(baseUrl(), {
+    method: "WRITEABLE",
+  });
+  await assertResOK(res);
+  document.querySelector(".login-btn").classList.add("hidden");
+  $userBtn.classList.remove("hidden");
+  $userBtn.title = "";
+}
+
+/**
+ * Create a folder
+ * @param {string} name 
+ */
+async function createFolder(name) {
+  const url = newUrl(name);
+  try {
+    await checkAuth();
+    const res = await fetch(url, {
+      method: "MKCOL",
+    });
+    await assertResOK(res);
+    location.href = url;
+  } catch (err) {
+    alert(`Cannot create folder \`${name}\`, ${err.message}`);
+  }
+}
+
+async function createFile(name) {
+  const url = newUrl(name);
+  try {
+    await checkAuth();
+    const res = await fetch(url, {
+      method: "PUT",
+      body: "",
+    });
+    await assertResOK(res);
+    location.href = url + "?edit";
+  } catch (err) {
+    alert(`Cannot create file \`${name}\`, ${err.message}`);
+  }
+}
+
+async function addFileEntries(entries, dirs) {
+  for (const entry of entries) {
+    if (entry.isFile) {
+      entry.file(file => {
+        new Uploader(file, dirs).upload();
+      });
+    } else if (entry.isDirectory) {
+      const dirReader = entry.createReader()
+      dirReader.readEntries(entries => addFileEntries(entries, [...dirs, entry.name]));
+    }
+  }
+}
+
+
+function newUrl(name) {
+  let url = baseUrl();
+  if (!url.endsWith("/")) url += "/";
+  url += name.split("/").map(encodeURIComponent).join("/");
+  return url;
+}
+
+function baseUrl() {
+  return location.href.split('?')[0];
+}
+
+function baseName(url) {
+  return decodeURIComponent(url.split("/").filter(v => v.length > 0).slice(-1)[0])
+}
+
+function extName(filename) {
+  const dotIndex = filename.lastIndexOf('.');
+
+  if (dotIndex === -1 || dotIndex === 0 || dotIndex === filename.length - 1) {
+    return '';
+  }
+
+  return filename.substring(dotIndex);
+}
+
+function getPathSvg(path_type) {
+  switch (path_type) {
+    case "Dir":
+      return ICONS.dir;
+    case "SymlinkFile":
+      return ICONS.symlinkFile;
+    case "SymlinkDir":
+      return ICONS.symlinkDir;
+    default:
+      return ICONS.file;
+  }
+}
+
+function formatMtime(mtime) {
+  if (!mtime) return ""
+  const date = new Date(mtime);
+  const year = date.getFullYear();
+  const month = padZero(date.getMonth() + 1, 2);
+  const day = padZero(date.getDate(), 2);
+  const hours = padZero(date.getHours(), 2);
+  const minutes = padZero(date.getMinutes(), 2);
+  return `${year}-${month}-${day} ${hours}:${minutes}`;
+}
+
+function padZero(value, size) {
+  return ("0".repeat(size) + value).slice(-1 * size)
+}
+
+function formatSize(size) {
+  if (size == null) return []
+  const sizes = ['B', 'KB', 'MB', 'GB', 'TB'];
+  if (size == 0) return [0, "B"];
+  const i = parseInt(Math.floor(Math.log(size) / Math.log(1024)));
+  ratio = 1
+  if (i >= 3) {
+    ratio = 100
+  }
+  return [Math.round(size * ratio / Math.pow(1024, i), 2) / ratio, sizes[i]];
+}
+
+function formatDuration(seconds) {
+  seconds = Math.ceil(seconds);
+  const h = Math.floor(seconds / 3600);
+  const m = Math.floor((seconds - h * 3600) / 60);
+  const s = seconds - h * 3600 - m * 60
+  return `${padZero(h, 2)}:${padZero(m, 2)}:${padZero(s, 2)}`;
+}
+
+function formatPercent(percent) {
+  if (percent > 10) {
+    return percent.toFixed(1) + "%";
+  } else {
+    return percent.toFixed(2) + "%";
+  }
+}
+
+function encodedStr(rawStr) {
+  return rawStr.replace(/[\u00A0-\u9999<>\&]/g, function (i) {
+    return '&#' + i.charCodeAt(0) + ';';
+  });
+}
+
+async function assertResOK(res) {
+  if (!(res.status >= 200 && res.status < 300)) {
+    throw new Error(await res.text() || `Invalid status ${res.status}`);
+  }
+}
+
+function getEncoding(contentType) {
+    const charset = contentType?.split(";")[1];
+    if (/charset/i.test(charset)) {
+      let encoding = charset.split("=")[1];
+      if (encoding) {
+        return encoding.toLowerCase()
+      }
+    }
+    return 'utf-8'
+}

src/args.rs

@@ -1,137 +1,399 @@
-use clap::crate_description;
-use clap::{Arg, ArgMatches};
+use anyhow::{bail, Context, Result};
+use clap::builder::PossibleValuesParser;
+use clap::{value_parser, Arg, ArgAction, ArgMatches, Command};
+use clap_complete::{generate, Generator, Shell};
+#[cfg(feature = "tls")]
+use rustls::{Certificate, PrivateKey};
 use std::env;
-use std::fs::canonicalize;
-use std::net::SocketAddr;
+use std::net::IpAddr;
 use std::path::{Path, PathBuf};
 
-use crate::BoxResult;
+use crate::auth::AccessControl;
+use crate::auth::AuthMethod;
+use crate::log_http::{LogHttp, DEFAULT_LOG_FORMAT};
+#[cfg(feature = "tls")]
+use crate::tls::{load_certs, load_private_key};
+use crate::utils::encode_uri;
 
-const ABOUT: &str = concat!("\n", crate_description!()); // Add extra newline.
-
-fn app() -> clap::Command<'static> {
-    clap::command!()
-        .about(ABOUT)
+pub fn build_cli() -> Command {
+    let app = Command::new(env!("CARGO_CRATE_NAME"))
+        .version(env!("CARGO_PKG_VERSION"))
+        .author(env!("CARGO_PKG_AUTHORS"))
+        .about(concat!(
+            env!("CARGO_PKG_DESCRIPTION"),
+            " - ",
+            env!("CARGO_PKG_REPOSITORY")
+        ))
         .arg(
-            Arg::new("address")
+            Arg::new("serve_path")
+                .env("DUFS_SERVE_PATH")
+				.hide_env(true)
+                .default_value(".")
+                .value_parser(value_parser!(PathBuf))
+                .help("Specific path to serve"),
+        )
+        .arg(
+            Arg::new("bind")
+                .env("DUFS_BIND")
+				.hide_env(true)
                 .short('b')
                 .long("bind")
-                .default_value("127.0.0.1")
-                .help("Specify bind address")
-                .value_name("address"),
+                .help("Specify bind address or unix socket")
+                .action(ArgAction::Append)
+                .value_delimiter(',')
+                .value_name("addrs"),
         )
         .arg(
             Arg::new("port")
+                .env("DUFS_PORT")
+				.hide_env(true)
                 .short('p')
                 .long("port")
                 .default_value("5000")
+                .value_parser(value_parser!(u16))
                 .help("Specify port to listen on")
                 .value_name("port"),
         )
         .arg(
-            Arg::new("path")
-                .default_value(".")
-                .allow_invalid_utf8(true)
-                .help("Path to a directory for serving files"),
+            Arg::new("path-prefix")
+                .env("DUFS_PATH_PREFIX")
+				.hide_env(true)
+                .long("path-prefix")
+                .value_name("path")
+                .help("Specify a path prefix"),
         )
         .arg(
-            Arg::new("readonly")
-                .short('r')
-                .long("readonly")
-                .help("Disable change operations such as update or delete"),
+            Arg::new("hidden")
+                .env("DUFS_HIDDEN")
+				.hide_env(true)
+                .long("hidden")
+                .help("Hide paths from directory listings, separated by `,`")
+                .value_name("value"),
         )
         .arg(
             Arg::new("auth")
+                .env("DUFS_AUTH")
+				.hide_env(true)
                 .short('a')
                 .long("auth")
-                .help("Use HTTP authentication for all operations")
-                .value_name("user:pass"),
+                .help("Add auth role")
+                .action(ArgAction::Append)
+                .value_delimiter('|')
+                .value_name("rules"),
         )
         .arg(
-            Arg::new("no-auth-read")
-                .long("no-auth-read")
-                .help("Do not authenticate read operations like static serving"),
+            Arg::new("auth-method")
+                .env("DUFS_AUTH_METHOD")
+				.hide_env(true)
+                .long("auth-method")
+                .help("Select auth method")
+                .value_parser(PossibleValuesParser::new(["basic", "digest"]))
+                .default_value("digest")
+                .value_name("value"),
         )
         .arg(
-            Arg::new("cors")
-                .long("cors")
+            Arg::new("allow-all")
+                .env("DUFS_ALLOW_ALL")
+				.hide_env(true)
+                .short('A')
+                .long("allow-all")
+                .action(ArgAction::SetTrue)
+                .help("Allow all operations"),
+        )
+        .arg(
+            Arg::new("allow-upload")
+                .env("DUFS_ALLOW_UPLOAD")
+				.hide_env(true)
+                .long("allow-upload")
+                .action(ArgAction::SetTrue)
+                .help("Allow upload files/folders"),
+        )
+        .arg(
+            Arg::new("allow-delete")
+                .env("DUFS_ALLOW_DELETE")
+				.hide_env(true)
+                .long("allow-delete")
+                .action(ArgAction::SetTrue)
+                .help("Allow delete files/folders"),
+        )
+        .arg(
+            Arg::new("allow-search")
+                .env("DUFS_ALLOW_SEARCH")
+				.hide_env(true)
+                .long("allow-search")
+                .action(ArgAction::SetTrue)
+                .help("Allow search files/folders"),
+        )
+        .arg(
+            Arg::new("allow-symlink")
+                .env("DUFS_ALLOW_SYMLINK")
+				.hide_env(true)
+                .long("allow-symlink")
+                .action(ArgAction::SetTrue)
+                .help("Allow symlink to files/folders outside root directory"),
+        )
+        .arg(
+            Arg::new("allow-archive")
+                .env("DUFS_ALLOW_ARCHIVE")
+				.hide_env(true)
+                .long("allow-archive")
+                .action(ArgAction::SetTrue)
+                .help("Allow zip archive generation"),
+        )
+        .arg(
+            Arg::new("enable-cors")
+                .env("DUFS_ENABLE_CORS")
+				.hide_env(true)
+                .long("enable-cors")
+                .action(ArgAction::SetTrue)
                 .help("Enable CORS, sets `Access-Control-Allow-Origin: *`"),
         )
+        .arg(
+            Arg::new("render-index")
+                .env("DUFS_RENDER_INDEX")
+				.hide_env(true)
+                .long("render-index")
+                .action(ArgAction::SetTrue)
+                .help("Serve index.html when requesting a directory, returns 404 if not found index.html"),
+        )
+        .arg(
+            Arg::new("render-try-index")
+                .env("DUFS_RENDER_TRY_INDEX")
+				.hide_env(true)
+                .long("render-try-index")
+                .action(ArgAction::SetTrue)
+                .help("Serve index.html when requesting a directory, returns directory listing if not found index.html"),
+        )
+        .arg(
+            Arg::new("render-spa")
+                .env("DUFS_RENDER_SPA")
+				.hide_env(true)
+                .long("render-spa")
+                .action(ArgAction::SetTrue)
+                .help("Serve SPA(Single Page Application)"),
+        )
+        .arg(
+            Arg::new("assets")
+                .env("DUFS_ASSETS")
+				.hide_env(true)
+                .long("assets")
+                .help("Use custom assets to override builtin assets")
+                .value_parser(value_parser!(PathBuf))
+                .value_name("path")
+        );
+
+    #[cfg(feature = "tls")]
+    let app = app
+        .arg(
+            Arg::new("tls-cert")
+                .env("DUFS_TLS_CERT")
+                .hide_env(true)
+                .long("tls-cert")
+                .value_name("path")
+                .value_parser(value_parser!(PathBuf))
+                .help("Path to an SSL/TLS certificate to serve with HTTPS"),
+        )
+        .arg(
+            Arg::new("tls-key")
+                .env("DUFS_TLS_KEY")
+                .hide_env(true)
+                .long("tls-key")
+                .value_name("path")
+                .value_parser(value_parser!(PathBuf))
+                .help("Path to the SSL/TLS certificate's private key"),
+        );
+
+    app.arg(
+        Arg::new("log-format")
+            .env("DUFS_LOG_FORMAT")
+            .hide_env(true)
+            .long("log-format")
+            .value_name("format")
+            .help("Customize http log format"),
+    )
+    .arg(
+        Arg::new("completions")
+            .long("completions")
+            .value_name("shell")
+            .value_parser(value_parser!(Shell))
+            .help("Print shell completion script for <shell>"),
+    )
 }
 
-pub fn matches() -> ArgMatches {
-    app().get_matches()
+pub fn print_completions<G: Generator>(gen: G, cmd: &mut Command) {
+    generate(gen, cmd, cmd.get_name().to_string(), &mut std::io::stdout());
 }
 
-#[derive(Debug, Clone, Eq, PartialEq)]
+#[derive(Debug)]
 pub struct Args {
-    pub address: String,
+    pub addrs: Vec<BindAddr>,
     pub port: u16,
     pub path: PathBuf,
-    pub readonly: bool,
-    pub auth: Option<String>,
-    pub no_auth_read: bool,
-    pub cors: bool,
+    pub path_is_file: bool,
+    pub path_prefix: String,
+    pub uri_prefix: String,
+    pub hidden: Vec<String>,
+    pub auth_method: AuthMethod,
+    pub auth: AccessControl,
+    pub allow_upload: bool,
+    pub allow_delete: bool,
+    pub allow_search: bool,
+    pub allow_symlink: bool,
+    pub allow_archive: bool,
+    pub render_index: bool,
+    pub render_spa: bool,
+    pub render_try_index: bool,
+    pub enable_cors: bool,
+    pub assets_path: Option<PathBuf>,
+    pub log_http: LogHttp,
+    #[cfg(feature = "tls")]
+    pub tls: Option<(Vec<Certificate>, PrivateKey)>,
+    #[cfg(not(feature = "tls"))]
+    pub tls: Option<()>,
 }
 
 impl Args {
     /// Parse command-line arguments.
     ///
-    /// If a parsing error ocurred, exit the process and print out informative
+    /// If a parsing error occurred, exit the process and print out informative
     /// error message to user.
-    pub fn parse(matches: ArgMatches) -> BoxResult<Args> {
-        let address = matches.value_of("address").unwrap_or_default().to_owned();
-        let port = matches.value_of_t::<u16>("port")?;
-        let path = matches.value_of_os("path").unwrap_or_default();
-        let path = Args::parse_path(path)?;
-        let readonly = matches.is_present("readonly");
-        let cors = matches.is_present("cors");
-        let auth = matches.value_of("auth").map(|v| v.to_owned());
-        let no_auth_read = matches.is_present("no-auth-read");
+    pub fn parse(matches: ArgMatches) -> Result<Args> {
+        let port = *matches.get_one::<u16>("port").unwrap();
+        let addrs = matches
+            .get_many::<String>("bind")
+            .map(|bind| bind.map(|v| v.as_str()).collect())
+            .unwrap_or_else(|| vec!["0.0.0.0", "::"]);
+        let addrs: Vec<BindAddr> = Args::parse_addrs(&addrs)?;
+        let path = Args::parse_path(matches.get_one::<PathBuf>("serve_path").unwrap())?;
+        let path_is_file = path.metadata()?.is_file();
+        let path_prefix = matches
+            .get_one::<String>("path-prefix")
+            .map(|v| v.trim_matches('/').to_owned())
+            .unwrap_or_default();
+        let uri_prefix = if path_prefix.is_empty() {
+            "/".to_owned()
+        } else {
+            format!("/{}/", &encode_uri(&path_prefix))
+        };
+        let hidden: Vec<String> = matches
+            .get_one::<String>("hidden")
+            .map(|v| v.split(',').map(|x| x.to_string()).collect())
+            .unwrap_or_default();
+        let enable_cors = matches.get_flag("enable-cors");
+        let auth: Vec<&str> = matches
+            .get_many::<String>("auth")
+            .map(|auth| auth.map(|v| v.as_str()).collect())
+            .unwrap_or_default();
+        let auth_method = match matches.get_one::<String>("auth-method").unwrap().as_str() {
+            "basic" => AuthMethod::Basic,
+            _ => AuthMethod::Digest,
+        };
+        let auth = AccessControl::new(&auth)?;
+        let allow_upload = matches.get_flag("allow-all") || matches.get_flag("allow-upload");
+        let allow_delete = matches.get_flag("allow-all") || matches.get_flag("allow-delete");
+        let allow_search = matches.get_flag("allow-all") || matches.get_flag("allow-search");
+        let allow_symlink = matches.get_flag("allow-all") || matches.get_flag("allow-symlink");
+        let allow_archive = matches.get_flag("allow-all") || matches.get_flag("allow-archive");
+        let render_index = matches.get_flag("render-index");
+        let render_try_index = matches.get_flag("render-try-index");
+        let render_spa = matches.get_flag("render-spa");
+        #[cfg(feature = "tls")]
+        let tls = match (
+            matches.get_one::<PathBuf>("tls-cert"),
+            matches.get_one::<PathBuf>("tls-key"),
+        ) {
+            (Some(certs_file), Some(key_file)) => {
+                let certs = load_certs(certs_file)?;
+                let key = load_private_key(key_file)?;
+                Some((certs, key))
+            }
+            _ => None,
+        };
+        #[cfg(not(feature = "tls"))]
+        let tls = None;
+        let log_http: LogHttp = matches
+            .get_one::<String>("log-format")
+            .map(|v| v.as_str())
+            .unwrap_or(DEFAULT_LOG_FORMAT)
+            .parse()?;
+        let assets_path = match matches.get_one::<PathBuf>("assets") {
+            Some(v) => Some(Args::parse_assets_path(v)?),
+            None => None,
+        };
 
         Ok(Args {
-            address,
+            addrs,
             port,
             path,
-            readonly,
+            path_is_file,
+            path_prefix,
+            uri_prefix,
+            hidden,
+            auth_method,
             auth,
-            no_auth_read,
-            cors,
+            enable_cors,
+            allow_delete,
+            allow_upload,
+            allow_search,
+            allow_symlink,
+            allow_archive,
+            render_index,
+            render_try_index,
+            render_spa,
+            tls,
+            log_http,
+            assets_path,
         })
     }
 
-    /// Parse path.
-    fn parse_path<P: AsRef<Path>>(path: P) -> BoxResult<PathBuf> {
+    fn parse_addrs(addrs: &[&str]) -> Result<Vec<BindAddr>> {
+        let mut bind_addrs = vec![];
+        let mut invalid_addrs = vec![];
+        for addr in addrs {
+            match addr.parse::<IpAddr>() {
+                Ok(v) => {
+                    bind_addrs.push(BindAddr::Address(v));
+                }
+                Err(_) => {
+                    if cfg!(unix) {
+                        bind_addrs.push(BindAddr::Path(PathBuf::from(addr)));
+                    } else {
+                        invalid_addrs.push(*addr);
+                    }
+                }
+            }
+        }
+        if !invalid_addrs.is_empty() {
+            bail!("Invalid bind address `{}`", invalid_addrs.join(","));
+        }
+        Ok(bind_addrs)
+    }
+
+    fn parse_path<P: AsRef<Path>>(path: P) -> Result<PathBuf> {
         let path = path.as_ref();
         if !path.exists() {
-            bail!("error: path \"{}\" doesn't exist", path.display());
+            bail!("Path `{}` doesn't exist", path.display());
         }
 
         env::current_dir()
             .and_then(|mut p| {
                 p.push(path); // If path is absolute, it replaces the current path.
-                canonicalize(p)
-            })
-            .or_else(|err| {
-                bail!(
-                    "error: failed to access path \"{}\": {}",
-                    path.display(),
-                    err,
-                )
+                std::fs::canonicalize(p)
             })
+            .with_context(|| format!("Failed to access path `{}`", path.display()))
     }
 
-    /// Construct socket address from arguments.
-    pub fn address(&self) -> BoxResult<SocketAddr> {
-        format!("{}:{}", self.address, self.port)
-            .parse()
-            .or_else(|err| {
-                bail!(
-                    "error: invalid address {}:{} : {}",
-                    self.address,
-                    self.port,
-                    err,
-                )
-            })
+    fn parse_assets_path<P: AsRef<Path>>(path: P) -> Result<PathBuf> {
+        let path = Self::parse_path(path)?;
+        if !path.join("index.html").exists() {
+            bail!("Path `{}` doesn't contains index.html", path.display());
+        }
+        Ok(path)
     }
 }
+
+#[derive(Debug, Clone, PartialEq, Eq, PartialOrd, Ord)]
+pub enum BindAddr {
+    Address(IpAddr),
+    Path(PathBuf),
+}

src/assets/index.css

@@ -1,169 +0,0 @@
-html {
-  font-family: -apple-system,BlinkMacSystemFont,Helvetica,Arial,sans-serif;
-  line-height: 1.5;
-  color: #24292e;
-}
-
-body {
-  width: 700px;
-}
-
-.hidden {
-  display: none;
-}
-
-.head {
-  display: flex;
-  flex-wrap: wrap;
-  align-items: center;
-  padding: 1em 1em 0;
-}
-
-.breadcrumb {
-  font-size: 1.25em;
-}
-
-.breadcrumb > a {
-  color: #0366d6;
-  text-decoration: none;
-}
-
-.breadcrumb > a:hover {
-  text-decoration: underline;
-}
-
-/* final breadcrumb */
-.breadcrumb > b {
-  color: #24292e;
-}
-
-.breadcrumb > .separator {
-  color: #586069;
-  padding: 0 0.25em;
-}
-
-.breadcrumb svg {
-  height: 100%;
-  fill: rgba(3,47,98,0.5);
-  padding-right: 0.5em;
-  padding-left: 0.5em;
-}
-
-.toolbox {
-  display: flex;
-}
-
-.searchbar {
-  display: flex;
-  flex-wrap: nowrap;
-  width: 246px;
-  height: 22px;
-  background-color: #fafafa;
-  transition: all .15s;
-  border: 1px #ddd solid;
-  border-radius: 15px;
-  margin: 0 0 2px 10px;
-}
-
-.searchbar #search {
-  box-sizing: border-box;
-  width: 100%;
-  height: 100%;
-  font-size: 16px;
-  line-height: 16px;
-  padding: 1px;
-  font-family: helvetica neue,luxi sans,Tahoma,hiragino sans gb,STHeiti,sans-serif;
-  background-color: transparent;
-  border: none;
-  outline: none;
-}
-
-.searchbar .icon {
-  color: #9a9a9a;
-  padding: 3px 3px;
-  cursor: pointer;
-}
-
-.upload-control {
-  cursor: pointer;
-  padding-left: 0.25em;
-}
-
-.upload-control input {
-  display: none;
-}
-
-.main {
-  padding: 0 1em;
-}
-
-.main th {
-  text-align: left;
-  font-weight: unset;
-  color: #5c5c5c;
-  white-space: nowrap;
-}
-
-.main td {
-  white-space: nowrap;
-}
-
-.main .cell-name {
-  width: 400px;
-}
-
-.main .cell-mtime {
-  width: 120px;
-  padding-left: 0.6em;
-}
-
-.main .cell-size {
-  text-align: right;
-  width: 70px;
-  padding-left: 0.6em;
-}
-
-.main .cell-actions {
-  width: 60px;
-  display: flex;
-  padding-left: 0.6em;
-}
-
-
-.path svg {
-  height: 100%;
-  fill: rgba(3,47,98,0.5);
-  padding-right: 0.5em;
-}
-
-.path {
-  display: flex;
-  list-style: none;
-}
-
-.path a {
-  color: #0366d6;
-  text-overflow: ellipsis;
-  white-space: nowrap;
-  overflow: hidden;
-  display: block;
-  text-decoration: none;
-}
-
-.path a:hover {
-  text-decoration: underline;
-}
-
-.action-btn {
-  padding-left: 0.4em;
-}
-
-.uploaders {
-  display: flex;
-  flex-wrap: wrap;
-  padding: 0.5em 0;
-}
-
-.uploader {
-  padding-right: 1em;
-}

src/assets/index.html

@@ -1,53 +0,0 @@
-<!DOCTYPE html>
-<html>
-
-<head>
-  <meta charset="utf-8" />
-  <meta name="viewport" content="width=device-width" />
-  __SLOB__
-</head>
-<body>
-  <div class="head">
-    <div class="breadcrumb"></div>
-    <div class="toolbox">
-      <div>
-        <a href="?zip" title="Download folder as a .zip file">
-          <svg width="16" height="16" viewBox="0 0 16 16"><path d="M.5 9.9a.5.5 0 0 1 .5.5v2.5a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1v-2.5a.5.5 0 0 1 1 0v2.5a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2v-2.5a.5.5 0 0 1 .5-.5z"/><path d="M7.646 11.854a.5.5 0 0 0 .708 0l3-3a.5.5 0 0 0-.708-.708L8.5 10.293V1.5a.5.5 0 0 0-1 0v8.793L5.354 8.146a.5.5 0 1 0-.708.708l3 3z"/></svg>
-        </a>
-      </div>
-      <div class="upload-control hidden" title="Upload file">
-        <label for="file">
-          <svg width="16" height="16" viewBox="0 0 16 16"><path d="M.5 9.9a.5.5 0 0 1 .5.5v2.5a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1v-2.5a.5.5 0 0 1 1 0v2.5a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2v-2.5a.5.5 0 0 1 .5-.5z"/><path d="M7.646 1.146a.5.5 0 0 1 .708 0l3 3a.5.5 0 0 1-.708.708L8.5 2.707V11.5a.5.5 0 0 1-1 0V2.707L5.354 4.854a.5.5 0 1 1-.708-.708l3-3z"/></svg>
-        </label>
-        <input type="file" id="file" name="file" multiple>
-      </div>
-    </div>
-    <form class="searchbar">
-      <div class="icon">
-        <svg width="16" height="16" fill="currentColor" viewBox="0 0 16 16"><path d="M11.742 10.344a6.5 6.5 0 1 0-1.397 1.398h-.001c.03.04.062.078.098.115l3.85 3.85a1 1 0 0 0 1.415-1.414l-3.85-3.85a1.007 1.007 0 0 0-.115-.1zM12 6.5a5.5 5.5 0 1 1-11 0 5.5 5.5 0 0 1 11 0z"/></svg>
-      </div>
-      <input id="search" name="q" type="text" maxlength="128" autocomplete="off" tabindex="1">
-      <input type="submit" hidden />
-    </form>
-  </div>
-  <div class="main">
-    <div class="uploaders">
-    </div>
-    <table>
-      <thead>
-        <tr>
-          <th class="cell-name">Name</th>
-          <th class="cell-mtime">Date modify</th>
-          <th class="cell-size">Size</th>
-          <th class="cell-actions">Actions</th>
-        </tr>
-      </thead>
-      <tbody>
-      </tbody>
-    </table>
-  </div>
-  <script>
-    window.addEventListener("DOMContentLoaded", ready);
-  </script>
-</body>
-</html>

src/assets/index.js

@@ -1,191 +0,0 @@
-var $toolbox, $tbody, $breadcrumb, $uploaders, $uploadControl;
-var uploaderIdx = 0;
-var baseDir;
-
-class Uploader {
-  idx = 0;
-  file;
-  $elem;
-  constructor(idx, file) {
-    this.idx = idx;
-    this.file = file;
-  }
-
-  upload() {
-    var { file, idx } = this;
-    var url = getUrl(file.name);
-    if (file.name == baseDir + ".zip") {
-      url += "?unzip";
-    }
-    $uploaders.insertAdjacentHTML("beforeend", `
-  <div class="uploader path">
-    <div><svg height="16" viewBox="0 0 12 16" width="12"><path fill-rule="evenodd" d="M6 5H2V4h4v1zM2 8h7V7H2v1zm0 2h7V9H2v1zm0 2h7v-1H2v1zm10-7.5V14c0 .55-.45 1-1 1H1c-.55 0-1-.45-1-1V2c0-.55.45-1 1-1h7.5L12 4.5zM11 5L8 2H1v12h10V5z"></path></svg></div>
-    <a href="${url}" id="file${idx}">${file.name} (0%)</a>
-  </div>`);
-    this.$elem = document.getElementById(`file${idx}`);
-
-    var ajax = new XMLHttpRequest();
-    ajax.upload.addEventListener("progress", e => this.progress(e), false);
-    ajax.addEventListener("load", e => this.complete(e), false);
-    ajax.addEventListener("error", e => this.fail(e), false);
-    ajax.addEventListener("abort", e => this.fail(e), false);
-    ajax.open("PUT", url);
-    ajax.send(file);
-  }
-
-  progress(event) {
-    var percent = (event.loaded / event.total) * 100;
-    this.$elem.innerHTML = `${this.file.name} (${percent.toFixed(2)}%)`;
-  }
-
-  complete(event) {
-    this.$elem.innerHTML = `${this.file.name}`;
-  }
-
-  fail(event) {
-    this.$elem.innerHTML = `<strike>${this.file.name}</strike>`;
-  }
-}
-
-function addBreadcrumb(value) {
-  var parts = value.split("/").filter(v => !!v);
-  var len = parts.length;
-  var path = "";
-  for (var i = 0; i < len; i++) {
-    var name = parts[i];
-    if (i > 0) {
-      path  += "/" + name;
-    }
-    if (i === len - 1) {
-      $breadcrumb.insertAdjacentHTML("beforeend", `<b>${name}</b>`);
-      baseDir = name;
-    } else if (i === 0) {
-      $breadcrumb.insertAdjacentHTML("beforeend", `<a href="/"><b>${name}</b></a>`);
-    } else {
-      $breadcrumb.insertAdjacentHTML("beforeend", `<a href="${encodeURI(path)}">${name}</a>`);
-    }
-    $breadcrumb.insertAdjacentHTML("beforeend", `<span class="separator">/</span>`);
-  }
-}
-
-function addPath(file, index) {
-  var url = getUrl(file.name)
-  var actionDelete = "";
-  var actionDownload = "";
-  if (file.path_type.endsWith("Dir")) {
-    actionDownload = `
-    <div class="action-btn">
-      <a href="${url}?zip" title="Download folder as a .zip file">
-        <svg width="16" height="16" viewBox="0 0 16 16"><path d="M.5 9.9a.5.5 0 0 1 .5.5v2.5a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1v-2.5a.5.5 0 0 1 1 0v2.5a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2v-2.5a.5.5 0 0 1 .5-.5z"/><path d="M7.646 11.854a.5.5 0 0 0 .708 0l3-3a.5.5 0 0 0-.708-.708L8.5 10.293V1.5a.5.5 0 0 0-1 0v8.793L5.354 8.146a.5.5 0 1 0-.708.708l3 3z"/></svg>
-      </a>
-    </div>`;
-  } else {
-    actionDownload = `
-    <div class="action-btn" >
-      <a href="${url}" title="Download file" download>
-        <svg width="16" height="16" viewBox="0 0 16 16"><path d="M.5 9.9a.5.5 0 0 1 .5.5v2.5a1 1 0 0 0 1 1h12a1 1 0 0 0 1-1v-2.5a.5.5 0 0 1 1 0v2.5a2 2 0 0 1-2 2H2a2 2 0 0 1-2-2v-2.5a.5.5 0 0 1 .5-.5z"/><path d="M7.646 11.854a.5.5 0 0 0 .708 0l3-3a.5.5 0 0 0-.708-.708L8.5 10.293V1.5a.5.5 0 0 0-1 0v8.793L5.354 8.146a.5.5 0 1 0-.708.708l3 3z"/></svg>
-      </a>
-    </div>`;
-  }
-  if (!DATA.readonly) {
-    actionDelete = `
-    <div onclick="deletePath(${index})" class="action-btn" id="deleteBtn${index}" title="Delete ${file.name}">
-      <svg width="16" height="16" fill="currentColor"viewBox="0 0 16 16"><path d="M6.854 7.146a.5.5 0 1 0-.708.708L7.293 9l-1.147 1.146a.5.5 0 0 0 .708.708L8 9.707l1.146 1.147a.5.5 0 0 0 .708-.708L8.707 9l1.147-1.146a.5.5 0 0 0-.708-.708L8 8.293 6.854 7.146z"/><path d="M14 14V4.5L9.5 0H4a2 2 0 0 0-2 2v12a2 2 0 0 0 2 2h8a2 2 0 0 0 2-2zM9.5 3A1.5 1.5 0 0 0 11 4.5h2V14a1 1 0 0 1-1 1H4a1 1 0 0 1-1-1V2a1 1 0 0 1 1-1h5.5v2z"/></svg>
-    </div>`;
-  }
-  var actionCell = `
-  <td class="cell-actions">
-    ${actionDownload}
-    ${actionDelete}
-  </td>`
-
-  $tbody.insertAdjacentHTML("beforeend", `
-<tr id="addPath${index}">
-<td class="path cell-name">
-  <div>${getSvg(file.path_type)}</div>
-  <a href="${url}" title="${file.name}">${file.name}</a>
-</td>
-<td class="cell-mtime">${formatMtime(file.mtime)}</td>
-<td class="cell-size">${formatSize(file.size)}</td>
-${actionCell}
-</tr>`)
-}
-
-async function deletePath(index) {
-  var file = DATA.paths[index];
-  if (!file) return;
-
-  var ajax = new XMLHttpRequest();
-  ajax.open("DELETE", getUrl(file.name));
-  ajax.addEventListener("readystatechange", function() {
-    if(ajax.readyState === 4 && ajax.status === 200) {
-        document.getElementById(`addPath${index}`).remove();
-    }
-  });
-  ajax.send();
-}
-
-function getUrl(name) {
-    var url = location.href.split('?')[0];
-    if (!url.endsWith("/")) url += "/";
-    url += encodeURI(name);
-    return url;
-}
-
-function getSvg(path_type) {
-  switch (path_type) {
-    case "Dir":
-      return `<svg height="16" viewBox="0 0 14 16" width="14"><path fill-rule="evenodd" d="M13 4H7V3c0-.66-.31-1-1-1H1c-.55 0-1 .45-1 1v10c0 .55.45 1 1 1h12c.55 0 1-.45 1-1V5c0-.55-.45-1-1-1zM6 4H1V3h5v1z"></path></svg>`;
-    case "File":
-      return `<svg height="16" viewBox="0 0 12 16" width="12"><path fill-rule="evenodd" d="M6 5H2V4h4v1zM2 8h7V7H2v1zm0 2h7V9H2v1zm0 2h7v-1H2v1zm10-7.5V14c0 .55-.45 1-1 1H1c-.55 0-1-.45-1-1V2c0-.55.45-1 1-1h7.5L12 4.5zM11 5L8 2H1v12h10V5z"></path></svg>`;
-    case "SymlinkDir":
-      return `<svg height="16" viewBox="0 0 14 16" width="14"><path fill-rule="evenodd" d="M13 4H7V3c0-.66-.31-1-1-1H1c-.55 0-1 .45-1 1v10c0 .55.45 1 1 1h12c.55 0 1-.45 1-1V5c0-.55-.45-1-1-1zM1 3h5v1H1V3zm6 9v-2c-.98-.02-1.84.22-2.55.7-.71.48-1.19 1.25-1.45 2.3.02-1.64.39-2.88 1.13-3.73C4.86 8.43 5.82 8 7.01 8V6l4 3-4 3H7z"></path></svg>`;
-    default:
-      return `<svg height="16" viewBox="0 0 12 16" width="12"><path fill-rule="evenodd" d="M8.5 1H1c-.55 0-1 .45-1 1v12c0 .55.45 1 1 1h10c.55 0 1-.45 1-1V4.5L8.5 1zM11 14H1V2h7l3 3v9zM6 4.5l4 3-4 3v-2c-.98-.02-1.84.22-2.55.7-.71.48-1.19 1.25-1.45 2.3.02-1.64.39-2.88 1.13-3.73.73-.84 1.69-1.27 2.88-1.27v-2H6z"></path></svg>`;
-  }
-}
-
-function formatMtime(mtime) {
-  if (!mtime) return ""
-  var date = new Date(mtime);
-  var year = date.getFullYear();
-  var month = padZero(date.getMonth() + 1, 2);
-  var day = padZero(date.getDate(), 2);
-  var hours = padZero(date.getHours(), 2);
-  var minutes = padZero(date.getMinutes(), 2);
-  return `${year}/${month}/${day} ${hours}:${minutes}`;
-}
-
-function padZero(value, size) {
-  return ("0".repeat(size) + value).slice(-1 * size)
-}
-
-function formatSize(size) {
-  if (!size) return ""
-  var sizes = ['B', 'KB', 'MB', 'GB', 'TB'];
-  if (size == 0) return '0 Byte';
-  var i = parseInt(Math.floor(Math.log(size) / Math.log(1024)));
-  return Math.round(size / Math.pow(1024, i), 2) + ' ' + sizes[i];
-}
-
-
-function ready() {
-  $toolbox = document.querySelector(".toolbox");
-  $tbody = document.querySelector(".main tbody");
-  $breadcrumb = document.querySelector(".breadcrumb");
-  $uploaders = document.querySelector(".uploaders");
-
-  addBreadcrumb(DATA.breadcrumb);
-  DATA.paths.forEach((file, index) => addPath(file, index));
-  if (!DATA.readonly) {
-    document.querySelector(".upload-control").classList.remove(["hidden"]);
-    document.getElementById("file").addEventListener("change", e => {
-      var files = e.target.files;
-      for (var file of files) {
-        uploaderIdx += 1;
-        var uploader = new Uploader(uploaderIdx, file);
-        uploader.upload();
-      }
-    });
-  }
-}

src/auth.rs

@@ -0,0 +1,530 @@
+use anyhow::{anyhow, bail, Result};
+use base64::{engine::general_purpose, Engine as _};
+use headers::HeaderValue;
+use hyper::Method;
+use indexmap::IndexMap;
+use lazy_static::lazy_static;
+use md5::Context;
+use std::{
+    collections::HashMap,
+    path::{Path, PathBuf},
+};
+use uuid::Uuid;
+
+use crate::utils::unix_now;
+
+const REALM: &str = "DUFS";
+const DIGEST_AUTH_TIMEOUT: u32 = 86400;
+
+lazy_static! {
+    static ref NONCESTARTHASH: Context = {
+        let mut h = Context::new();
+        h.consume(Uuid::new_v4().as_bytes());
+        h.consume(std::process::id().to_be_bytes());
+        h
+    };
+}
+
+#[derive(Debug, Default)]
+pub struct AccessControl {
+    users: IndexMap<String, (String, AccessPaths)>,
+    anony: Option<AccessPaths>,
+}
+
+impl AccessControl {
+    pub fn new(raw_rules: &[&str]) -> Result<Self> {
+        if raw_rules.is_empty() {
+            return Ok(AccessControl {
+                anony: Some(AccessPaths::new(AccessPerm::ReadWrite)),
+                users: IndexMap::new(),
+            });
+        }
+
+        let create_err = |v: &str| anyhow!("Invalid auth `{v}`");
+        let mut anony = None;
+        let mut anony_paths = vec![];
+        let mut users = IndexMap::new();
+        for rule in raw_rules {
+            let (user, list) = rule.split_once('@').ok_or_else(|| create_err(rule))?;
+            if user.is_empty() && anony.is_some() {
+                bail!("Invalid auth, duplicate anonymous rules");
+            }
+            let mut paths = AccessPaths::default();
+            for value in list.trim_matches(',').split(',') {
+                let (path, perm) = match value.split_once(':') {
+                    None => (value, AccessPerm::ReadOnly),
+                    Some((path, "rw")) => (path, AccessPerm::ReadWrite),
+                    _ => return Err(create_err(rule)),
+                };
+                if user.is_empty() {
+                    anony_paths.push((path, perm));
+                }
+                paths.add(path, perm);
+            }
+            if user.is_empty() {
+                anony = Some(paths);
+            } else if let Some((user, pass)) = user.split_once(':') {
+                if user.is_empty() || pass.is_empty() {
+                    return Err(create_err(rule));
+                }
+                users.insert(user.to_string(), (pass.to_string(), paths));
+            } else {
+                return Err(create_err(rule));
+            }
+        }
+        for (path, perm) in anony_paths {
+            for (_, (_, paths)) in users.iter_mut() {
+                paths.add(path, perm)
+            }
+        }
+        Ok(Self { users, anony })
+    }
+
+    pub fn exist(&self) -> bool {
+        !self.users.is_empty()
+    }
+
+    pub fn guard(
+        &self,
+        path: &str,
+        method: &Method,
+        authorization: Option<&HeaderValue>,
+        auth_method: AuthMethod,
+    ) -> (Option<String>, Option<AccessPaths>) {
+        if let Some(authorization) = authorization {
+            if let Some(user) = auth_method.get_user(authorization) {
+                if let Some((pass, paths)) = self.users.get(&user) {
+                    if method == Method::OPTIONS {
+                        return (Some(user), Some(AccessPaths::new(AccessPerm::ReadOnly)));
+                    }
+                    if auth_method
+                        .check(authorization, method.as_str(), &user, pass)
+                        .is_some()
+                    {
+                        return (Some(user), paths.find(path, !is_readonly_method(method)));
+                    } else {
+                        return (None, None);
+                    }
+                }
+            }
+        }
+
+        if method == Method::OPTIONS {
+            return (None, Some(AccessPaths::new(AccessPerm::ReadOnly)));
+        }
+
+        if let Some(paths) = self.anony.as_ref() {
+            return (None, paths.find(path, !is_readonly_method(method)));
+        }
+
+        (None, None)
+    }
+}
+
+#[derive(Debug, Default, Clone, PartialEq, Eq)]
+pub struct AccessPaths {
+    perm: AccessPerm,
+    children: IndexMap<String, AccessPaths>,
+}
+
+impl AccessPaths {
+    pub fn new(perm: AccessPerm) -> Self {
+        Self {
+            perm,
+            ..Default::default()
+        }
+    }
+
+    pub fn perm(&self) -> AccessPerm {
+        self.perm
+    }
+
+    fn set_perm(&mut self, perm: AccessPerm) {
+        if self.perm < perm {
+            self.perm = perm
+        }
+    }
+
+    pub fn add(&mut self, path: &str, perm: AccessPerm) {
+        let path = path.trim_matches('/');
+        if path.is_empty() {
+            self.set_perm(perm);
+        } else {
+            let parts: Vec<&str> = path.split('/').collect();
+            self.add_impl(&parts, perm);
+        }
+    }
+
+    fn add_impl(&mut self, parts: &[&str], perm: AccessPerm) {
+        let parts_len = parts.len();
+        if parts_len == 0 {
+            self.set_perm(perm);
+            return;
+        }
+        let child = self.children.entry(parts[0].to_string()).or_default();
+        child.add_impl(&parts[1..], perm)
+    }
+
+    pub fn find(&self, path: &str, writable: bool) -> Option<AccessPaths> {
+        let parts: Vec<&str> = path
+            .trim_matches('/')
+            .split('/')
+            .filter(|v| !v.is_empty())
+            .collect();
+        let target = self.find_impl(&parts, self.perm)?;
+        if writable && !target.perm().readwrite() {
+            return None;
+        }
+        Some(target)
+    }
+
+    fn find_impl(&self, parts: &[&str], perm: AccessPerm) -> Option<AccessPaths> {
+        let perm = self.perm.max(perm);
+        if parts.is_empty() {
+            if perm.indexonly() {
+                return Some(self.clone());
+            } else {
+                return Some(AccessPaths::new(perm));
+            }
+        }
+        let child = match self.children.get(parts[0]) {
+            Some(v) => v,
+            None => {
+                if perm.indexonly() {
+                    return None;
+                } else {
+                    return Some(AccessPaths::new(perm));
+                }
+            }
+        };
+        child.find_impl(&parts[1..], perm)
+    }
+
+    pub fn child_paths(&self) -> Vec<&String> {
+        self.children.keys().collect()
+    }
+
+    pub fn leaf_paths(&self, base: &Path) -> Vec<PathBuf> {
+        if !self.perm().indexonly() {
+            return vec![base.to_path_buf()];
+        }
+        let mut output = vec![];
+        self.leaf_paths_impl(&mut output, base);
+        output
+    }
+
+    fn leaf_paths_impl(&self, output: &mut Vec<PathBuf>, base: &Path) {
+        for (name, child) in self.children.iter() {
+            let base = base.join(name);
+            if child.perm().indexonly() {
+                child.leaf_paths_impl(output, &base);
+            } else {
+                output.push(base)
+            }
+        }
+    }
+}
+
+#[derive(Debug, Clone, Copy, PartialEq, Eq, PartialOrd, Ord, Default)]
+pub enum AccessPerm {
+    #[default]
+    IndexOnly,
+    ReadOnly,
+    ReadWrite,
+}
+
+impl AccessPerm {
+    pub fn readwrite(&self) -> bool {
+        self == &AccessPerm::ReadWrite
+    }
+
+    pub fn indexonly(&self) -> bool {
+        self == &AccessPerm::IndexOnly
+    }
+}
+
+fn is_readonly_method(method: &Method) -> bool {
+    method == Method::GET
+        || method == Method::OPTIONS
+        || method == Method::HEAD
+        || method.as_str() == "PROPFIND"
+}
+
+#[derive(Debug, Clone)]
+pub enum AuthMethod {
+    Basic,
+    Digest,
+}
+
+impl AuthMethod {
+    pub fn www_auth(&self) -> Result<String> {
+        match self {
+            AuthMethod::Basic => Ok(format!("Basic realm=\"{REALM}\"")),
+            AuthMethod::Digest => Ok(format!(
+                "Digest realm=\"{}\",nonce=\"{}\",qop=\"auth\"",
+                REALM,
+                create_nonce()?,
+            )),
+        }
+    }
+
+    pub fn get_user(&self, authorization: &HeaderValue) -> Option<String> {
+        match self {
+            AuthMethod::Basic => {
+                let value: Vec<u8> = general_purpose::STANDARD
+                    .decode(strip_prefix(authorization.as_bytes(), b"Basic ")?)
+                    .ok()?;
+                let parts: Vec<&str> = std::str::from_utf8(&value).ok()?.split(':').collect();
+                Some(parts[0].to_string())
+            }
+            AuthMethod::Digest => {
+                let digest_value = strip_prefix(authorization.as_bytes(), b"Digest ")?;
+                let digest_map = to_headermap(digest_value).ok()?;
+                digest_map
+                    .get(b"username".as_ref())
+                    .and_then(|b| std::str::from_utf8(b).ok())
+                    .map(|v| v.to_string())
+            }
+        }
+    }
+
+    fn check(
+        &self,
+        authorization: &HeaderValue,
+        method: &str,
+        auth_user: &str,
+        auth_pass: &str,
+    ) -> Option<()> {
+        match self {
+            AuthMethod::Basic => {
+                let basic_value: Vec<u8> = general_purpose::STANDARD
+                    .decode(strip_prefix(authorization.as_bytes(), b"Basic ")?)
+                    .ok()?;
+                let parts: Vec<&str> = std::str::from_utf8(&basic_value).ok()?.split(':').collect();
+
+                if parts[0] != auth_user {
+                    return None;
+                }
+
+                if parts[1] == auth_pass {
+                    return Some(());
+                }
+
+                None
+            }
+            AuthMethod::Digest => {
+                let digest_value = strip_prefix(authorization.as_bytes(), b"Digest ")?;
+                let digest_map = to_headermap(digest_value).ok()?;
+                if let (Some(username), Some(nonce), Some(user_response)) = (
+                    digest_map
+                        .get(b"username".as_ref())
+                        .and_then(|b| std::str::from_utf8(b).ok()),
+                    digest_map.get(b"nonce".as_ref()),
+                    digest_map.get(b"response".as_ref()),
+                ) {
+                    match validate_nonce(nonce) {
+                        Ok(true) => {}
+                        _ => return None,
+                    }
+                    if auth_user != username {
+                        return None;
+                    }
+
+                    let mut h = Context::new();
+                    h.consume(format!("{}:{}:{}", auth_user, REALM, auth_pass).as_bytes());
+                    let auth_pass = format!("{:x}", h.compute());
+
+                    let mut ha = Context::new();
+                    ha.consume(method);
+                    ha.consume(b":");
+                    if let Some(uri) = digest_map.get(b"uri".as_ref()) {
+                        ha.consume(uri);
+                    }
+                    let ha = format!("{:x}", ha.compute());
+                    let mut correct_response = None;
+                    if let Some(qop) = digest_map.get(b"qop".as_ref()) {
+                        if qop == &b"auth".as_ref() || qop == &b"auth-int".as_ref() {
+                            correct_response = Some({
+                                let mut c = Context::new();
+                                c.consume(&auth_pass);
+                                c.consume(b":");
+                                c.consume(nonce);
+                                c.consume(b":");
+                                if let Some(nc) = digest_map.get(b"nc".as_ref()) {
+                                    c.consume(nc);
+                                }
+                                c.consume(b":");
+                                if let Some(cnonce) = digest_map.get(b"cnonce".as_ref()) {
+                                    c.consume(cnonce);
+                                }
+                                c.consume(b":");
+                                c.consume(qop);
+                                c.consume(b":");
+                                c.consume(&*ha);
+                                format!("{:x}", c.compute())
+                            });
+                        }
+                    }
+                    let correct_response = match correct_response {
+                        Some(r) => r,
+                        None => {
+                            let mut c = Context::new();
+                            c.consume(&auth_pass);
+                            c.consume(b":");
+                            c.consume(nonce);
+                            c.consume(b":");
+                            c.consume(&*ha);
+                            format!("{:x}", c.compute())
+                        }
+                    };
+                    if correct_response.as_bytes() == *user_response {
+                        return Some(());
+                    }
+                }
+                None
+            }
+        }
+    }
+}
+
+/// Check if a nonce is still valid.
+/// Return an error if it was never valid
+fn validate_nonce(nonce: &[u8]) -> Result<bool> {
+    if nonce.len() != 34 {
+        bail!("invalid nonce");
+    }
+    //parse hex
+    if let Ok(n) = std::str::from_utf8(nonce) {
+        //get time
+        if let Ok(secs_nonce) = u32::from_str_radix(&n[..8], 16) {
+            //check time
+            let now = unix_now()?;
+            let secs_now = now.as_secs() as u32;
+
+            if let Some(dur) = secs_now.checked_sub(secs_nonce) {
+                //check hash
+                let mut h = NONCESTARTHASH.clone();
+                h.consume(secs_nonce.to_be_bytes());
+                let h = format!("{:x}", h.compute());
+                if h[..26] == n[8..34] {
+                    return Ok(dur < DIGEST_AUTH_TIMEOUT);
+                }
+            }
+        }
+    }
+    bail!("invalid nonce");
+}
+
+fn strip_prefix<'a>(search: &'a [u8], prefix: &[u8]) -> Option<&'a [u8]> {
+    let l = prefix.len();
+    if search.len() < l {
+        return None;
+    }
+    if &search[..l] == prefix {
+        Some(&search[l..])
+    } else {
+        None
+    }
+}
+
+fn to_headermap(header: &[u8]) -> Result<HashMap<&[u8], &[u8]>, ()> {
+    let mut sep = Vec::new();
+    let mut assign = Vec::new();
+    let mut i: usize = 0;
+    let mut esc = false;
+    for c in header {
+        match (c, esc) {
+            (b'=', false) => assign.push(i),
+            (b',', false) => sep.push(i),
+            (b'"', false) => esc = true,
+            (b'"', true) => esc = false,
+            _ => {}
+        }
+        i += 1;
+    }
+    sep.push(i);
+
+    i = 0;
+    let mut ret = HashMap::new();
+    for (&k, &a) in sep.iter().zip(assign.iter()) {
+        while header[i] == b' ' {
+            i += 1;
+        }
+        if a <= i || k <= 1 + a {
+            //keys and values must contain one char
+            return Err(());
+        }
+        let key = &header[i..a];
+        let val = if header[1 + a] == b'"' && header[k - 1] == b'"' {
+            //escaped
+            &header[2 + a..k - 1]
+        } else {
+            //not escaped
+            &header[1 + a..k]
+        };
+        i = 1 + k;
+        ret.insert(key, val);
+    }
+    Ok(ret)
+}
+
+fn create_nonce() -> Result<String> {
+    let now = unix_now()?;
+    let secs = now.as_secs() as u32;
+    let mut h = NONCESTARTHASH.clone();
+    h.consume(secs.to_be_bytes());
+
+    let n = format!("{:08x}{:032x}", secs, h.compute());
+    Ok(n[..34].to_string())
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    fn test_access_paths() {
+        let mut paths = AccessPaths::default();
+        paths.add("/dir1", AccessPerm::ReadWrite);
+        paths.add("/dir2/dir1", AccessPerm::ReadWrite);
+        paths.add("/dir2/dir2", AccessPerm::ReadOnly);
+        paths.add("/dir2/dir3/dir1", AccessPerm::ReadWrite);
+        assert_eq!(
+            paths.leaf_paths(Path::new("/tmp")),
+            [
+                "/tmp/dir1",
+                "/tmp/dir2/dir1",
+                "/tmp/dir2/dir2",
+                "/tmp/dir2/dir3/dir1"
+            ]
+            .iter()
+            .map(PathBuf::from)
+            .collect::<Vec<_>>()
+        );
+        assert_eq!(
+            paths
+                .find("dir2", false)
+                .map(|v| v.leaf_paths(Path::new("/tmp/dir2"))),
+            Some(
+                ["/tmp/dir2/dir1", "/tmp/dir2/dir2", "/tmp/dir2/dir3/dir1"]
+                    .iter()
+                    .map(PathBuf::from)
+                    .collect::<Vec<_>>()
+            )
+        );
+        assert_eq!(paths.find("dir2", true), None);
+        assert!(paths.find("dir1/file", true).is_some());
+    }
+
+    #[test]
+    fn test_access_paths_perm() {
+        let mut paths = AccessPaths::default();
+        assert_eq!(paths.perm(), AccessPerm::IndexOnly);
+        paths.set_perm(AccessPerm::ReadOnly);
+        assert_eq!(paths.perm(), AccessPerm::ReadOnly);
+        paths.set_perm(AccessPerm::ReadWrite);
+        assert_eq!(paths.perm(), AccessPerm::ReadWrite);
+        paths.set_perm(AccessPerm::ReadOnly);
+        assert_eq!(paths.perm(), AccessPerm::ReadWrite);
+    }
+}

src/log_http.rs

@@ -0,0 +1,99 @@
+use std::{collections::HashMap, str::FromStr, sync::Arc};
+
+use crate::{args::Args, server::Request};
+
+pub const DEFAULT_LOG_FORMAT: &str = r#"$remote_addr "$request" $status"#;
+
+#[derive(Debug)]
+pub struct LogHttp {
+    elements: Vec<LogElement>,
+}
+
+#[derive(Debug)]
+enum LogElement {
+    Variable(String),
+    Header(String),
+    Literal(String),
+}
+
+impl LogHttp {
+    pub fn data(&self, req: &Request, args: &Arc<Args>) -> HashMap<String, String> {
+        let mut data = HashMap::default();
+        for element in self.elements.iter() {
+            match element {
+                LogElement::Variable(name) => match name.as_str() {
+                    "request" => {
+                        data.insert(name.to_string(), format!("{} {}", req.method(), req.uri()));
+                    }
+                    "remote_user" => {
+                        if let Some(user) = req
+                            .headers()
+                            .get("authorization")
+                            .and_then(|v| args.auth_method.get_user(v))
+                        {
+                            data.insert(name.to_string(), user);
+                        }
+                    }
+                    _ => {}
+                },
+                LogElement::Header(name) => {
+                    if let Some(value) = req.headers().get(name).and_then(|v| v.to_str().ok()) {
+                        data.insert(name.to_string(), value.to_string());
+                    }
+                }
+                LogElement::Literal(_) => {}
+            }
+        }
+        data
+    }
+    pub fn log(&self, data: &HashMap<String, String>, err: Option<String>) {
+        if self.elements.is_empty() {
+            return;
+        }
+        let mut output = String::new();
+        for element in self.elements.iter() {
+            match element {
+                LogElement::Literal(value) => output.push_str(value.as_str()),
+                LogElement::Header(name) | LogElement::Variable(name) => {
+                    output.push_str(data.get(name).map(|v| v.as_str()).unwrap_or("-"))
+                }
+            }
+        }
+        match err {
+            Some(err) => error!("{} {}", output, err),
+            None => info!("{}", output),
+        }
+    }
+}
+
+impl FromStr for LogHttp {
+    type Err = anyhow::Error;
+    fn from_str(s: &str) -> Result<Self, Self::Err> {
+        let mut elements = vec![];
+        let mut is_var = false;
+        let mut cache = String::new();
+        for c in format!("{s} ").chars() {
+            if c == '$' {
+                if !cache.is_empty() {
+                    elements.push(LogElement::Literal(cache.to_string()));
+                }
+                cache.clear();
+                is_var = true;
+            } else if is_var && !(c.is_alphanumeric() || c == '_') {
+                if let Some(value) = cache.strip_prefix("$http_") {
+                    elements.push(LogElement::Header(value.replace('_', "-").to_string()));
+                } else if let Some(value) = cache.strip_prefix('$') {
+                    elements.push(LogElement::Variable(value.to_string()));
+                }
+                cache.clear();
+                is_var = false;
+            }
+            cache.push(c);
+        }
+        let cache = cache.trim();
+        if !cache.is_empty() {
+            elements.push(LogElement::Literal(cache.to_string()));
+        }
+        Ok(Self { elements })
+    }
+}

src/logger.rs

@@ -0,0 +1,30 @@
+use chrono::{Local, SecondsFormat};
+use log::{Level, Metadata, Record};
+use log::{LevelFilter, SetLoggerError};
+
+struct SimpleLogger;
+
+impl log::Log for SimpleLogger {
+    fn enabled(&self, metadata: &Metadata) -> bool {
+        metadata.level() <= Level::Info
+    }
+
+    fn log(&self, record: &Record) {
+        if self.enabled(record.metadata()) {
+            let timestamp = Local::now().to_rfc3339_opts(SecondsFormat::Secs, true);
+            if record.level() < Level::Info {
+                eprintln!("{} {} - {}", timestamp, record.level(), record.args());
+            } else {
+                println!("{} {} - {}", timestamp, record.level(), record.args());
+            }
+        }
+    }
+
+    fn flush(&self) {}
+}
+
+static LOGGER: SimpleLogger = SimpleLogger;
+
+pub fn init() -> Result<(), SetLoggerError> {
+    log::set_logger(&LOGGER).map(|()| log::set_max_level(LevelFilter::Info))
+}

src/main.rs

@@ -1,41 +1,223 @@
-macro_rules! bail {
-    ($($tt:tt)*) => {
-        return Err(From::from(format!($($tt)*)))
-    }
-}
+mod args;
+mod auth;
+mod log_http;
+mod logger;
+mod server;
+mod streamer;
+#[cfg(feature = "tls")]
+mod tls;
+#[cfg(unix)]
+mod unix;
+mod utils;
 
 #[macro_use]
 extern crate log;
 
-mod args;
-mod server;
+use crate::args::{build_cli, print_completions, Args};
+use crate::server::{Request, Server};
+#[cfg(feature = "tls")]
+use crate::tls::{TlsAcceptor, TlsStream};
 
-pub type BoxResult<T> = Result<T, Box<dyn std::error::Error>>;
+use anyhow::{anyhow, Context, Result};
+use std::net::{IpAddr, SocketAddr, TcpListener as StdTcpListener};
+use std::sync::atomic::{AtomicBool, Ordering};
+use std::sync::Arc;
 
-use log::LevelFilter;
+use args::BindAddr;
+use clap_complete::Shell;
+use futures::future::join_all;
+use tokio::net::TcpListener;
+use tokio::task::JoinHandle;
 
-use crate::args::{matches, Args};
-use crate::server::serve;
+use hyper::server::conn::{AddrIncoming, AddrStream};
+use hyper::service::{make_service_fn, service_fn};
+#[cfg(feature = "tls")]
+use rustls::ServerConfig;
 
 #[tokio::main]
-async fn main() {
-    run().await.unwrap_or_else(handle_err)
-}
-
-async fn run() -> BoxResult<()> {
-    let args = Args::parse(matches())?;
-
-    if std::env::var("RUST_LOG").is_ok() {
-        simple_logger::init()?;
-    } else {
-        simple_logger::SimpleLogger::default()
-            .with_level(LevelFilter::Info)
-            .init()?;
+async fn main() -> Result<()> {
+    logger::init().map_err(|e| anyhow!("Failed to init logger, {e}"))?;
+    let cmd = build_cli();
+    let matches = cmd.get_matches();
+    if let Some(generator) = matches.get_one::<Shell>("completions") {
+        let mut cmd = build_cli();
+        print_completions(*generator, &mut cmd);
+        return Ok(());
+    }
+    let args = Args::parse(matches)?;
+    let args = Arc::new(args);
+    let running = Arc::new(AtomicBool::new(true));
+    let handles = serve(args.clone(), running.clone())?;
+    print_listening(args)?;
+
+    tokio::select! {
+        ret = join_all(handles) => {
+            for r in ret {
+                if let Err(e) = r {
+                    error!("{}", e);
+                }
+            }
+            Ok(())
+        },
+        _ = shutdown_signal() => {
+            running.store(false, Ordering::SeqCst);
+            Ok(())
+        },
     }
-    serve(args).await
 }
 
-fn handle_err<T>(err: Box<dyn std::error::Error>) -> T {
-    eprintln!("Server error: {}", err);
-    std::process::exit(1);
+fn serve(
+    args: Arc<Args>,
+    running: Arc<AtomicBool>,
+) -> Result<Vec<JoinHandle<Result<(), hyper::Error>>>> {
+    let inner = Arc::new(Server::init(args.clone(), running)?);
+    let mut handles = vec![];
+    let port = args.port;
+    for bind_addr in args.addrs.iter() {
+        let inner = inner.clone();
+        let serve_func = move |remote_addr: Option<SocketAddr>| {
+            let inner = inner.clone();
+            async move {
+                Ok::<_, hyper::Error>(service_fn(move |req: Request| {
+                    let inner = inner.clone();
+                    inner.call(req, remote_addr)
+                }))
+            }
+        };
+        match bind_addr {
+            BindAddr::Address(ip) => {
+                let incoming = create_addr_incoming(SocketAddr::new(*ip, port))
+                    .with_context(|| format!("Failed to bind `{ip}:{port}`"))?;
+                match args.tls.as_ref() {
+                    #[cfg(feature = "tls")]
+                    Some((certs, key)) => {
+                        let config = ServerConfig::builder()
+                            .with_safe_defaults()
+                            .with_no_client_auth()
+                            .with_single_cert(certs.clone(), key.clone())?;
+                        let config = Arc::new(config);
+                        let accepter = TlsAcceptor::new(config.clone(), incoming);
+                        let new_service = make_service_fn(move |socket: &TlsStream| {
+                            let remote_addr = socket.remote_addr();
+                            serve_func(Some(remote_addr))
+                        });
+                        let server =
+                            tokio::spawn(hyper::Server::builder(accepter).serve(new_service));
+                        handles.push(server);
+                    }
+                    #[cfg(not(feature = "tls"))]
+                    Some(_) => {
+                        unreachable!()
+                    }
+                    None => {
+                        let new_service = make_service_fn(move |socket: &AddrStream| {
+                            let remote_addr = socket.remote_addr();
+                            serve_func(Some(remote_addr))
+                        });
+                        let server =
+                            tokio::spawn(hyper::Server::builder(incoming).serve(new_service));
+                        handles.push(server);
+                    }
+                };
+            }
+            BindAddr::Path(path) => {
+                if path.exists() {
+                    std::fs::remove_file(path)?;
+                }
+                #[cfg(unix)]
+                {
+                    let listener = tokio::net::UnixListener::bind(path)
+                        .with_context(|| format!("Failed to bind `{}`", path.display()))?;
+                    let acceptor = unix::UnixAcceptor::from_listener(listener);
+                    let new_service = make_service_fn(move |_| serve_func(None));
+                    let server = tokio::spawn(hyper::Server::builder(acceptor).serve(new_service));
+                    handles.push(server);
+                }
+            }
+        }
+    }
+    Ok(handles)
+}
+
+fn create_addr_incoming(addr: SocketAddr) -> Result<AddrIncoming> {
+    use socket2::{Domain, Protocol, Socket, Type};
+    let socket = Socket::new(Domain::for_address(addr), Type::STREAM, Some(Protocol::TCP))?;
+    if addr.is_ipv6() {
+        socket.set_only_v6(true)?;
+    }
+    socket.set_reuse_address(true)?;
+    socket.bind(&addr.into())?;
+    socket.listen(1024 /* Default backlog */)?;
+    let std_listener = StdTcpListener::from(socket);
+    std_listener.set_nonblocking(true)?;
+    let incoming = AddrIncoming::from_listener(TcpListener::from_std(std_listener)?)?;
+    Ok(incoming)
+}
+
+fn print_listening(args: Arc<Args>) -> Result<()> {
+    let mut bind_addrs = vec![];
+    let (mut ipv4, mut ipv6) = (false, false);
+    for bind_addr in args.addrs.iter() {
+        match bind_addr {
+            BindAddr::Address(ip) => {
+                if ip.is_unspecified() {
+                    if ip.is_ipv6() {
+                        ipv6 = true;
+                    } else {
+                        ipv4 = true;
+                    }
+                } else {
+                    bind_addrs.push(bind_addr.clone());
+                }
+            }
+            _ => bind_addrs.push(bind_addr.clone()),
+        }
+    }
+    if ipv4 || ipv6 {
+        let ifaces =
+            if_addrs::get_if_addrs().with_context(|| "Failed to get local interface addresses")?;
+        for iface in ifaces.into_iter() {
+            let local_ip = iface.ip();
+            if ipv4 && local_ip.is_ipv4() {
+                bind_addrs.push(BindAddr::Address(local_ip))
+            }
+            if ipv6 && local_ip.is_ipv6() {
+                bind_addrs.push(BindAddr::Address(local_ip))
+            }
+        }
+    }
+    bind_addrs.sort_unstable();
+    let urls = bind_addrs
+        .into_iter()
+        .map(|bind_addr| match bind_addr {
+            BindAddr::Address(addr) => {
+                let addr = match addr {
+                    IpAddr::V4(_) => format!("{}:{}", addr, args.port),
+                    IpAddr::V6(_) => format!("[{}]:{}", addr, args.port),
+                };
+                let protocol = if args.tls.is_some() { "https" } else { "http" };
+                format!("{}://{}{}", protocol, addr, args.uri_prefix)
+            }
+            BindAddr::Path(path) => path.display().to_string(),
+        })
+        .collect::<Vec<_>>();
+
+    if urls.len() == 1 {
+        println!("Listening on {}", urls[0]);
+    } else {
+        let info = urls
+            .iter()
+            .map(|v| format!("  {v}"))
+            .collect::<Vec<String>>()
+            .join("\n");
+        println!("Listening on:\n{info}\n");
+    }
+
+    Ok(())
+}
+
+async fn shutdown_signal() {
+    tokio::signal::ctrl_c()
+        .await
+        .expect("Failed to install CTRL+C signal handler")
 }

src/streamer.rs

@@ -0,0 +1,68 @@
+use async_stream::stream;
+use futures::{Stream, StreamExt};
+use std::io::Error;
+use std::pin::Pin;
+use tokio::io::{AsyncRead, AsyncReadExt};
+
+pub struct Streamer<R>
+where
+    R: AsyncRead + Unpin + Send + 'static,
+{
+    reader: R,
+    buf_size: usize,
+}
+
+impl<R> Streamer<R>
+where
+    R: AsyncRead + Unpin + Send + 'static,
+{
+    #[inline]
+    pub fn new(reader: R, buf_size: usize) -> Self {
+        Self { reader, buf_size }
+    }
+    pub fn into_stream(
+        mut self,
+    ) -> Pin<Box<impl ?Sized + Stream<Item = Result<Vec<u8>, Error>> + 'static>> {
+        let stream = stream! {
+            loop {
+                let mut buf = vec![0; self.buf_size];
+                let r = self.reader.read(&mut buf).await?;
+                if r == 0 {
+                    break
+                }
+                buf.truncate(r);
+                yield Ok(buf);
+            }
+        };
+        stream.boxed()
+    }
+    // allow truncation as truncated remaining is always less than buf_size: usize
+    pub fn into_stream_sized(
+        mut self,
+        max_length: u64,
+    ) -> Pin<Box<impl ?Sized + Stream<Item = Result<Vec<u8>, Error>> + 'static>> {
+        let stream = stream! {
+        let mut remaining = max_length;
+            loop {
+                if remaining == 0 {
+                    break;
+                }
+                let bs = if remaining >= self.buf_size as u64 {
+                    self.buf_size
+                } else {
+                    remaining as usize
+                };
+                let mut buf = vec![0; bs];
+                let r = self.reader.read(&mut buf).await?;
+                if r == 0 {
+                    break;
+                } else {
+                    buf.truncate(r);
+                    yield Ok(buf);
+                }
+                remaining -= r as u64;
+            }
+        };
+        stream.boxed()
+    }
+}

src/tls.rs

@@ -0,0 +1,161 @@
+use anyhow::{anyhow, bail, Context as AnyhowContext, Result};
+use core::task::{Context, Poll};
+use futures::ready;
+use hyper::server::accept::Accept;
+use hyper::server::conn::{AddrIncoming, AddrStream};
+use rustls::{Certificate, PrivateKey};
+use std::future::Future;
+use std::net::SocketAddr;
+use std::path::Path;
+use std::pin::Pin;
+use std::sync::Arc;
+use std::{fs, io};
+use tokio::io::{AsyncRead, AsyncWrite, ReadBuf};
+use tokio_rustls::rustls::ServerConfig;
+
+enum State {
+    Handshaking(tokio_rustls::Accept<AddrStream>),
+    Streaming(tokio_rustls::server::TlsStream<AddrStream>),
+}
+
+// tokio_rustls::server::TlsStream doesn't expose constructor methods,
+// so we have to TlsAcceptor::accept and handshake to have access to it
+// TlsStream implements AsyncRead/AsyncWrite handshaking tokio_rustls::Accept first
+pub struct TlsStream {
+    state: State,
+    remote_addr: SocketAddr,
+}
+
+impl TlsStream {
+    fn new(stream: AddrStream, config: Arc<ServerConfig>) -> TlsStream {
+        let remote_addr = stream.remote_addr();
+        let accept = tokio_rustls::TlsAcceptor::from(config).accept(stream);
+        TlsStream {
+            state: State::Handshaking(accept),
+            remote_addr,
+        }
+    }
+    pub fn remote_addr(&self) -> SocketAddr {
+        self.remote_addr
+    }
+}
+
+impl AsyncRead for TlsStream {
+    fn poll_read(
+        self: Pin<&mut Self>,
+        cx: &mut Context,
+        buf: &mut ReadBuf,
+    ) -> Poll<io::Result<()>> {
+        let pin = self.get_mut();
+        match pin.state {
+            State::Handshaking(ref mut accept) => match ready!(Pin::new(accept).poll(cx)) {
+                Ok(mut stream) => {
+                    let result = Pin::new(&mut stream).poll_read(cx, buf);
+                    pin.state = State::Streaming(stream);
+                    result
+                }
+                Err(err) => Poll::Ready(Err(err)),
+            },
+            State::Streaming(ref mut stream) => Pin::new(stream).poll_read(cx, buf),
+        }
+    }
+}
+
+impl AsyncWrite for TlsStream {
+    fn poll_write(
+        self: Pin<&mut Self>,
+        cx: &mut Context<'_>,
+        buf: &[u8],
+    ) -> Poll<io::Result<usize>> {
+        let pin = self.get_mut();
+        match pin.state {
+            State::Handshaking(ref mut accept) => match ready!(Pin::new(accept).poll(cx)) {
+                Ok(mut stream) => {
+                    let result = Pin::new(&mut stream).poll_write(cx, buf);
+                    pin.state = State::Streaming(stream);
+                    result
+                }
+                Err(err) => Poll::Ready(Err(err)),
+            },
+            State::Streaming(ref mut stream) => Pin::new(stream).poll_write(cx, buf),
+        }
+    }
+
+    fn poll_flush(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<io::Result<()>> {
+        match self.state {
+            State::Handshaking(_) => Poll::Ready(Ok(())),
+            State::Streaming(ref mut stream) => Pin::new(stream).poll_flush(cx),
+        }
+    }
+
+    fn poll_shutdown(mut self: Pin<&mut Self>, cx: &mut Context<'_>) -> Poll<io::Result<()>> {
+        match self.state {
+            State::Handshaking(_) => Poll::Ready(Ok(())),
+            State::Streaming(ref mut stream) => Pin::new(stream).poll_shutdown(cx),
+        }
+    }
+}
+
+pub struct TlsAcceptor {
+    config: Arc<ServerConfig>,
+    incoming: AddrIncoming,
+}
+
+impl TlsAcceptor {
+    pub fn new(config: Arc<ServerConfig>, incoming: AddrIncoming) -> TlsAcceptor {
+        TlsAcceptor { config, incoming }
+    }
+}
+
+impl Accept for TlsAcceptor {
+    type Conn = TlsStream;
+    type Error = io::Error;
+
+    fn poll_accept(
+        self: Pin<&mut Self>,
+        cx: &mut Context<'_>,
+    ) -> Poll<Option<Result<Self::Conn, Self::Error>>> {
+        let pin = self.get_mut();
+        match ready!(Pin::new(&mut pin.incoming).poll_accept(cx)) {
+            Some(Ok(sock)) => Poll::Ready(Some(Ok(TlsStream::new(sock, pin.config.clone())))),
+            Some(Err(e)) => Poll::Ready(Some(Err(e))),
+            None => Poll::Ready(None),
+        }
+    }
+}
+
+// Load public certificate from file.
+pub fn load_certs<T: AsRef<Path>>(filename: T) -> Result<Vec<Certificate>> {
+    // Open certificate file.
+    let cert_file = fs::File::open(filename.as_ref())
+        .with_context(|| format!("Failed to access `{}`", filename.as_ref().display()))?;
+    let mut reader = io::BufReader::new(cert_file);
+
+    // Load and return certificate.
+    let certs = rustls_pemfile::certs(&mut reader).with_context(|| "Failed to load certificate")?;
+    if certs.is_empty() {
+        bail!("No supported certificate in file");
+    }
+    Ok(certs.into_iter().map(Certificate).collect())
+}
+
+// Load private key from file.
+pub fn load_private_key<T: AsRef<Path>>(filename: T) -> Result<PrivateKey> {
+    let key_file = fs::File::open(filename.as_ref())
+        .with_context(|| format!("Failed to access `{}`", filename.as_ref().display()))?;
+    let mut reader = io::BufReader::new(key_file);
+
+    // Load and return a single private key.
+    let keys = rustls_pemfile::read_all(&mut reader)
+        .with_context(|| "There was a problem with reading private key")?
+        .into_iter()
+        .find_map(|item| match item {
+            rustls_pemfile::Item::RSAKey(key)
+            | rustls_pemfile::Item::PKCS8Key(key)
+            | rustls_pemfile::Item::ECKey(key) => Some(key),
+            _ => None,
+        })
+        .ok_or_else(|| anyhow!("No supported private key in file"))?;
+
+    Ok(PrivateKey(keys))
+}

src/unix.rs

@@ -0,0 +1,31 @@
+use hyper::server::accept::Accept;
+use tokio::net::UnixListener;
+
+use std::pin::Pin;
+use std::task::{Context, Poll};
+
+pub struct UnixAcceptor {
+    inner: UnixListener,
+}
+
+impl UnixAcceptor {
+    pub fn from_listener(listener: UnixListener) -> Self {
+        Self { inner: listener }
+    }
+}
+
+impl Accept for UnixAcceptor {
+    type Conn = tokio::net::UnixStream;
+    type Error = std::io::Error;
+
+    fn poll_accept(
+        self: Pin<&mut Self>,
+        cx: &mut Context<'_>,
+    ) -> Poll<Option<Result<Self::Conn, Self::Error>>> {
+        match self.inner.poll_accept(cx) {
+            Poll::Pending => Poll::Pending,
+            Poll::Ready(Ok((socket, _addr))) => Poll::Ready(Some(Ok(socket))),
+            Poll::Ready(Err(err)) => Poll::Ready(Some(Err(err))),
+        }
+    }
+}

src/utils.rs

@@ -0,0 +1,83 @@
+use anyhow::{anyhow, Context, Result};
+use chrono::{DateTime, Utc};
+use std::{
+    borrow::Cow,
+    path::Path,
+    time::{Duration, SystemTime, UNIX_EPOCH},
+};
+
+pub fn unix_now() -> Result<Duration> {
+    SystemTime::now()
+        .duration_since(UNIX_EPOCH)
+        .with_context(|| "Invalid system time")
+}
+
+pub fn encode_uri(v: &str) -> String {
+    let parts: Vec<_> = v.split('/').map(urlencoding::encode).collect();
+    parts.join("/")
+}
+
+pub fn decode_uri(v: &str) -> Option<Cow<str>> {
+    percent_encoding::percent_decode(v.as_bytes())
+        .decode_utf8()
+        .ok()
+}
+
+pub fn get_file_name(path: &Path) -> &str {
+    path.file_name()
+        .and_then(|v| v.to_str())
+        .unwrap_or_default()
+}
+
+#[cfg(unix)]
+pub async fn get_file_mtime_and_mode(path: &Path) -> Result<(DateTime<Utc>, u16)> {
+    use std::os::unix::prelude::MetadataExt;
+    let meta = tokio::fs::metadata(path).await?;
+    let datetime: DateTime<Utc> = meta.modified()?.into();
+    Ok((datetime, meta.mode() as u16))
+}
+
+#[cfg(not(unix))]
+pub async fn get_file_mtime_and_mode(path: &Path) -> Result<(DateTime<Utc>, u16)> {
+    let meta = tokio::fs::metadata(&path).await?;
+    let datetime: DateTime<Utc> = meta.modified()?.into();
+    Ok((datetime, 0o644))
+}
+
+pub fn try_get_file_name(path: &Path) -> Result<&str> {
+    path.file_name()
+        .and_then(|v| v.to_str())
+        .ok_or_else(|| anyhow!("Failed to get file name of `{}`", path.display()))
+}
+
+pub fn glob(pattern: &str, target: &str) -> bool {
+    let pat = match ::glob::Pattern::new(pattern) {
+        Ok(pat) => pat,
+        Err(_) => return false,
+    };
+    pat.matches(target)
+}
+
+#[test]
+fn test_glob_key() {
+    assert!(glob("", ""));
+    assert!(glob(".*", ".git"));
+    assert!(glob("abc", "abc"));
+    assert!(glob("a*c", "abc"));
+    assert!(glob("a?c", "abc"));
+    assert!(glob("a*c", "abbc"));
+    assert!(glob("*c", "abc"));
+    assert!(glob("a*", "abc"));
+    assert!(glob("?c", "bc"));
+    assert!(glob("a?", "ab"));
+    assert!(!glob("abc", "adc"));
+    assert!(!glob("abc", "abcd"));
+    assert!(!glob("a?c", "abbc"));
+    assert!(!glob("*.log", "log"));
+    assert!(glob("*.abc-cba", "xyz.abc-cba"));
+    assert!(glob("*.abc-cba", "123.xyz.abc-cba"));
+    assert!(glob("*.log", ".log"));
+    assert!(glob("*.log", "a.log"));
+    assert!(glob("*/", "abc/"));
+    assert!(!glob("*/", "abc"));
+}

tests/allow.rs

@@ -0,0 +1,92 @@
+mod fixtures;
+mod utils;
+
+use fixtures::{server, Error, TestServer};
+use rstest::rstest;
+
+#[rstest]
+fn default_not_allow_upload(server: TestServer) -> Result<(), Error> {
+    let url = format!("{}file1", server.url());
+    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
+    assert_eq!(resp.status(), 403);
+    Ok(())
+}
+
+#[rstest]
+fn default_not_allow_delete(server: TestServer) -> Result<(), Error> {
+    let url = format!("{}test.html", server.url());
+    let resp = fetch!(b"DELETE", &url).send()?;
+    assert_eq!(resp.status(), 403);
+    Ok(())
+}
+
+#[rstest]
+fn default_not_allow_archive(server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}?zip", server.url()))?;
+    assert_eq!(resp.status(), 404);
+    Ok(())
+}
+
+#[rstest]
+fn default_not_exist_dir(server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}404/", server.url()))?;
+    assert_eq!(resp.status(), 404);
+    Ok(())
+}
+
+#[rstest]
+fn allow_upload_not_exist_dir(
+    #[with(&["--allow-upload"])] server: TestServer,
+) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}404/", server.url()))?;
+    assert_eq!(resp.status(), 200);
+    Ok(())
+}
+
+#[rstest]
+fn allow_upload_no_override(#[with(&["--allow-upload"])] server: TestServer) -> Result<(), Error> {
+    let url = format!("{}index.html", server.url());
+    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
+    assert_eq!(resp.status(), 403);
+    Ok(())
+}
+
+#[rstest]
+fn allow_delete_no_override(#[with(&["--allow-delete"])] server: TestServer) -> Result<(), Error> {
+    let url = format!("{}index.html", server.url());
+    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
+    assert_eq!(resp.status(), 403);
+    Ok(())
+}
+
+#[rstest]
+fn allow_upload_delete_can_override(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let url = format!("{}index.html", server.url());
+    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
+    assert_eq!(resp.status(), 201);
+    Ok(())
+}
+
+#[rstest]
+fn allow_search(#[with(&["--allow-search"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}?q={}", server.url(), "test.html"))?;
+    assert_eq!(resp.status(), 200);
+    let paths = utils::retrieve_index_paths(&resp.text()?);
+    assert!(!paths.is_empty());
+    for p in paths {
+        assert!(p.contains("test.html"));
+    }
+    Ok(())
+}
+
+#[rstest]
+fn allow_archive(#[with(&["--allow-archive"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}?zip", server.url()))?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(
+        resp.headers().get("content-type").unwrap(),
+        "application/zip"
+    );
+    assert!(resp.headers().contains_key("content-disposition"));
+    Ok(())
+}

tests/args.rs

@@ -0,0 +1,32 @@
+//! Run file server with different args
+
+mod fixtures;
+mod utils;
+
+use fixtures::{server, Error, TestServer};
+use rstest::rstest;
+
+#[rstest]
+fn path_prefix_index(#[with(&["--path-prefix", "xyz"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}{}", server.url(), "xyz"))?;
+    assert_resp_paths!(resp);
+    Ok(())
+}
+
+#[rstest]
+fn path_prefix_file(#[with(&["--path-prefix", "xyz"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}{}/index.html", server.url(), "xyz"))?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(resp.text()?, "This is index.html");
+    Ok(())
+}
+
+#[rstest]
+fn path_prefix_propfind(
+    #[with(&["--path-prefix", "xyz"])] server: TestServer,
+) -> Result<(), Error> {
+    let resp = fetch!(b"PROPFIND", format!("{}{}", server.url(), "xyz")).send()?;
+    let text = resp.text()?;
+    assert!(text.contains("<D:href>/xyz/</D:href>"));
+    Ok(())
+}

tests/assets.rs

@@ -0,0 +1,122 @@
+mod fixtures;
+mod utils;
+
+use assert_cmd::prelude::*;
+use assert_fs::fixture::TempDir;
+use fixtures::{port, server, tmpdir, wait_for_port, Error, TestServer, DIR_ASSETS};
+use rstest::rstest;
+use std::process::{Command, Stdio};
+
+#[rstest]
+fn assets(server: TestServer) -> Result<(), Error> {
+    let ver = env!("CARGO_PKG_VERSION");
+    let resp = reqwest::blocking::get(server.url())?;
+    let index_js = format!("/__dufs_v{ver}_index.js");
+    let index_css = format!("/__dufs_v{ver}_index.css");
+    let favicon_ico = format!("/__dufs_v{ver}_favicon.ico");
+    let text = resp.text()?;
+    assert!(text.contains(&format!(r#"href="{index_css}""#)));
+    assert!(text.contains(&format!(r#"href="{favicon_ico}""#)));
+    assert!(text.contains(&format!(r#"src="{index_js}""#)));
+    Ok(())
+}
+
+#[rstest]
+fn asset_js(server: TestServer) -> Result<(), Error> {
+    let url = format!(
+        "{}__dufs_v{}_index.js",
+        server.url(),
+        env!("CARGO_PKG_VERSION")
+    );
+    let resp = reqwest::blocking::get(url)?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(
+        resp.headers().get("content-type").unwrap(),
+        "application/javascript"
+    );
+    Ok(())
+}
+
+#[rstest]
+fn asset_css(server: TestServer) -> Result<(), Error> {
+    let url = format!(
+        "{}__dufs_v{}_index.css",
+        server.url(),
+        env!("CARGO_PKG_VERSION")
+    );
+    let resp = reqwest::blocking::get(url)?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(resp.headers().get("content-type").unwrap(), "text/css");
+    Ok(())
+}
+
+#[rstest]
+fn asset_ico(server: TestServer) -> Result<(), Error> {
+    let url = format!(
+        "{}__dufs_v{}_favicon.ico",
+        server.url(),
+        env!("CARGO_PKG_VERSION")
+    );
+    let resp = reqwest::blocking::get(url)?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(resp.headers().get("content-type").unwrap(), "image/x-icon");
+    Ok(())
+}
+
+#[rstest]
+fn assets_with_prefix(#[with(&["--path-prefix", "xyz"])] server: TestServer) -> Result<(), Error> {
+    let ver = env!("CARGO_PKG_VERSION");
+    let resp = reqwest::blocking::get(format!("{}xyz/", server.url()))?;
+    let index_js = format!("/xyz/__dufs_v{ver}_index.js");
+    let index_css = format!("/xyz/__dufs_v{ver}_index.css");
+    let favicon_ico = format!("/xyz/__dufs_v{ver}_favicon.ico");
+    let text = resp.text()?;
+    assert!(text.contains(&format!(r#"href="{index_css}""#)));
+    assert!(text.contains(&format!(r#"href="{favicon_ico}""#)));
+    assert!(text.contains(&format!(r#"src="{index_js}""#)));
+    Ok(())
+}
+
+#[rstest]
+fn asset_js_with_prefix(
+    #[with(&["--path-prefix", "xyz"])] server: TestServer,
+) -> Result<(), Error> {
+    let url = format!(
+        "{}xyz/__dufs_v{}_index.js",
+        server.url(),
+        env!("CARGO_PKG_VERSION")
+    );
+    let resp = reqwest::blocking::get(url)?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(
+        resp.headers().get("content-type").unwrap(),
+        "application/javascript"
+    );
+    Ok(())
+}
+
+#[rstest]
+fn assets_override(tmpdir: TempDir, port: u16) -> Result<(), Error> {
+    let mut child = Command::cargo_bin("dufs")?
+        .arg(tmpdir.path())
+        .arg("-p")
+        .arg(port.to_string())
+        .arg("--assets")
+        .arg(tmpdir.join(DIR_ASSETS))
+        .stdout(Stdio::piped())
+        .spawn()?;
+
+    wait_for_port(port);
+
+    let url = format!("http://localhost:{port}");
+    let resp = reqwest::blocking::get(&url)?;
+    assert!(resp.text()?.starts_with(&format!(
+        "/__dufs_v{}_index.js;DATA",
+        env!("CARGO_PKG_VERSION")
+    )));
+    let resp = reqwest::blocking::get(&url)?;
+    assert_resp_paths!(resp);
+
+    child.kill()?;
+    Ok(())
+}

tests/auth.rs

@@ -0,0 +1,234 @@
+mod fixtures;
+mod utils;
+
+use diqwest::blocking::WithDigestAuth;
+use fixtures::{server, Error, TestServer};
+use indexmap::IndexSet;
+use rstest::rstest;
+
+#[rstest]
+fn no_auth(#[with(&["--auth", "user:pass@/:rw", "-A"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(server.url())?;
+    assert_eq!(resp.status(), 401);
+    assert!(resp.headers().contains_key("www-authenticate"));
+    let url = format!("{}file1", server.url());
+    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
+    assert_eq!(resp.status(), 401);
+    Ok(())
+}
+
+#[rstest]
+fn auth(#[with(&["--auth", "user:pass@/:rw", "-A"])] server: TestServer) -> Result<(), Error> {
+    let url = format!("{}file1", server.url());
+    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
+    assert_eq!(resp.status(), 401);
+    let resp = fetch!(b"PUT", &url)
+        .body(b"abc".to_vec())
+        .send_with_digest_auth("user", "pass")?;
+    assert_eq!(resp.status(), 201);
+    Ok(())
+}
+
+#[rstest]
+fn auth_and_public(
+    #[with(&["--auth", "user:pass@/:rw|@/", "-A"])] server: TestServer,
+) -> Result<(), Error> {
+    let url = format!("{}file1", server.url());
+    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
+    assert_eq!(resp.status(), 401);
+    let resp = fetch!(b"PUT", &url)
+        .body(b"abc".to_vec())
+        .send_with_digest_auth("user", "pass")?;
+    assert_eq!(resp.status(), 201);
+    let resp = fetch!(b"GET", &url).send()?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(resp.text()?, "abc");
+    Ok(())
+}
+
+#[rstest]
+fn auth_skip(#[with(&["--auth", "@/"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(server.url())?;
+    assert_eq!(resp.status(), 200);
+    Ok(())
+}
+
+#[rstest]
+fn auth_skip_on_options_method(
+    #[with(&["--auth", "user:pass@/:rw"])] server: TestServer,
+) -> Result<(), Error> {
+    let url = format!("{}index.html", server.url());
+    let resp = fetch!(b"OPTIONS", &url).send()?;
+    assert_eq!(resp.status(), 200);
+    Ok(())
+}
+
+#[rstest]
+fn auth_check(
+    #[with(&["--auth", "user:pass@/:rw|user2:pass2@/", "-A"])] server: TestServer,
+) -> Result<(), Error> {
+    let url = format!("{}index.html", server.url());
+    let resp = fetch!(b"WRITEABLE", &url).send()?;
+    assert_eq!(resp.status(), 401);
+    let resp = fetch!(b"WRITEABLE", &url).send_with_digest_auth("user2", "pass2")?;
+    assert_eq!(resp.status(), 403);
+    let resp = fetch!(b"WRITEABLE", &url).send_with_digest_auth("user", "pass")?;
+    assert_eq!(resp.status(), 200);
+    Ok(())
+}
+
+#[rstest]
+fn auth_readonly(
+    #[with(&["--auth", "user:pass@/:rw|user2:pass2@/", "-A"])] server: TestServer,
+) -> Result<(), Error> {
+    let url = format!("{}index.html", server.url());
+    let resp = fetch!(b"GET", &url).send()?;
+    assert_eq!(resp.status(), 401);
+    let resp = fetch!(b"GET", &url).send_with_digest_auth("user2", "pass2")?;
+    assert_eq!(resp.status(), 200);
+    let url = format!("{}file1", server.url());
+    let resp = fetch!(b"PUT", &url)
+        .body(b"abc".to_vec())
+        .send_with_digest_auth("user2", "pass2")?;
+    assert_eq!(resp.status(), 403);
+    Ok(())
+}
+
+#[rstest]
+fn auth_nest(
+    #[with(&["--auth", "user:pass@/:rw|user2:pass2@/", "--auth", "user3:pass3@/dir1:rw", "-A"])]
+    server: TestServer,
+) -> Result<(), Error> {
+    let url = format!("{}dir1/file1", server.url());
+    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
+    assert_eq!(resp.status(), 401);
+    let resp = fetch!(b"PUT", &url)
+        .body(b"abc".to_vec())
+        .send_with_digest_auth("user3", "pass3")?;
+    assert_eq!(resp.status(), 201);
+    let resp = fetch!(b"PUT", &url)
+        .body(b"abc".to_vec())
+        .send_with_digest_auth("user", "pass")?;
+    assert_eq!(resp.status(), 201);
+    Ok(())
+}
+
+#[rstest]
+fn auth_nest_share(
+    #[with(&["--auth", "@/", "--auth", "user:pass@/:rw", "--auth", "user3:pass3@/dir1:rw", "-A"])]
+    server: TestServer,
+) -> Result<(), Error> {
+    let url = format!("{}index.html", server.url());
+    let resp = fetch!(b"GET", &url).send()?;
+    assert_eq!(resp.status(), 200);
+    Ok(())
+}
+
+#[rstest]
+#[case(server(&["--auth", "user:pass@/:rw", "--auth-method", "basic", "-A"]), "user", "pass")]
+#[case(server(&["--auth", "u1:p1@/:rw", "--auth-method", "basic", "-A"]), "u1", "p1")]
+fn auth_basic(
+    #[case] server: TestServer,
+    #[case] user: &str,
+    #[case] pass: &str,
+) -> Result<(), Error> {
+    let url = format!("{}file1", server.url());
+    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
+    assert_eq!(resp.status(), 401);
+    let resp = fetch!(b"PUT", &url)
+        .body(b"abc".to_vec())
+        .basic_auth(user, Some(pass))
+        .send()?;
+    assert_eq!(resp.status(), 201);
+    Ok(())
+}
+
+#[rstest]
+fn auth_webdav_move(
+    #[with(&["--auth", "user:pass@/:rw", "--auth", "user3:pass3@/dir1:rw", "-A"])]
+    server: TestServer,
+) -> Result<(), Error> {
+    let origin_url = format!("{}dir1/test.html", server.url());
+    let new_url = format!("{}test2.html", server.url());
+    let resp = fetch!(b"MOVE", &origin_url)
+        .header("Destination", &new_url)
+        .send_with_digest_auth("user3", "pass3")?;
+    assert_eq!(resp.status(), 403);
+    Ok(())
+}
+
+#[rstest]
+fn auth_webdav_copy(
+    #[with(&["--auth", "user:pass@/:rw", "--auth", "user3:pass3@/dir1:rw", "-A"])]
+    server: TestServer,
+) -> Result<(), Error> {
+    let origin_url = format!("{}dir1/test.html", server.url());
+    let new_url = format!("{}test2.html", server.url());
+    let resp = fetch!(b"COPY", &origin_url)
+        .header("Destination", &new_url)
+        .send_with_digest_auth("user3", "pass3")?;
+    assert_eq!(resp.status(), 403);
+    Ok(())
+}
+
+#[rstest]
+fn auth_path_prefix(
+    #[with(&["--auth", "user:pass@/:rw", "--path-prefix", "xyz", "-A"])] server: TestServer,
+) -> Result<(), Error> {
+    let url = format!("{}xyz/index.html", server.url());
+    let resp = fetch!(b"GET", &url).send()?;
+    assert_eq!(resp.status(), 401);
+    let resp = fetch!(b"GET", &url).send_with_digest_auth("user", "pass")?;
+    assert_eq!(resp.status(), 200);
+    Ok(())
+}
+
+#[rstest]
+fn auth_partial_index(
+    #[with(&["--auth", "user:pass@/dir1:rw,/dir2:rw", "-A"])] server: TestServer,
+) -> Result<(), Error> {
+    let resp = fetch!(b"GET", server.url()).send_with_digest_auth("user", "pass")?;
+    assert_eq!(resp.status(), 200);
+    let paths = utils::retrieve_index_paths(&resp.text()?);
+    assert_eq!(paths, IndexSet::from(["dir1/".into(), "dir2/".into()]));
+    let resp = fetch!(b"GET", format!("{}?q={}", server.url(), "test.html"))
+        .send_with_digest_auth("user", "pass")?;
+    assert_eq!(resp.status(), 200);
+    let paths = utils::retrieve_index_paths(&resp.text()?);
+    assert_eq!(
+        paths,
+        IndexSet::from(["dir1/test.html".into(), "dir2/test.html".into()])
+    );
+    Ok(())
+}
+
+#[rstest]
+fn no_auth_propfind_dir(
+    #[with(&["--auth", "user:pass@/:rw", "--auth", "@/dir-assets", "-A"])] server: TestServer,
+) -> Result<(), Error> {
+    let resp = fetch!(b"PROPFIND", server.url()).send()?;
+    assert_eq!(resp.status(), 207);
+    let body = resp.text()?;
+    assert!(body.contains("<D:href>/dir-assets/</D:href>"));
+    assert!(body.contains("<D:href>/dir1/</D:href>"));
+    Ok(())
+}
+
+#[rstest]
+fn auth_data(
+    #[with(&["--auth", "user:pass@/:rw|@/", "-A", "--auth-method", "basic"])] server: TestServer,
+) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(server.url())?;
+    let content = resp.text()?;
+    let json = utils::retrive_json(&content).unwrap();
+    assert_eq!(json["allow_delete"], serde_json::Value::Bool(false));
+    assert_eq!(json["allow_upload"], serde_json::Value::Bool(false));
+    let resp = fetch!(b"GET", server.url())
+        .basic_auth("user", Some("pass"))
+        .send()?;
+    let content = resp.text()?;
+    let json = utils::retrive_json(&content).unwrap();
+    assert_eq!(json["allow_delete"], serde_json::Value::Bool(true));
+    assert_eq!(json["allow_upload"], serde_json::Value::Bool(true));
+    Ok(())
+}

tests/bind.rs

@@ -0,0 +1,86 @@
+mod fixtures;
+
+use fixtures::{port, server, tmpdir, wait_for_port, Error, TestServer};
+
+use assert_cmd::prelude::*;
+use assert_fs::fixture::TempDir;
+use regex::Regex;
+use rstest::rstest;
+use std::io::Read;
+use std::process::{Command, Stdio};
+
+#[rstest]
+#[case(&["-b", "20.205.243.166"])]
+fn bind_fails(tmpdir: TempDir, port: u16, #[case] args: &[&str]) -> Result<(), Error> {
+    Command::cargo_bin("dufs")?
+        .arg(tmpdir.path())
+        .arg("-p")
+        .arg(port.to_string())
+        .args(args)
+        .assert()
+        .stderr(predicates::str::contains("Failed to bind"))
+        .failure();
+
+    Ok(())
+}
+
+#[rstest]
+#[case(server(&[] as &[&str]), true, true)]
+#[case(server(&["-b", "0.0.0.0"]), true, false)]
+#[case(server(&["-b", "127.0.0.1", "-b", "::1"]), true, true)]
+fn bind_ipv4_ipv6(
+    #[case] server: TestServer,
+    #[case] bind_ipv4: bool,
+    #[case] bind_ipv6: bool,
+) -> Result<(), Error> {
+    assert_eq!(
+        reqwest::blocking::get(format!("http://127.0.0.1:{}", server.port()).as_str()).is_ok(),
+        bind_ipv4
+    );
+    assert_eq!(
+        reqwest::blocking::get(format!("http://[::1]:{}", server.port()).as_str()).is_ok(),
+        bind_ipv6
+    );
+
+    Ok(())
+}
+
+#[rstest]
+#[case(&[] as &[&str])]
+#[case(&["--path-prefix", "/prefix"])]
+fn validate_printed_urls(tmpdir: TempDir, port: u16, #[case] args: &[&str]) -> Result<(), Error> {
+    let mut child = Command::cargo_bin("dufs")?
+        .arg(tmpdir.path())
+        .arg("-p")
+        .arg(port.to_string())
+        .args(args)
+        .stdout(Stdio::piped())
+        .spawn()?;
+
+    wait_for_port(port);
+
+    let stdout = child.stdout.as_mut().expect("Failed to get stdout");
+    let mut buf = [0; 1000];
+    let buf_len = stdout.read(&mut buf)?;
+    let output = std::str::from_utf8(&buf[0..buf_len])?;
+    let url_lines = output
+        .lines()
+        .take_while(|line| !line.is_empty()) /* non-empty lines */
+        .collect::<Vec<_>>()
+        .join("\n");
+
+    let urls = Regex::new(r"http://[a-zA-Z0-9\.\[\]:/]+")
+        .unwrap()
+        .captures_iter(url_lines.as_str())
+        .filter_map(|caps| caps.get(0).map(|v| v.as_str()))
+        .collect::<Vec<_>>();
+
+    assert!(!urls.is_empty());
+    for url in urls {
+        reqwest::blocking::get(url)?.error_for_status()?;
+    }
+
+    child.kill()?;
+
+    Ok(())
+}

tests/cli.rs

@@ -0,0 +1,32 @@
+//! Run cli with different args, not starting a server
+
+mod fixtures;
+
+use assert_cmd::prelude::*;
+use clap::ValueEnum;
+use clap_complete::Shell;
+use fixtures::Error;
+use std::process::Command;
+
+#[test]
+/// Show help and exit.
+fn help_shows() -> Result<(), Error> {
+    Command::cargo_bin("dufs")?.arg("-h").assert().success();
+
+    Ok(())
+}
+
+#[test]
+/// Print completions and exit.
+fn print_completions() -> Result<(), Error> {
+    // let shell_enums = EnumValueParser::<Shell>::new();
+    for shell in Shell::value_variants() {
+        Command::cargo_bin("dufs")?
+            .arg("--completions")
+            .arg(shell.to_string())
+            .assert()
+            .success();
+    }
+
+    Ok(())
+}

tests/cors.rs

@@ -0,0 +1,33 @@
+mod fixtures;
+mod utils;
+
+use fixtures::{server, Error, TestServer};
+use rstest::rstest;
+
+#[rstest]
+fn cors(#[with(&["--enable-cors"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(server.url())?;
+    assert_eq!(
+        resp.headers().get("access-control-allow-origin").unwrap(),
+        "*"
+    );
+    assert_eq!(
+        resp.headers()
+            .get("access-control-allow-credentials")
+            .unwrap(),
+        "true"
+    );
+    assert_eq!(
+        resp.headers().get("access-control-allow-methods").unwrap(),
+        "*"
+    );
+    assert_eq!(
+        resp.headers().get("access-control-allow-headers").unwrap(),
+        "Authorization,*"
+    );
+    assert_eq!(
+        resp.headers().get("access-control-expose-headers").unwrap(),
+        "Authorization,*"
+    );
+    Ok(())
+}

tests/data/cert.pem

@@ -0,0 +1,29 @@
+-----BEGIN CERTIFICATE-----
+MIIFCTCCAvGgAwIBAgIUcegjikATvwNSIbN43QybKWIcKSMwDQYJKoZIhvcNAQEL
+BQAwFDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTIyMDYxMTA4NTQyMloXDTMyMDYw
+ODA4NTQyMlowFDESMBAGA1UEAwwJbG9jYWxob3N0MIICIjANBgkqhkiG9w0BAQEF
+AAOCAg8AMIICCgKCAgEAo2wdMbFPkX7CAF/Y+hVj5bwm4dlxhwW2Z9Ic2RZFC5w2
+oK2XwyasDBEqDlgv/bN4xObAVlDZ/4/SuTVSDrNB8dtQl7GTWptpbFKJUdNocU88
+wqd4k/cLZg2aiQqnZKD88w/AxXnYw+F8yU0pFGj9GX0S5at3/V1hrBVxVO8Y99bb
+gnJA8NMm0Pw2xYZS++ULuzoECk0xbNdtbtPrIuweI5mMvsJvtiw67EIdl3N9Lj5p
+L4a7X1C0Xk5H4mOcwM0qq3m31HsCW91PMCjU6suo764rx5Jqv0n9HCNxdiSEadCw
+f+GrmKtFOw3DcGPETg5AJR8H3rG1agKKjI+vRtL/tZ7coFOhZKXdjGvvUFcWcqO+
+GppHh16pzJDXi2qeD9Cu5b2ayM2uBnfV7Q3FjOeDqD+BCJ0ClaqNmAD9TF2htzdu
+Inl+G3OJb4cqaYjaF5YmiZISfrimK5eR2I3et5cqnbuDHMKvDfUd9Jgj/2IqPOHJ
+EguuXSO7WNKfQmlTv7EN/xrD6jiB/M8ADaSxjCqTbtKNyCbJlu2Wy9WlDXwPkNW8
+g70T4Br4U4Iy3N/0w2lAAhiizdC2jkehSKmWE2nmixGSXxkSOMgXQXDJ9RBtDQfd
+8ym/ADfyVndUSnHvf9jCH1NPHlFbB7RVSvUHX22Qq63NUvhV32ct+/IyD/qPpl0C
+AwEAAaNTMFEwHQYDVR0OBBYEFKwSSbPXBIkmzja3/cNJyqhWy96WMB8GA1UdIwQY
+MBaAFKwSSbPXBIkmzja3/cNJyqhWy96WMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZI
+hvcNAQELBQADggIBAHcrdu1nGDN5YvcHXzbBx73AC921fmn5xxzeFRO7af157g5h
+4zornLMk4Obp+UGkMbWK4K0NAQXKKm5WjcmoOHNRg7TgTE7b1gcVuS4phdwlIqA6
+eZGg+NWZyeaIJNjdHgWgGoe+S+5Ne1I7sDKiEXrOzITJrDcQgBKFF08kqT6UNY2W
+q90m+olPtrewAMgWllpxJ90u4qifPcwP+neDZJim9MhVYtHHeFsmyzlS185iasj8
+sxvp5HDTopmz0tDuiLHvOMKmyf7vapsnbqEGngQi2qV9rBmldyRLnWSe8u/FN31f
+zhSk1ikSm1cQ/iyL898XexSmTafyaF8ELswdIMHkGZkVQurWeKn3/CEDXokXkpMI
+4dlCSgM7SU+XtcjtXbR8/pHpcW2ZnBR0la/qIv81aNKkJeUkTcPC8BUv4jI/oT6z
+LRrvRjMnHJjnADACuutlNRU4/e7h1XuvlXgFHsp63k7GJXouoIwdHjfkErZXsoEX
+WeS+pPatkT7wbhfgYVwglMRIpgCu++htSRCV/lbSuYzCG6mKtxJyy4eslSjpHNPG
+wELDKgzsgLtuTyNfP458O9i8x6wf9J6eVaHe3nqgqkOnnmQxEYnsPaFUMWG1/DYi
+U+mA/VdQrPe3J4Z082sCe4MVmTzWlWCDpNFFQpv51NbWzc/kuIZuJCAwoZD0
+-----END CERTIFICATE-----

tests/data/cert_ecdsa.pem

@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE-----
+MIIBfTCCASOgAwIBAgIUfrAUHXIfeM54OLnTIUD9xT6FIwkwCgYIKoZIzj0EAwIw
+FDESMBAGA1UEAwwJbG9jYWxob3N0MB4XDTIyMDgwMjAxMjQ1NFoXDTMyMDczMDAx
+MjQ1NFowFDESMBAGA1UEAwwJbG9jYWxob3N0MFkwEwYHKoZIzj0CAQYIKoZIzj0D
+AQcDQgAEW4tBe0jF2wYSLCvdreb0izR/8sgKNKkbe4xPyA9uNEbtTk58eoO3944R
+JPT6S5wRTHFpF0BJhQRfiuW4K2EUcaNTMFEwHQYDVR0OBBYEFEebUDkiMJoV2d5W
+8o+6p4DauHFFMB8GA1UdIwQYMBaAFEebUDkiMJoV2d5W8o+6p4DauHFFMA8GA1Ud
+EwEB/wQFMAMBAf8wCgYIKoZIzj0EAwIDSAAwRQIhAPJvmzqaq/S5yYxeB4se8k2z
+6pnVNxrTT2CqdPD8Z+7rAiBZAyU+5+KbQq3aZsmuNUx+YOqTDMkaUR/nd/tjnnOX
+gA==
+-----END CERTIFICATE-----

tests/data/generate_tls_certs.sh

@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+openssl req -subj '/CN=localhost' -x509 -newkey rsa:4096 -keyout key_pkcs8.pem -out cert.pem -nodes -days 3650
+openssl rsa -in key_pkcs8.pem -out key_pkcs1.pem
+openssl ecparam -name prime256v1 -genkey -noout -out key_ecdsa.pem
+openssl req -subj '/CN=localhost' -x509 -key key_ecdsa.pem -out cert_ecdsa.pem -nodes -days 3650

tests/data/key_ecdsa.pem

@@ -0,0 +1,5 @@
+-----BEGIN EC PRIVATE KEY-----
+MHcCAQEEILOQ44lHqD4w12HJKlZJ+Y3u91eUKjabu3UKPSahhC89oAoGCCqGSM49
+AwEHoUQDQgAEW4tBe0jF2wYSLCvdreb0izR/8sgKNKkbe4xPyA9uNEbtTk58eoO3
+944RJPT6S5wRTHFpF0BJhQRfiuW4K2EUcQ==
+-----END EC PRIVATE KEY-----

tests/data/key_pkcs1.pem

@@ -0,0 +1,51 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIJKAIBAAKCAgEAo2wdMbFPkX7CAF/Y+hVj5bwm4dlxhwW2Z9Ic2RZFC5w2oK2X
+wyasDBEqDlgv/bN4xObAVlDZ/4/SuTVSDrNB8dtQl7GTWptpbFKJUdNocU88wqd4
+k/cLZg2aiQqnZKD88w/AxXnYw+F8yU0pFGj9GX0S5at3/V1hrBVxVO8Y99bbgnJA
+8NMm0Pw2xYZS++ULuzoECk0xbNdtbtPrIuweI5mMvsJvtiw67EIdl3N9Lj5pL4a7
+X1C0Xk5H4mOcwM0qq3m31HsCW91PMCjU6suo764rx5Jqv0n9HCNxdiSEadCwf+Gr
+mKtFOw3DcGPETg5AJR8H3rG1agKKjI+vRtL/tZ7coFOhZKXdjGvvUFcWcqO+GppH
+h16pzJDXi2qeD9Cu5b2ayM2uBnfV7Q3FjOeDqD+BCJ0ClaqNmAD9TF2htzduInl+
+G3OJb4cqaYjaF5YmiZISfrimK5eR2I3et5cqnbuDHMKvDfUd9Jgj/2IqPOHJEguu
+XSO7WNKfQmlTv7EN/xrD6jiB/M8ADaSxjCqTbtKNyCbJlu2Wy9WlDXwPkNW8g70T
+4Br4U4Iy3N/0w2lAAhiizdC2jkehSKmWE2nmixGSXxkSOMgXQXDJ9RBtDQfd8ym/
+ADfyVndUSnHvf9jCH1NPHlFbB7RVSvUHX22Qq63NUvhV32ct+/IyD/qPpl0CAwEA
+AQKCAgAPM29DwAp2riO9hSzZlkPEisvTFjbJKG7fGVw1lSy298DdEUicjmxScwZG
+b02He7owFoatgLfGXcpsD9miJGpt5MiKU6oxM2OK/+JmChQc9hHgyVMd8EzPIVTO
+in8njRH6SezUcZEIJ2FEGDlJ/LoONOQdGOYAWz9KknQIQnVAGGwypg4EWJ+zsMIn
+fWcapyOANtVJYATI6wDy3iNxDCWBijbdR5i8iUCx2TSHceai9osyMIYdR5R/cSie
+lkVuaacebCP9T7PYd611/VZQwMDmCn1oAuaLBIbWpzVWl+75KMBCJOuhN80owQ78
+1UrdN9YfndNNk5ocUkAw8uyK2fWO+TcdFddHrx0tnEIsnkzy+Jtp/j5Eq/JGVlSY
+03dck4FIjDSM/M+6HP5R2jfGCsitono03XGjzNsJou0UnordY+VL4qolItoovWkf
+N5hudmbste4gS3/dSvtoByto5SAqUGUS0VNjhsU5w+IyMFK+kImlJthb3+GNF/7h
+NPn4MwuxIFXEy1cVPu+wwoFoL5+7stp68mlYnrxmEIFOJNcjF1urfqCMAXWXxad+
+71TtBiRit5tAZVHjTz9NBkyvCcXOEq3RMEjAzCtTGlduUwNQpmmdCyHk2SnrWieV
+LqyTt55r1FhzEZ0AqHiWmHCNRnqz/PJFBIKfX9YKnkK2xVAgAQKCAQEA0jcvZ0cf
+GGIo8WG/r5mitpnVeQy9XZ+Ic7Js9T73ZLcG+qo/2XDhEXcR4OKZoSMIJIotMIJ1
+TZKdNN9QgFp7IuUWnYpnp2h+Hyfv8h7DHZwohHw4Ys9AJY9j4WVGP/NKVcPrTY/F
+kJ3VHKiVd10FXoNn0qEw5y3oa4zRtRYFrp7gvOoRMwoWADLN/hwuQ2QRrBPt0zth
+qfbeTtQE4g950tkqMy6V6uahkZEvQmSd1UpD35aGKMwxOpK9ew9CAKduftDVOu9x
+3vKAOh0uXs9DxMUfJFKf8ISI2JB3vFmrAJ2l6qSGEdoVdiXkwHdRsaEBJbDrR3uq
+R5ovM0qVk2s23QKCAQEAxwPqqv5SuPPMksBCBSds692cEsXA1xbvw1IsOugqG22f
+CPDSIr0w9c5xU3QSv2BFmaCLJQEVAPoI/jqPMqIdOWC9lSXEuKw297i0r/GAMcNc
+e1N+Xz1ahyVE3Ak65Jwi/vgr0D38thtQJlF//BB0hPFvvt4GQ2E4O5ELwTXIPr46
+wQFGf0IfqvufpHoKiszJ5F5liyTtB50J4Is2CKUMUuXq6XlWMrCNLyaGW42cttci
+gbNAPagnQANHFUIO9M06dAU9WVnUJG9eNDd/tDw0XDLjRqTRXlNoqWRwWMl38ZXi
+HI9oHpOqHjeAXevdu5nkqsmtSQ50LiHOlK9/cO51gQKCAQBHlj9wXkn6lcL3oKAU
+fq9om66U0H/UWDWxoLt2MQEyrRmVV1DzDXu35OKTwNcshq+JMfz9ng+wYRNkJABY
+FXgFhBpVgAKYgf8hQQp3W356oOkzZNIW5BkmMVSEN2ba9FEGL/f7q9BN1VHztn1f
+7q+bZgh/NCFhOMMDjSsFDgDVXImQC+3bgb3IR4Ta2mHu1S8neInu+zPhG47NLWqU
+SUzlPsseLuki23N+DQEZDQaq0eWXSL1bO14wYjRgqeuCKYJ5cUiMD2qpz89W+wUF
+iHO9mJtoVTLeR2QKy/fajnareQQ9idWWUrwoRfNGj9ukL/4iBcO5ziVIyPr17ppN
+X5+JAoIBAClkoCeGlDARzUfsow6tX5NDWZXx+aUDCUVnzvlFlpRz3XMfm6VMEmXd
+1WZVKx0Q6gkFAkvlCLhWSQ6PoX8XhtqLS4M9AsiiUSB/E13Q7ifriU3BVPR8L1sS
+nlrhtJUeAI1lkr9SVUCPN8FwjB0iUwnfqa1aQpU7IFYLWhWKmSarrE6+dCo915ZZ
+lZ/BHnY2F/vewmIJgR9nQ0mnyspLgd+wIIcFDK+oVwUqjyF1t9Wzs2KkpMTuN5Ox
+2tQKFFBIa1L8UAFIlL4rR722mWIkb4OJtgnYeA+Va5xn3pIo/UCLOydTkIVjkyuL
+wbBHQawmWxBGuDsMvY9myq/UPL6BaoECggEBAJeY5OgVbJHB6YageBtUBPe0tLIb
+nrYPYXIPsLycZ+PXo73ASbpbHh6av7CdP288Ouu+zE0P6iAdrIrU41kc+2Tx7K8b
+Qb0pDrX0pQZQAIzoBWKouwra8kSeS1dkiLOLiOhnYDn+OYE4tN5ePe7AlBk7b1/x
+ybNuCyTYdaH1uPaI56RaPB8aHJXnxtPHUvYm0oMfm3EPjgF/FjGdpE7rPcdYWqKU
+Ek5UPmcGVVs+yHRSsEDna5zXBqQoDaLn+7KfgcO8UxhhL2cdcQ2vsC1C7QIPu043
+lAIXge5d+1hNwrZjHw/9SkV3UItnEGnxyaZ2NMmRKjdT3g2ilTgkAB2w/Kk=
+-----END RSA PRIVATE KEY-----

tests/data/key_pkcs8.pem

@@ -0,0 +1,52 @@
+-----BEGIN PRIVATE KEY-----
+MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQCjbB0xsU+RfsIA
+X9j6FWPlvCbh2XGHBbZn0hzZFkULnDagrZfDJqwMESoOWC/9s3jE5sBWUNn/j9K5
+NVIOs0Hx21CXsZNam2lsUolR02hxTzzCp3iT9wtmDZqJCqdkoPzzD8DFedjD4XzJ
+TSkUaP0ZfRLlq3f9XWGsFXFU7xj31tuCckDw0ybQ/DbFhlL75Qu7OgQKTTFs121u
+0+si7B4jmYy+wm+2LDrsQh2Xc30uPmkvhrtfULReTkfiY5zAzSqrebfUewJb3U8w
+KNTqy6jvrivHkmq/Sf0cI3F2JIRp0LB/4auYq0U7DcNwY8RODkAlHwfesbVqAoqM
+j69G0v+1ntygU6Fkpd2Ma+9QVxZyo74amkeHXqnMkNeLap4P0K7lvZrIza4Gd9Xt
+DcWM54OoP4EInQKVqo2YAP1MXaG3N24ieX4bc4lvhyppiNoXliaJkhJ+uKYrl5HY
+jd63lyqdu4Mcwq8N9R30mCP/Yio84ckSC65dI7tY0p9CaVO/sQ3/GsPqOIH8zwAN
+pLGMKpNu0o3IJsmW7ZbL1aUNfA+Q1byDvRPgGvhTgjLc3/TDaUACGKLN0LaOR6FI
+qZYTaeaLEZJfGRI4yBdBcMn1EG0NB93zKb8AN/JWd1RKce9/2MIfU08eUVsHtFVK
+9QdfbZCrrc1S+FXfZy378jIP+o+mXQIDAQABAoICAA8zb0PACnauI72FLNmWQ8SK
+y9MWNskobt8ZXDWVLLb3wN0RSJyObFJzBkZvTYd7ujAWhq2At8ZdymwP2aIkam3k
+yIpTqjEzY4r/4mYKFBz2EeDJUx3wTM8hVM6KfyeNEfpJ7NRxkQgnYUQYOUn8ug40
+5B0Y5gBbP0qSdAhCdUAYbDKmDgRYn7Owwid9ZxqnI4A21UlgBMjrAPLeI3EMJYGK
+Nt1HmLyJQLHZNIdx5qL2izIwhh1HlH9xKJ6WRW5ppx5sI/1Ps9h3rXX9VlDAwOYK
+fWgC5osEhtanNVaX7vkowEIk66E3zSjBDvzVSt031h+d002TmhxSQDDy7IrZ9Y75
+Nx0V10evHS2cQiyeTPL4m2n+PkSr8kZWVJjTd1yTgUiMNIz8z7oc/lHaN8YKyK2i
+ejTdcaPM2wmi7RSeit1j5UviqiUi2ii9aR83mG52Zuy17iBLf91K+2gHK2jlICpQ
+ZRLRU2OGxTnD4jIwUr6QiaUm2Fvf4Y0X/uE0+fgzC7EgVcTLVxU+77DCgWgvn7uy
+2nryaVievGYQgU4k1yMXW6t+oIwBdZfFp37vVO0GJGK3m0BlUeNPP00GTK8Jxc4S
+rdEwSMDMK1MaV25TA1CmaZ0LIeTZKetaJ5UurJO3nmvUWHMRnQCoeJaYcI1GerP8
+8kUEgp9f1gqeQrbFUCABAoIBAQDSNy9nRx8YYijxYb+vmaK2mdV5DL1dn4hzsmz1
+Pvdktwb6qj/ZcOERdxHg4pmhIwgkii0wgnVNkp0031CAWnsi5RadimenaH4fJ+/y
+HsMdnCiEfDhiz0Alj2PhZUY/80pVw+tNj8WQndUcqJV3XQVeg2fSoTDnLehrjNG1
+FgWunuC86hEzChYAMs3+HC5DZBGsE+3TO2Gp9t5O1ATiD3nS2SozLpXq5qGRkS9C
+ZJ3VSkPfloYozDE6kr17D0IAp25+0NU673He8oA6HS5ez0PExR8kUp/whIjYkHe8
+WasAnaXqpIYR2hV2JeTAd1GxoQElsOtHe6pHmi8zSpWTazbdAoIBAQDHA+qq/lK4
+88ySwEIFJ2zr3ZwSxcDXFu/DUiw66CobbZ8I8NIivTD1znFTdBK/YEWZoIslARUA
++gj+Oo8yoh05YL2VJcS4rDb3uLSv8YAxw1x7U35fPVqHJUTcCTrknCL++CvQPfy2
+G1AmUX/8EHSE8W++3gZDYTg7kQvBNcg+vjrBAUZ/Qh+q+5+kegqKzMnkXmWLJO0H
+nQngizYIpQxS5erpeVYysI0vJoZbjZy21yKBs0A9qCdAA0cVQg70zTp0BT1ZWdQk
+b140N3+0PDRcMuNGpNFeU2ipZHBYyXfxleIcj2gek6oeN4Bd6927meSqya1JDnQu
+Ic6Ur39w7nWBAoIBAEeWP3BeSfqVwvegoBR+r2ibrpTQf9RYNbGgu3YxATKtGZVX
+UPMNe7fk4pPA1yyGr4kx/P2eD7BhE2QkAFgVeAWEGlWAApiB/yFBCndbfnqg6TNk
+0hbkGSYxVIQ3Ztr0UQYv9/ur0E3VUfO2fV/ur5tmCH80IWE4wwONKwUOANVciZAL
+7duBvchHhNraYe7VLyd4ie77M+Ebjs0tapRJTOU+yx4u6SLbc34NARkNBqrR5ZdI
+vVs7XjBiNGCp64IpgnlxSIwPaqnPz1b7BQWIc72Ym2hVMt5HZArL99qOdqt5BD2J
+1ZZSvChF80aP26Qv/iIFw7nOJUjI+vXumk1fn4kCggEAKWSgJ4aUMBHNR+yjDq1f
+k0NZlfH5pQMJRWfO+UWWlHPdcx+bpUwSZd3VZlUrHRDqCQUCS+UIuFZJDo+hfxeG
+2otLgz0CyKJRIH8TXdDuJ+uJTcFU9HwvWxKeWuG0lR4AjWWSv1JVQI83wXCMHSJT
+Cd+prVpClTsgVgtaFYqZJqusTr50Kj3XllmVn8EedjYX+97CYgmBH2dDSafKykuB
+37AghwUMr6hXBSqPIXW31bOzYqSkxO43k7Ha1AoUUEhrUvxQAUiUvitHvbaZYiRv
+g4m2Cdh4D5VrnGfekij9QIs7J1OQhWOTK4vBsEdBrCZbEEa4Owy9j2bKr9Q8voFq
+gQKCAQEAl5jk6BVskcHphqB4G1QE97S0shuetg9hcg+wvJxn49ejvcBJulseHpq/
+sJ0/bzw6677MTQ/qIB2sitTjWRz7ZPHsrxtBvSkOtfSlBlAAjOgFYqi7CtryRJ5L
+V2SIs4uI6GdgOf45gTi03l497sCUGTtvX/HJs24LJNh1ofW49ojnpFo8HxoclefG
+08dS9ibSgx+bcQ+OAX8WMZ2kTus9x1haopQSTlQ+ZwZVWz7IdFKwQOdrnNcGpCgN
+ouf7sp+Bw7xTGGEvZx1xDa+wLULtAg+7TjeUAheB7l37WE3CtmMfD/1KRXdQi2cQ
+afHJpnY0yZEqN1PeDaKVOCQAHbD8qQ==
+-----END PRIVATE KEY-----

tests/fixtures.rs

@@ -0,0 +1,193 @@
+use assert_cmd::prelude::*;
+use assert_fs::fixture::TempDir;
+use assert_fs::prelude::*;
+use port_check::free_local_port;
+use reqwest::Url;
+use rstest::fixture;
+use std::process::{Child, Command, Stdio};
+use std::thread::sleep;
+use std::time::{Duration, Instant};
+
+#[allow(dead_code)]
+pub type Error = Box<dyn std::error::Error>;
+
+#[allow(dead_code)]
+pub const BIN_FILE: &str = "😀.bin";
+
+/// File names for testing purpose
+#[allow(dead_code)]
+pub static FILES: &[&str] = &["test.txt", "test.html", "index.html", BIN_FILE];
+
+/// Directory names for testing directory don't exist
+#[allow(dead_code)]
+pub static DIR_NO_FOUND: &str = "dir-no-found/";
+
+/// Directory names for testing directory don't have index.html
+#[allow(dead_code)]
+pub static DIR_NO_INDEX: &str = "dir-no-index/";
+
+/// Directory names for testing hidden
+#[allow(dead_code)]
+pub static DIR_GIT: &str = ".git/";
+
+/// Directory names for testings assets override
+#[allow(dead_code)]
+pub static DIR_ASSETS: &str = "dir-assets/";
+
+/// Directory names for testing purpose
+#[allow(dead_code)]
+pub static DIRECTORIES: &[&str] = &["dir1/", "dir2/", "dir3/", DIR_NO_INDEX, DIR_GIT, DIR_ASSETS];
+
+/// Test fixture which creates a temporary directory with a few files and directories inside.
+/// The directories also contain files.
+#[fixture]
+#[allow(dead_code)]
+pub fn tmpdir() -> TempDir {
+    let tmpdir = assert_fs::TempDir::new().expect("Couldn't create a temp dir for tests");
+    for file in FILES {
+        if *file == BIN_FILE {
+            tmpdir.child(file).write_binary(b"bin\0\x00123").unwrap();
+        } else {
+            tmpdir
+                .child(file)
+                .write_str(&format!("This is {file}"))
+                .unwrap();
+        }
+    }
+    for directory in DIRECTORIES {
+        if *directory == DIR_ASSETS {
+            tmpdir
+                .child(format!("{}{}", directory, "index.html"))
+                .write_str("__ASSETS_PREFIX__index.js;DATA = __INDEX_DATA__")
+                .unwrap();
+        } else {
+            for file in FILES {
+                if *directory == DIR_NO_INDEX && *file == "index.html" {
+                    continue;
+                }
+                if *file == BIN_FILE {
+                    tmpdir
+                        .child(format!("{directory}{file}"))
+                        .write_binary(b"bin\0\x00123")
+                        .unwrap();
+                } else {
+                    tmpdir
+                        .child(format!("{directory}{file}"))
+                        .write_str(&format!("This is {directory}{file}"))
+                        .unwrap();
+                }
+            }
+        }
+    }
+    tmpdir.child("dir4/hidden").touch().unwrap();
+    tmpdir
+        .child("content-types/bin.tar")
+        .write_binary(b"\x7f\x45\x4c\x46\x02\x01\x00\x00")
+        .unwrap();
+    tmpdir
+        .child("content-types/bin")
+        .write_binary(b"\x7f\x45\x4c\x46\x02\x01\x00\x00")
+        .unwrap();
+    tmpdir
+        .child("content-types/file-utf8.txt")
+        .write_str("世界")
+        .unwrap();
+    tmpdir
+        .child("content-types/file-gbk.txt")
+        .write_binary(b"\xca\xc0\xbd\xe7")
+        .unwrap();
+    tmpdir
+        .child("content-types/file")
+        .write_str("世界")
+        .unwrap();
+
+    tmpdir
+}
+
+/// Get a free port.
+#[fixture]
+#[allow(dead_code)]
+pub fn port() -> u16 {
+    free_local_port().expect("Couldn't find a free local port")
+}
+
+/// Run dufs as a server; Start with a temporary directory, a free port and some
+/// optional arguments then wait for a while for the server setup to complete.
+#[fixture]
+#[allow(dead_code)]
+pub fn server<I>(#[default(&[] as &[&str])] args: I) -> TestServer
+where
+    I: IntoIterator + Clone,
+    I::Item: AsRef<std::ffi::OsStr>,
+{
+    let port = port();
+    let tmpdir = tmpdir();
+    let child = Command::cargo_bin("dufs")
+        .expect("Couldn't find test binary")
+        .arg(tmpdir.path())
+        .arg("-p")
+        .arg(port.to_string())
+        .args(args.clone())
+        .stdout(Stdio::null())
+        .spawn()
+        .expect("Couldn't run test binary");
+    let is_tls = args
+        .into_iter()
+        .any(|x| x.as_ref().to_str().unwrap().contains("tls"));
+
+    wait_for_port(port);
+    TestServer::new(port, tmpdir, child, is_tls)
+}
+
+/// Wait a max of 1s for the port to become available.
+pub fn wait_for_port(port: u16) {
+    let start_wait = Instant::now();
+
+    while !port_check::is_port_reachable(format!("localhost:{port}")) {
+        sleep(Duration::from_millis(100));
+
+        if start_wait.elapsed().as_secs() > 1 {
+            panic!("timeout waiting for port {port}");
+        }
+    }
+}
+
+#[allow(dead_code)]
+pub struct TestServer {
+    port: u16,
+    tmpdir: TempDir,
+    child: Child,
+    is_tls: bool,
+}
+
+#[allow(dead_code)]
+impl TestServer {
+    pub fn new(port: u16, tmpdir: TempDir, child: Child, is_tls: bool) -> Self {
+        Self {
+            port,
+            tmpdir,
+            child,
+            is_tls,
+        }
+    }
+
+    pub fn url(&self) -> Url {
+        let protocol = if self.is_tls { "https" } else { "http" };
+        Url::parse(&format!("{}://localhost:{}", protocol, self.port)).unwrap()
+    }
+
+    pub fn path(&self) -> &std::path::Path {
+        self.tmpdir.path()
+    }
+
+    pub fn port(&self) -> u16 {
+        self.port
+    }
+}
+
+impl Drop for TestServer {
+    fn drop(&mut self) {
+        self.child.kill().expect("Couldn't kill test server");
+        self.child.wait().unwrap();
+    }
+}

tests/hidden.rs

@@ -0,0 +1,72 @@
+mod fixtures;
+mod utils;
+
+use fixtures::{server, Error, TestServer};
+use rstest::rstest;
+
+#[rstest]
+#[case(server(&[] as &[&str]), true)]
+#[case(server(&["--hidden", ".git,index.html"]), false)]
+fn hidden_get_dir(#[case] server: TestServer, #[case] exist: bool) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(server.url())?;
+    assert_eq!(resp.status(), 200);
+    let paths = utils::retrieve_index_paths(&resp.text()?);
+    assert!(paths.contains("dir1/"));
+    assert_eq!(paths.contains(".git/"), exist);
+    assert_eq!(paths.contains("index.html"), exist);
+    Ok(())
+}
+
+#[rstest]
+#[case(server(&[] as &[&str]), true)]
+#[case(server(&["--hidden", "*.html"]), false)]
+fn hidden_get_dir2(#[case] server: TestServer, #[case] exist: bool) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(server.url())?;
+    assert_eq!(resp.status(), 200);
+    let paths = utils::retrieve_index_paths(&resp.text()?);
+    assert!(paths.contains("dir1/"));
+    assert_eq!(paths.contains("index.html"), exist);
+    assert_eq!(paths.contains("test.html"), exist);
+    Ok(())
+}
+
+#[rstest]
+#[case(server(&[] as &[&str]), true)]
+#[case(server(&["--hidden", ".git,index.html"]), false)]
+fn hidden_propfind_dir(#[case] server: TestServer, #[case] exist: bool) -> Result<(), Error> {
+    let resp = fetch!(b"PROPFIND", server.url()).send()?;
+    assert_eq!(resp.status(), 207);
+    let body = resp.text()?;
+    assert!(body.contains("<D:href>/dir1/</D:href>"));
+    assert_eq!(body.contains("<D:href>/.git/</D:href>"), exist);
+    assert_eq!(body.contains("<D:href>/index.html</D:href>"), exist);
+    Ok(())
+}
+
+#[rstest]
+#[case(server(&["--allow-search"] as &[&str]), true)]
+#[case(server(&["--allow-search", "--hidden", ".git,test.html"]), false)]
+fn hidden_search_dir(#[case] server: TestServer, #[case] exist: bool) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}?q={}", server.url(), "test.html"))?;
+    assert_eq!(resp.status(), 200);
+    let paths = utils::retrieve_index_paths(&resp.text()?);
+    for p in paths {
+        assert_eq!(p.contains("test.html"), exist);
+    }
+    Ok(())
+}
+
+#[rstest]
+#[case(server(&["--hidden", "hidden/"]), "dir4/", 1)]
+#[case(server(&["--hidden", "hidden"]), "dir4/", 0)]
+fn hidden_dir_noly(
+    #[case] server: TestServer,
+    #[case] dir: &str,
+    #[case] count: usize,
+) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}{}", server.url(), dir))?;
+    assert_eq!(resp.status(), 200);
+    let paths = utils::retrieve_index_paths(&resp.text()?);
+    assert_eq!(paths.len(), count);
+    Ok(())
+}

tests/http.rs

@@ -0,0 +1,317 @@
+mod fixtures;
+mod utils;
+
+use fixtures::{server, Error, TestServer, BIN_FILE};
+use rstest::rstest;
+use serde_json::Value;
+use utils::retrive_edit_file;
+
+#[rstest]
+fn get_dir(server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(server.url())?;
+    assert_resp_paths!(resp);
+    Ok(())
+}
+
+#[rstest]
+fn head_dir(server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"HEAD", server.url()).send()?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(
+        resp.headers().get("content-type").unwrap(),
+        "text/html; charset=utf-8"
+    );
+    assert_eq!(resp.text()?, "");
+    Ok(())
+}
+
+#[rstest]
+fn get_dir_404(server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}404/", server.url()))?;
+    assert_eq!(resp.status(), 404);
+    Ok(())
+}
+
+#[rstest]
+fn head_dir_404(server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"HEAD", format!("{}404/", server.url())).send()?;
+    assert_eq!(resp.status(), 404);
+    Ok(())
+}
+
+#[rstest]
+fn get_dir_zip(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}?zip", server.url()))?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(
+        resp.headers().get("content-type").unwrap(),
+        "application/zip"
+    );
+    assert!(resp.headers().contains_key("content-disposition"));
+    Ok(())
+}
+
+#[rstest]
+fn get_dir_json(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}?json", server.url()))?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(
+        resp.headers().get("content-type").unwrap(),
+        "application/json"
+    );
+    let json: Value = serde_json::from_str(&resp.text().unwrap()).unwrap();
+    assert!(json["paths"].as_array().is_some());
+    Ok(())
+}
+
+#[rstest]
+fn get_dir_simple(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}?simple", server.url()))?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(
+        resp.headers().get("content-type").unwrap(),
+        "text/html; charset=utf-8"
+    );
+    let text = resp.text().unwrap();
+    assert!(text.split('\n').any(|v| v == "index.html"));
+    Ok(())
+}
+
+#[rstest]
+fn head_dir_zip(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"HEAD", format!("{}?zip", server.url())).send()?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(
+        resp.headers().get("content-type").unwrap(),
+        "application/zip"
+    );
+    assert!(resp.headers().contains_key("content-disposition"));
+    assert_eq!(resp.text()?, "");
+    Ok(())
+}
+
+#[rstest]
+fn get_dir_search(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}?q={}", server.url(), "test.html"))?;
+    assert_eq!(resp.status(), 200);
+    let paths = utils::retrieve_index_paths(&resp.text()?);
+    assert!(!paths.is_empty());
+    for p in paths {
+        assert!(p.contains("test.html"));
+    }
+    Ok(())
+}
+
+#[rstest]
+fn get_dir_search2(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}?q={BIN_FILE}", server.url()))?;
+    assert_eq!(resp.status(), 200);
+    let paths = utils::retrieve_index_paths(&resp.text()?);
+    assert!(!paths.is_empty());
+    for p in paths {
+        assert!(p.contains(BIN_FILE));
+    }
+    Ok(())
+}
+
+#[rstest]
+fn get_dir_search3(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}?q={}&simple", server.url(), "test.html"))?;
+    assert_eq!(resp.status(), 200);
+    let text = resp.text().unwrap();
+    assert!(text.split('\n').any(|v| v == "test.html"));
+    Ok(())
+}
+
+#[rstest]
+fn get_dir_search4(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}dir1?q=dir1&simple", server.url()))?;
+    assert_eq!(resp.status(), 200);
+    let text = resp.text().unwrap();
+    assert!(text.is_empty());
+    Ok(())
+}
+
+#[rstest]
+fn head_dir_search(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"HEAD", format!("{}?q={}", server.url(), "test.html")).send()?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(
+        resp.headers().get("content-type").unwrap(),
+        "text/html; charset=utf-8"
+    );
+    assert_eq!(resp.text()?, "");
+    Ok(())
+}
+
+#[rstest]
+fn empty_search(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}?q=", server.url()))?;
+    assert_eq!(resp.status(), 200);
+    let paths = utils::retrieve_index_paths(&resp.text()?);
+    assert!(paths.is_empty());
+    Ok(())
+}
+
+#[rstest]
+fn get_file(server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}index.html", server.url()))?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(
+        resp.headers().get("content-type").unwrap(),
+        "text/html; charset=UTF-8"
+    );
+    assert_eq!(resp.headers().get("accept-ranges").unwrap(), "bytes");
+    assert!(resp.headers().contains_key("etag"));
+    assert!(resp.headers().contains_key("last-modified"));
+    assert!(resp.headers().contains_key("content-length"));
+    assert_eq!(resp.text()?, "This is index.html");
+    Ok(())
+}
+
+#[rstest]
+fn head_file(server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"HEAD", format!("{}index.html", server.url())).send()?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(
+        resp.headers().get("content-type").unwrap(),
+        "text/html; charset=UTF-8"
+    );
+    assert_eq!(resp.headers().get("accept-ranges").unwrap(), "bytes");
+    assert!(resp.headers().contains_key("content-disposition"));
+    assert!(resp.headers().contains_key("etag"));
+    assert!(resp.headers().contains_key("last-modified"));
+    assert!(resp.headers().contains_key("content-length"));
+    assert_eq!(resp.text()?, "");
+    Ok(())
+}
+
+#[rstest]
+fn get_file_404(server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}404", server.url()))?;
+    assert_eq!(resp.status(), 404);
+    Ok(())
+}
+
+#[rstest]
+fn get_file_emoji_path(server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}{BIN_FILE}", server.url()))?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(
+        resp.headers().get("content-disposition").unwrap(),
+        "inline; filename=\"😀.bin\"; filename*=UTF-8''%F0%9F%98%80.bin"
+    );
+    Ok(())
+}
+
+#[rstest]
+fn get_file_edit(server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"GET", format!("{}index.html?edit", server.url())).send()?;
+    assert_eq!(resp.status(), 200);
+    let editable = retrive_edit_file(&resp.text().unwrap()).unwrap();
+    assert!(editable);
+    Ok(())
+}
+
+#[rstest]
+fn get_file_edit_bin(server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"GET", format!("{}{BIN_FILE}?edit", server.url())).send()?;
+    assert_eq!(resp.status(), 200);
+    let editable = retrive_edit_file(&resp.text().unwrap()).unwrap();
+    assert!(!editable);
+    Ok(())
+}
+
+#[rstest]
+fn head_file_404(server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"HEAD", format!("{}404", server.url())).send()?;
+    assert_eq!(resp.status(), 404);
+    Ok(())
+}
+
+#[rstest]
+fn options_dir(server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"OPTIONS", format!("{}index.html", server.url())).send()?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(
+        resp.headers().get("allow").unwrap(),
+        "GET,HEAD,PUT,OPTIONS,DELETE,PROPFIND,COPY,MOVE"
+    );
+    assert_eq!(resp.headers().get("dav").unwrap(), "1,2");
+    Ok(())
+}
+
+#[rstest]
+fn put_file(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let url = format!("{}file1", server.url());
+    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
+    assert_eq!(resp.status(), 201);
+    let resp = reqwest::blocking::get(url)?;
+    assert_eq!(resp.status(), 200);
+    Ok(())
+}
+
+#[rstest]
+fn put_file_create_dir(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let url = format!("{}xyz/file1", server.url());
+    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
+    assert_eq!(resp.status(), 201);
+    let resp = reqwest::blocking::get(url)?;
+    assert_eq!(resp.status(), 200);
+    Ok(())
+}
+
+#[rstest]
+fn put_file_conflict_dir(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let url = format!("{}dir1", server.url());
+    let resp = fetch!(b"PUT", &url).body(b"abc".to_vec()).send()?;
+    assert_eq!(resp.status(), 403);
+    Ok(())
+}
+
+#[rstest]
+fn delete_file(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let url = format!("{}test.html", server.url());
+    let resp = fetch!(b"DELETE", &url).send()?;
+    assert_eq!(resp.status(), 204);
+    let resp = reqwest::blocking::get(url)?;
+    assert_eq!(resp.status(), 404);
+    Ok(())
+}
+
+#[rstest]
+fn delete_file_404(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"DELETE", format!("{}file1", server.url())).send()?;
+    assert_eq!(resp.status(), 404);
+    Ok(())
+}
+
+#[rstest]
+fn get_file_content_type(server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}content-types/bin.tar", server.url()))?;
+    assert_eq!(
+        resp.headers().get("content-type").unwrap(),
+        "application/x-tar"
+    );
+    let resp = reqwest::blocking::get(format!("{}content-types/bin", server.url()))?;
+    assert_eq!(
+        resp.headers().get("content-type").unwrap(),
+        "application/octet-stream"
+    );
+    let resp = reqwest::blocking::get(format!("{}content-types/file-utf8.txt", server.url()))?;
+    assert_eq!(
+        resp.headers().get("content-type").unwrap(),
+        "text/plain; charset=UTF-8"
+    );
+    let resp = reqwest::blocking::get(format!("{}content-types/file-gbk.txt", server.url()))?;
+    assert_eq!(
+        resp.headers().get("content-type").unwrap(),
+        "text/plain; charset=GBK"
+    );
+    let resp = reqwest::blocking::get(format!("{}content-types/file", server.url()))?;
+    assert_eq!(
+        resp.headers().get("content-type").unwrap(),
+        "text/plain; charset=UTF-8"
+    );
+    Ok(())
+}

tests/log_http.rs

@@ -0,0 +1,78 @@
+mod fixtures;
+mod utils;
+
+use diqwest::blocking::WithDigestAuth;
+use fixtures::{port, tmpdir, wait_for_port, Error};
+
+use assert_cmd::prelude::*;
+use assert_fs::fixture::TempDir;
+use rstest::rstest;
+use std::io::Read;
+use std::process::{Command, Stdio};
+
+#[rstest]
+#[case(&["-a", "user:pass@/:rw", "--log-format", "$remote_user"], false)]
+#[case(&["-a", "user:pass@/:rw", "--log-format", "$remote_user", "--auth-method", "basic"], true)]
+fn log_remote_user(
+    tmpdir: TempDir,
+    port: u16,
+    #[case] args: &[&str],
+    #[case] is_basic: bool,
+) -> Result<(), Error> {
+    let mut child = Command::cargo_bin("dufs")?
+        .arg(tmpdir.path())
+        .arg("-p")
+        .arg(port.to_string())
+        .args(args)
+        .stdout(Stdio::piped())
+        .spawn()?;
+
+    wait_for_port(port);
+
+    let stdout = child.stdout.as_mut().expect("Failed to get stdout");
+
+    let req = fetch!(b"GET", &format!("http://localhost:{port}"));
+
+    let resp = if is_basic {
+        req.basic_auth("user", Some("pass")).send()?
+    } else {
+        req.send_with_digest_auth("user", "pass")?
+    };
+
+    assert_eq!(resp.status(), 200);
+
+    let mut buf = [0; 1000];
+    let buf_len = stdout.read(&mut buf)?;
+    let output = std::str::from_utf8(&buf[0..buf_len])?;
+
+    assert!(output.lines().last().unwrap().ends_with("user"));
+
+    child.kill()?;
+    Ok(())
+}
+
+#[rstest]
+#[case(&["--log-format", ""])]
+fn no_log(tmpdir: TempDir, port: u16, #[case] args: &[&str]) -> Result<(), Error> {
+    let mut child = Command::cargo_bin("dufs")?
+        .arg(tmpdir.path())
+        .arg("-p")
+        .arg(port.to_string())
+        .args(args)
+        .stdout(Stdio::piped())
+        .spawn()?;
+
+    wait_for_port(port);
+
+    let stdout = child.stdout.as_mut().expect("Failed to get stdout");
+
+    let resp = fetch!(b"GET", &format!("http://localhost:{port}")).send()?;
+    assert_eq!(resp.status(), 200);
+
+    let mut buf = [0; 1000];
+    let buf_len = stdout.read(&mut buf)?;
+    let output = std::str::from_utf8(&buf[0..buf_len])?;
+
+    assert_eq!(output.lines().last().unwrap(), "");
+    Ok(())
+}

tests/range.rs

@@ -0,0 +1,45 @@
+mod fixtures;
+mod utils;
+
+use fixtures::{server, Error, TestServer};
+use headers::HeaderValue;
+use rstest::rstest;
+
+#[rstest]
+fn get_file_range(server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"GET", format!("{}index.html", server.url()))
+        .header("range", HeaderValue::from_static("bytes=0-6"))
+        .send()?;
+    assert_eq!(resp.status(), 206);
+    assert_eq!(resp.headers().get("content-range").unwrap(), "bytes 0-6/18");
+    assert_eq!(resp.headers().get("accept-ranges").unwrap(), "bytes");
+    assert_eq!(resp.headers().get("content-length").unwrap(), "7");
+    assert_eq!(resp.text()?, "This is");
+    Ok(())
+}
+
+#[rstest]
+fn get_file_range_beyond(server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"GET", format!("{}index.html", server.url()))
+        .header("range", HeaderValue::from_static("bytes=12-20"))
+        .send()?;
+    assert_eq!(resp.status(), 206);
+    assert_eq!(
+        resp.headers().get("content-range").unwrap(),
+        "bytes 12-17/18"
+    );
+    assert_eq!(resp.headers().get("accept-ranges").unwrap(), "bytes");
+    assert_eq!(resp.headers().get("content-length").unwrap(), "6");
+    assert_eq!(resp.text()?, "x.html");
+    Ok(())
+}
+
+#[rstest]
+fn get_file_range_invalid(server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"GET", format!("{}index.html", server.url()))
+        .header("range", HeaderValue::from_static("bytes=20-"))
+        .send()?;
+    assert_eq!(resp.status(), 416);
+    assert_eq!(resp.headers().get("content-range").unwrap(), "bytes */18");
+    Ok(())
+}

tests/render.rs

@@ -0,0 +1,80 @@
+mod fixtures;
+mod utils;
+
+use fixtures::{server, Error, TestServer, BIN_FILE, DIR_NO_FOUND, DIR_NO_INDEX, FILES};
+use rstest::rstest;
+
+#[rstest]
+fn render_index(#[with(&["--render-index"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(server.url())?;
+    let text = resp.text()?;
+    assert_eq!(text, "This is index.html");
+    Ok(())
+}
+
+#[rstest]
+fn render_index2(#[with(&["--render-index"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}{}", server.url(), DIR_NO_INDEX))?;
+    assert_eq!(resp.status(), 404);
+    Ok(())
+}
+
+#[rstest]
+fn render_try_index(#[with(&["--render-try-index"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(server.url())?;
+    let text = resp.text()?;
+    assert_eq!(text, "This is index.html");
+    Ok(())
+}
+
+#[rstest]
+fn render_try_index2(#[with(&["--render-try-index"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}{}", server.url(), DIR_NO_INDEX))?;
+    let files: Vec<&str> = FILES
+        .iter()
+        .filter(|v| **v != "index.html")
+        .cloned()
+        .collect();
+    assert_resp_paths!(resp, files);
+    Ok(())
+}
+
+#[rstest]
+fn render_try_index3(
+    #[with(&["--render-try-index", "--allow-archive"])] server: TestServer,
+) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}{}?zip", server.url(), DIR_NO_INDEX))?;
+    assert_eq!(resp.status(), 200);
+    assert_eq!(
+        resp.headers().get("content-type").unwrap(),
+        "application/zip"
+    );
+    Ok(())
+}
+
+#[rstest]
+#[case(server(&["--render-try-index"] as &[&str]), false)]
+#[case(server(&["--render-try-index", "--allow-search"] as &[&str]), true)]
+fn render_try_index4(#[case] server: TestServer, #[case] searched: bool) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}{}?q={}", server.url(), DIR_NO_INDEX, BIN_FILE))?;
+    assert_eq!(resp.status(), 200);
+    let paths = utils::retrieve_index_paths(&resp.text()?);
+    assert_eq!(paths.iter().all(|v| v.contains(BIN_FILE)), searched);
+    Ok(())
+}
+
+#[rstest]
+fn render_spa(#[with(&["--render-spa"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(server.url())?;
+    let text = resp.text()?;
+    assert_eq!(text, "This is index.html");
+    Ok(())
+}
+
+#[rstest]
+fn render_spa2(#[with(&["--render-spa"])] server: TestServer) -> Result<(), Error> {
+    let resp = reqwest::blocking::get(format!("{}{}", server.url(), DIR_NO_FOUND))?;
+    let text = resp.text()?;
+    assert_eq!(text, "This is index.html");
+    Ok(())
+}

tests/single_file.rs

@@ -0,0 +1,60 @@
+//! Run file server with different args
+
+mod fixtures;
+mod utils;
+
+use assert_cmd::prelude::*;
+use assert_fs::fixture::TempDir;
+use fixtures::{port, tmpdir, wait_for_port, Error};
+use rstest::rstest;
+use std::process::{Command, Stdio};
+
+#[rstest]
+#[case("index.html")]
+fn single_file(tmpdir: TempDir, port: u16, #[case] file: &str) -> Result<(), Error> {
+    let mut child = Command::cargo_bin("dufs")?
+        .arg(tmpdir.path().join(file))
+        .arg("-p")
+        .arg(port.to_string())
+        .stdout(Stdio::piped())
+        .spawn()?;
+
+    wait_for_port(port);
+
+    let resp = reqwest::blocking::get(format!("http://localhost:{port}"))?;
+    assert_eq!(resp.text()?, "This is index.html");
+    let resp = reqwest::blocking::get(format!("http://localhost:{port}/"))?;
+    assert_eq!(resp.text()?, "This is index.html");
+    let resp = reqwest::blocking::get(format!("http://localhost:{port}/index.html"))?;
+    assert_eq!(resp.text()?, "This is index.html");
+
+    child.kill()?;
+    Ok(())
+}
+
+#[rstest]
+#[case("index.html")]
+fn path_prefix_single_file(tmpdir: TempDir, port: u16, #[case] file: &str) -> Result<(), Error> {
+    let mut child = Command::cargo_bin("dufs")?
+        .arg(tmpdir.path().join(file))
+        .arg("-p")
+        .arg(port.to_string())
+        .arg("--path-prefix")
+        .arg("xyz")
+        .stdout(Stdio::piped())
+        .spawn()?;
+
+    wait_for_port(port);
+
+    let resp = reqwest::blocking::get(format!("http://localhost:{port}/xyz"))?;
+    assert_eq!(resp.text()?, "This is index.html");
+    let resp = reqwest::blocking::get(format!("http://localhost:{port}/xyz/"))?;
+    assert_eq!(resp.text()?, "This is index.html");
+    let resp = reqwest::blocking::get(format!("http://localhost:{port}/xyz/index.html"))?;
+    assert_eq!(resp.text()?, "This is index.html");
+    let resp = reqwest::blocking::get(format!("http://localhost:{port}"))?;
+    assert_eq!(resp.status(), 403);
+
+    child.kill()?;
+    Ok(())
+}

tests/sort.rs

@@ -0,0 +1,29 @@
+mod fixtures;
+mod utils;
+
+use fixtures::{server, Error, TestServer};
+use rstest::rstest;
+
+#[rstest]
+fn ls_dir_sort_by_name(server: TestServer) -> Result<(), Error> {
+    let url = server.url();
+    let resp = reqwest::blocking::get(format!("{url}?sort=name&order=asc"))?;
+    let paths1 = self::utils::retrieve_index_paths(&resp.text()?);
+    let resp = reqwest::blocking::get(format!("{url}?sort=name&order=desc"))?;
+    let mut paths2 = self::utils::retrieve_index_paths(&resp.text()?);
+    paths2.reverse();
+    assert_eq!(paths1, paths2);
+    Ok(())
+}
+
+#[rstest]
+fn search_dir_sort_by_name(server: TestServer) -> Result<(), Error> {
+    let url = server.url();
+    let resp = reqwest::blocking::get(format!("{url}?q=test.html&sort=name&order=asc"))?;
+    let paths1 = self::utils::retrieve_index_paths(&resp.text()?);
+    let resp = reqwest::blocking::get(format!("{url}?q=test.html&sort=name&order=desc"))?;
+    let mut paths2 = self::utils::retrieve_index_paths(&resp.text()?);
+    paths2.reverse();
+    assert_eq!(paths1, paths2);
+    Ok(())
+}

tests/symlink.rs

@@ -0,0 +1,46 @@
+mod fixtures;
+mod utils;
+
+use assert_fs::fixture::TempDir;
+use fixtures::{server, tmpdir, Error, TestServer};
+use rstest::rstest;
+
+#[cfg(unix)]
+use std::os::unix::fs::symlink as symlink_dir;
+#[cfg(windows)]
+use std::os::windows::fs::symlink_dir;
+
+#[rstest]
+fn default_not_allow_symlink(server: TestServer, tmpdir: TempDir) -> Result<(), Error> {
+    // Create symlink directory "foo" to point outside the root
+    let dir = "foo";
+    symlink_dir(tmpdir.path(), server.path().join(dir)).expect("Couldn't create symlink");
+    let resp = reqwest::blocking::get(format!("{}{}", server.url(), dir))?;
+    assert_eq!(resp.status(), 404);
+    let resp = reqwest::blocking::get(format!("{}{}/index.html", server.url(), dir))?;
+    assert_eq!(resp.status(), 404);
+    let resp = reqwest::blocking::get(server.url())?;
+    let paths = utils::retrieve_index_paths(&resp.text()?);
+    assert!(!paths.is_empty());
+    assert!(!paths.contains(&format!("{dir}/")));
+    Ok(())
+}
+
+#[rstest]
+fn allow_symlink(
+    #[with(&["--allow-symlink"])] server: TestServer,
+    tmpdir: TempDir,
+) -> Result<(), Error> {
+    // Create symlink directory "foo" to point outside the root
+    let dir = "foo";
+    symlink_dir(tmpdir.path(), server.path().join(dir)).expect("Couldn't create symlink");
+    let resp = reqwest::blocking::get(format!("{}{}", server.url(), dir))?;
+    assert_eq!(resp.status(), 200);
+    let resp = reqwest::blocking::get(format!("{}{}/index.html", server.url(), dir))?;
+    assert_eq!(resp.status(), 200);
+    let resp = reqwest::blocking::get(server.url())?;
+    let paths = utils::retrieve_index_paths(&resp.text()?);
+    assert!(!paths.is_empty());
+    assert!(paths.contains(&format!("{dir}/")));
+    Ok(())
+}

tests/tls.rs

@@ -0,0 +1,55 @@
+mod fixtures;
+mod utils;
+
+use assert_cmd::Command;
+use fixtures::{server, Error, TestServer};
+use predicates::str::contains;
+use reqwest::blocking::ClientBuilder;
+use rstest::rstest;
+
+/// Can start the server with TLS and receive encrypted responses.
+#[rstest]
+#[case(server(&[
+        "--tls-cert", "tests/data/cert.pem",
+        "--tls-key", "tests/data/key_pkcs8.pem",
+]))]
+#[case(server(&[
+        "--tls-cert", "tests/data/cert.pem",
+        "--tls-key", "tests/data/key_pkcs1.pem",
+]))]
+#[case(server(&[
+        "--tls-cert", "tests/data/cert_ecdsa.pem",
+        "--tls-key", "tests/data/key_ecdsa.pem",
+]))]
+fn tls_works(#[case] server: TestServer) -> Result<(), Error> {
+    let client = ClientBuilder::new()
+        .danger_accept_invalid_certs(true)
+        .build()?;
+    let resp = client.get(server.url()).send()?.error_for_status()?;
+    assert_resp_paths!(resp);
+    Ok(())
+}
+
+/// Wrong path for cert throws error.
+#[rstest]
+fn wrong_path_cert() -> Result<(), Error> {
+    Command::cargo_bin("dufs")?
+        .args(["--tls-cert", "wrong", "--tls-key", "tests/data/key.pem"])
+        .assert()
+        .failure()
+        .stderr(contains("Failed to access `wrong`"));
+
+    Ok(())
+}
+
+/// Wrong paths for key throws errors.
+#[rstest]
+fn wrong_path_key() -> Result<(), Error> {
+    Command::cargo_bin("dufs")?
+        .args(["--tls-cert", "tests/data/cert.pem", "--tls-key", "wrong"])
+        .assert()
+        .failure()
+        .stderr(contains("Failed to access `wrong`"));
+
+    Ok(())
+}

tests/utils.rs

@@ -0,0 +1,69 @@
+use indexmap::IndexSet;
+use serde_json::Value;
+
+#[macro_export]
+macro_rules! assert_resp_paths {
+    ($resp:ident) => {
+        assert_resp_paths!($resp, self::fixtures::FILES)
+    };
+    ($resp:ident, $files:expr) => {
+        assert_eq!($resp.status(), 200);
+        let body = $resp.text()?;
+        let paths = self::utils::retrieve_index_paths(&body);
+        assert!(!paths.is_empty());
+        for file in $files {
+            assert!(paths.contains(&file.to_string()));
+        }
+    };
+}
+
+#[macro_export]
+macro_rules! fetch {
+    ($method:literal, $url:expr) => {
+        reqwest::blocking::Client::new().request(hyper::Method::from_bytes($method)?, $url)
+    };
+}
+
+#[allow(dead_code)]
+pub fn retrieve_index_paths(content: &str) -> IndexSet<String> {
+    let value = retrive_json(content).unwrap();
+    let paths = value
+        .get("paths")
+        .unwrap()
+        .as_array()
+        .unwrap()
+        .iter()
+        .flat_map(|v| {
+            let name = v.get("name")?.as_str()?;
+            let path_type = v.get("path_type")?.as_str()?;
+            if path_type.ends_with("Dir") {
+                Some(format!("{name}/"))
+            } else {
+                Some(name.to_owned())
+            }
+        })
+        .collect();
+    paths
+}
+
+#[allow(dead_code)]
+pub fn retrive_edit_file(content: &str) -> Option<bool> {
+    let value = retrive_json(content)?;
+    let value = value.get("editable").unwrap();
+    Some(value.as_bool().unwrap())
+}
+
+#[allow(dead_code)]
+pub fn encode_uri(v: &str) -> String {
+    let parts: Vec<_> = v.split('/').map(urlencoding::encode).collect();
+    parts.join("/")
+}
+
+#[allow(dead_code)]
+pub fn retrive_json(content: &str) -> Option<Value> {
+    let lines: Vec<&str> = content.lines().collect();
+    let line = lines.iter().find(|v| v.contains("DATA ="))?;
+    let line_col = line.find("DATA =").unwrap() + 6;
+    let value: Value = line[line_col..].parse().unwrap();
+    Some(value)
+}

tests/webdav.rs

@@ -0,0 +1,217 @@
+mod fixtures;
+mod utils;
+
+use fixtures::{server, Error, TestServer, FILES};
+use rstest::rstest;
+use xml::escape::escape_str_pcdata;
+
+#[rstest]
+fn propfind_dir(server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"PROPFIND", format!("{}dir1", server.url())).send()?;
+    assert_eq!(resp.status(), 207);
+    let body = resp.text()?;
+    assert!(body.contains("<D:href>/dir1/</D:href>"));
+    assert!(body.contains("<D:displayname>dir1</D:displayname>"));
+    for f in FILES {
+        assert!(body.contains(&format!("<D:href>/dir1/{}</D:href>", utils::encode_uri(f))));
+        assert!(body.contains(&format!(
+            "<D:displayname>{}</D:displayname>",
+            escape_str_pcdata(f)
+        )));
+    }
+    Ok(())
+}
+
+#[rstest]
+fn propfind_dir_depth0(server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"PROPFIND", format!("{}dir1", server.url()))
+        .header("depth", "0")
+        .send()?;
+    assert_eq!(resp.status(), 207);
+    let body = resp.text()?;
+    assert!(body.contains("<D:href>/dir1/</D:href>"));
+    assert!(body.contains("<D:displayname>dir1</D:displayname>"));
+    assert_eq!(
+        body.lines()
+            .filter(|v| *v == "<D:status>HTTP/1.1 200 OK</D:status>")
+            .count(),
+        1
+    );
+    Ok(())
+}
+
+#[rstest]
+fn propfind_404(server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"PROPFIND", format!("{}404", server.url())).send()?;
+    assert_eq!(resp.status(), 404);
+    Ok(())
+}
+
+#[rstest]
+fn propfind_double_slash(server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"PROPFIND", format!("{}/", server.url())).send()?;
+    assert_eq!(resp.status(), 207);
+    Ok(())
+}
+
+#[rstest]
+fn propfind_file(server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"PROPFIND", format!("{}test.html", server.url())).send()?;
+    assert_eq!(resp.status(), 207);
+    let body = resp.text()?;
+    assert!(body.contains("<D:href>/test.html</D:href>"));
+    assert!(body.contains("<D:displayname>test.html</D:displayname>"));
+    assert_eq!(
+        body.lines()
+            .filter(|v| *v == "<D:status>HTTP/1.1 200 OK</D:status>")
+            .count(),
+        1
+    );
+    Ok(())
+}
+
+#[rstest]
+fn proppatch_file(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"PROPPATCH", format!("{}test.html", server.url())).send()?;
+    assert_eq!(resp.status(), 207);
+    let body = resp.text()?;
+    assert!(body.contains("<D:href>/test.html</D:href>"));
+    Ok(())
+}
+
+#[rstest]
+fn proppatch_404(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"PROPPATCH", format!("{}404", server.url())).send()?;
+    assert_eq!(resp.status(), 404);
+    Ok(())
+}
+
+#[rstest]
+fn mkcol_dir(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"MKCOL", format!("{}newdir", server.url())).send()?;
+    assert_eq!(resp.status(), 201);
+    Ok(())
+}
+
+#[rstest]
+fn mkcol_not_allow_upload(server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"MKCOL", format!("{}newdir", server.url())).send()?;
+    assert_eq!(resp.status(), 403);
+    Ok(())
+}
+
+#[rstest]
+fn mkcol_already_exists(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"MKCOL", format!("{}dir1", server.url())).send()?;
+    assert_eq!(resp.status(), 405);
+    Ok(())
+}
+
+#[rstest]
+fn copy_file(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let new_url = format!("{}test2.html", server.url());
+    let resp = fetch!(b"COPY", format!("{}test.html", server.url()))
+        .header("Destination", &new_url)
+        .send()?;
+    assert_eq!(resp.status(), 204);
+    let resp = reqwest::blocking::get(new_url)?;
+    assert_eq!(resp.status(), 200);
+    Ok(())
+}
+
+#[rstest]
+fn copy_not_allow_upload(server: TestServer) -> Result<(), Error> {
+    let new_url = format!("{}test2.html", server.url());
+    let resp = fetch!(b"COPY", format!("{}test.html", server.url()))
+        .header("Destination", &new_url)
+        .send()?;
+    assert_eq!(resp.status(), 403);
+    Ok(())
+}
+
+#[rstest]
+fn copy_file_404(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let new_url = format!("{}test2.html", server.url());
+    let resp = fetch!(b"COPY", format!("{}404", server.url()))
+        .header("Destination", &new_url)
+        .send()?;
+    assert_eq!(resp.status(), 404);
+    Ok(())
+}
+
+#[rstest]
+fn move_file(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let origin_url = format!("{}test.html", server.url());
+    let new_url = format!("{}test2.html", server.url());
+    let resp = fetch!(b"MOVE", &origin_url)
+        .header("Destination", &new_url)
+        .send()?;
+    assert_eq!(resp.status(), 204);
+    let resp = reqwest::blocking::get(new_url)?;
+    assert_eq!(resp.status(), 200);
+    let resp = reqwest::blocking::get(origin_url)?;
+    assert_eq!(resp.status(), 404);
+    Ok(())
+}
+
+#[rstest]
+fn move_not_allow_upload(#[with(&["--allow-delete"])] server: TestServer) -> Result<(), Error> {
+    let origin_url = format!("{}test.html", server.url());
+    let new_url = format!("{}test2.html", server.url());
+    let resp = fetch!(b"MOVE", &origin_url)
+        .header("Destination", &new_url)
+        .send()?;
+    assert_eq!(resp.status(), 403);
+    Ok(())
+}
+
+#[rstest]
+fn move_not_allow_delete(#[with(&["--allow-upload"])] server: TestServer) -> Result<(), Error> {
+    let origin_url = format!("{}test.html", server.url());
+    let new_url = format!("{}test2.html", server.url());
+    let resp = fetch!(b"MOVE", &origin_url)
+        .header("Destination", &new_url)
+        .send()?;
+    assert_eq!(resp.status(), 403);
+    Ok(())
+}
+
+#[rstest]
+fn move_file_404(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let new_url = format!("{}test2.html", server.url());
+    let resp = fetch!(b"MOVE", format!("{}404", server.url()))
+        .header("Destination", &new_url)
+        .send()?;
+    assert_eq!(resp.status(), 404);
+    Ok(())
+}
+
+#[rstest]
+fn lock_file(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"LOCK", format!("{}test.html", server.url())).send()?;
+    assert_eq!(resp.status(), 200);
+    let body = resp.text()?;
+    assert!(body.contains("<D:href>/test.html</D:href>"));
+    Ok(())
+}
+
+#[rstest]
+fn lock_file_404(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"LOCK", format!("{}404", server.url())).send()?;
+    assert_eq!(resp.status(), 404);
+    Ok(())
+}
+
+#[rstest]
+fn unlock_file(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"LOCK", format!("{}test.html", server.url())).send()?;
+    assert_eq!(resp.status(), 200);
+    Ok(())
+}
+
+#[rstest]
+fn unlock_file_404(#[with(&["-A"])] server: TestServer) -> Result<(), Error> {
+    let resp = fetch!(b"LOCK", format!("{}404", server.url())).send()?;
+    assert_eq!(resp.status(), 404);
+    Ok(())
+}