hfs 0.49.2 → 0.50.0-alpha1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +1 -0
- package/admin/assets/{index-79c48481.js → index-c618ba7d.js} +104 -103
- package/admin/assets/{index-1c2b890b.css → index-f3fd8783.css} +1 -1
- package/{frontend/assets/sha512-da48f0d4.js → admin/assets/sha512-1ee27408.js} +1 -1
- package/admin/index.html +2 -2
- package/frontend/assets/index-83cd0389.js +94 -0
- package/{admin/assets/sha512-bdc531ce.js → frontend/assets/sha512-90bb0108.js} +1 -1
- package/frontend/index.html +1 -1
- package/package.json +1 -1
- package/plugins/antibrute/plugin.js +1 -1
- package/plugins/vhosting/plugin.js +3 -3
- package/src/adminApis.js +11 -12
- package/src/api.accounts.js +7 -1
- package/src/api.auth.js +7 -31
- package/src/api.file_list.js +3 -1
- package/src/api.monitor.js +2 -2
- package/src/api.vfs.js +6 -8
- package/src/auth.js +49 -0
- package/src/const.js +1 -1
- package/src/cross.js +21 -3
- package/src/log.js +2 -2
- package/src/middlewares.js +23 -21
- package/src/perm.js +1 -6
- package/src/plugins.js +0 -1
- package/src/serveGuiFiles.js +2 -4
- package/src/srp.js +22 -0
- package/src/upload.js +2 -2
- package/src/vfs.js +10 -14
- package/src/zip.js +2 -0
- package/frontend/assets/index-5f1c6cb8.js +0 -94
package/src/vfs.js
CHANGED
|
@@ -4,7 +4,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
|
|
|
4
4
|
return (mod && mod.__esModule) ? mod : { "default": mod };
|
|
5
5
|
};
|
|
6
6
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
7
|
-
exports.parentMaskApplier = exports.masksCouldGivePermission = exports.walkNode = exports.statusCodeForMissingPerm = exports.hasPermission = exports.nodeIsDirectory = exports.getNodeName = exports.saveVfs = exports.vfs = exports.urlToNode = exports.applyParentToChild = exports.isSameFilenameAs = exports.permsFromParent = exports.MIME_AUTO = void 0;
|
|
7
|
+
exports.parentMaskApplier = exports.masksCouldGivePermission = exports.walkNode = exports.statusCodeForMissingPerm = exports.hasPermission = exports.nodeIsLink = exports.nodeIsDirectory = exports.getNodeName = exports.saveVfs = exports.vfs = exports.urlToNode = exports.applyParentToChild = exports.isSameFilenameAs = exports.permsFromParent = exports.MIME_AUTO = void 0;
|
|
8
8
|
const promises_1 = __importDefault(require("fs/promises"));
|
|
9
9
|
const path_1 = require("path");
|
|
10
10
|
const misc_1 = require("./misc");
|
|
@@ -13,6 +13,7 @@ const config_1 = require("./config");
|
|
|
13
13
|
const const_1 = require("./const");
|
|
14
14
|
const events_1 = __importDefault(require("./events"));
|
|
15
15
|
const perm_1 = require("./perm");
|
|
16
|
+
const auth_1 = require("./auth");
|
|
16
17
|
exports.MIME_AUTO = 'auto';
|
|
17
18
|
function permsFromParent(parent, child) {
|
|
18
19
|
const ret = {};
|
|
@@ -119,12 +120,6 @@ async function urlToNode(url, ctx, parent = exports.vfs, getRest) {
|
|
|
119
120
|
exports.urlToNode = urlToNode;
|
|
120
121
|
exports.vfs = {};
|
|
121
122
|
(0, config_1.defineConfig)('vfs', {}).sub(data => exports.vfs = (function recur(node) {
|
|
122
|
-
if (node.propagate) { // legacy pre-0.47
|
|
123
|
-
for (const [k, v] of (0, misc_1.typedEntries)(node.propagate))
|
|
124
|
-
if (v === false)
|
|
125
|
-
node[k] = { this: node[k] };
|
|
126
|
-
delete node.propagate;
|
|
127
|
-
}
|
|
128
123
|
if (node.children)
|
|
129
124
|
for (const c of node.children)
|
|
130
125
|
recur(c);
|
|
@@ -154,14 +149,15 @@ async function nodeIsDirectory(node) {
|
|
|
154
149
|
var _a;
|
|
155
150
|
if (node.isFolder !== undefined)
|
|
156
151
|
return node.isFolder;
|
|
157
|
-
const isFolder = Boolean(((_a = node.children) === null || _a === void 0 ? void 0 : _a.length) || !node.source || await (0, misc_1.isDirectory)(node.source));
|
|
158
|
-
|
|
159
|
-
node.isFolder = isFolder;
|
|
160
|
-
else
|
|
161
|
-
(0, misc_1.setHidden)(node, { isFolder }); // don't make it to the storage
|
|
152
|
+
const isFolder = Boolean(((_a = node.children) === null || _a === void 0 ? void 0 : _a.length) || !nodeIsLink(node) && (!node.source || await (0, misc_1.isDirectory)(node.source)));
|
|
153
|
+
(0, misc_1.setHidden)(node, { isFolder }); // don't make it to the storage (a node.isTemp doesn't need it to be hidden)
|
|
162
154
|
return isFolder;
|
|
163
155
|
}
|
|
164
156
|
exports.nodeIsDirectory = nodeIsDirectory;
|
|
157
|
+
function nodeIsLink(node) {
|
|
158
|
+
return node.url;
|
|
159
|
+
}
|
|
160
|
+
exports.nodeIsLink = nodeIsLink;
|
|
165
161
|
function hasPermission(node, perm, ctx) {
|
|
166
162
|
return !statusCodeForMissingPerm(node, perm, ctx, false);
|
|
167
163
|
}
|
|
@@ -189,12 +185,12 @@ function statusCodeForMissingPerm(node, perm, ctx, assign = true) {
|
|
|
189
185
|
if (Array.isArray(who)) {
|
|
190
186
|
const arr = who; // shut up ts
|
|
191
187
|
// check if I or any ancestor match `who`, but cache ancestors' usernames inside context state
|
|
192
|
-
const some = (0, misc_1.getOrSet)(ctx.state, 'usernames', () => (0, perm_1.expandUsername)((0,
|
|
188
|
+
const some = (0, misc_1.getOrSet)(ctx.state, 'usernames', () => (0, perm_1.expandUsername)((0, auth_1.getCurrentUsername)(ctx)))
|
|
193
189
|
.some((u) => arr.includes(u));
|
|
194
190
|
return some ? 0 : const_1.HTTP_UNAUTHORIZED;
|
|
195
191
|
}
|
|
196
192
|
return typeof who === 'boolean' ? (who ? 0 : const_1.HTTP_FORBIDDEN)
|
|
197
|
-
: who === misc_1.WHO_ANY_ACCOUNT ? (ctx
|
|
193
|
+
: who === misc_1.WHO_ANY_ACCOUNT ? ((0, auth_1.getCurrentUsername)(ctx) ? 0 : const_1.HTTP_UNAUTHORIZED)
|
|
198
194
|
: (0, misc_1.throw_)(Error('invalid permission: ' + JSON.stringify(who)));
|
|
199
195
|
}
|
|
200
196
|
}
|
package/src/zip.js
CHANGED
|
@@ -43,6 +43,8 @@ async function zipStreamFromFolder(node, ctx) {
|
|
|
43
43
|
}
|
|
44
44
|
})();
|
|
45
45
|
const mappedWalker = (0, misc_1.filterMapGenerator)(walker, async (el) => {
|
|
46
|
+
if ((0, vfs_1.nodeIsLink)(el))
|
|
47
|
+
return;
|
|
46
48
|
if (!(0, vfs_1.hasPermission)(el, 'can_archive', ctx))
|
|
47
49
|
return; // the fact you see it doesn't mean you can get it
|
|
48
50
|
const { source } = el;
|