PyPI - lfss - Versions diffs - 0.9.2__py3-none-any.whl → 0.9.4__py3-none-any.whl - Mend

lfss 0.9.2py3-none-any.whl → 0.9.4py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (15) hide show

docs/Changelog.md +27 -0
docs/Webdav.md +3 -3
lfss/eng/connection_pool.py +1 -1
lfss/eng/database.py +6 -9
lfss/eng/error.py +4 -2
lfss/eng/thumb.py +5 -1
lfss/eng/utils.py +46 -24
lfss/svc/app_base.py +2 -1
lfss/svc/app_dav.py +71 -58
lfss/svc/app_native.py +5 -7
lfss/svc/common_impl.py +68 -30
{lfss-0.9.2.dist-info → lfss-0.9.4.dist-info}/METADATA +1 -1
{lfss-0.9.2.dist-info → lfss-0.9.4.dist-info}/RECORD +15 -14
{lfss-0.9.2.dist-info → lfss-0.9.4.dist-info}/WHEEL +0 -0
{lfss-0.9.2.dist-info → lfss-0.9.4.dist-info}/entry_points.txt +0 -0

docs/Changelog.md ADDED Viewed

@@ -0,0 +1,27 @@
+## 0.9
+### 0.9.4
+- Decode WebDAV file name.
+- Allow root-listing for WebDAV.
+- Always return 207 status code for propfind.
+- Refactor debounce utility.
+### 0.9.3
+- Fix empty file getting.
+- HTTP `PUT/POST` default to overwrite the file.
+- Use shared implementations for `PUT`, `GET`, `DELETE` methods.
+- Inherit permission on overwriting `unset` permission files.
+### 0.9.2
+- Native copy function.
+- Only enable basic authentication if WebDAV is enabled.
+- `WWW-Authenticate` header is now added to the response when authentication fails.
+### 0.9.1
+- Add WebDAV support.
+- Code refactor, use `lfss.eng` and `lfss.svc`.
+### 0.9.0
+- User peer access control, now user can share their path with other users.
+- Fix high concurrency database locking on file getting.

docs/Webdav.md CHANGED Viewed

@@ -15,8 +15,8 @@ Please note:
 2. LFSS not allow creating files in the root directory, however some client such as [Finder](https://sabre.io/dav/clients/finder/) will try to create files in the root directory. Thus, it is safer to mount the user directory only, e.g. `http://localhost:8000/<username>/`.
 3. LFSS not allow directory creation, instead it creates directoy implicitly when a file is uploaded to a non-exist directory.
    i.e. `PUT http://localhost:8000/<username>/dir/file.txt` will create the `dir` directory if it does not exist.
-   However, the WebDAV `MKCOL` method requires the directory to be created explicitly, so WebDAV `MKCOL` method instead create a decoy file on the path (`.lfss-keep`), and hide the file from the file listing by `PROPFIND` method.
+   However, the WebDAV `MKCOL` method requires the directory to be created explicitly, so WebDAV `MKCOL` method instead create a decoy file on the path (`.lfss_keep`), and hide the file from the file listing by `PROPFIND` method.
    This leads to:
-   1) You may see a `.lfss-keep` file in the directory with native file listing (e.g. `/_api/list-files`), but it is hidden in WebDAV clients.
-   2) The directory may be deleted if there is no file in it and the `.lfss-keep` file is not created by WebDAV client.
+   1) You may see a `.lfss_keep` file in the directory with native file listing (e.g. `/_api/list-files`), but it is hidden in WebDAV clients.
+   2) The directory may be deleted if there is no file in it and the `.lfss_keep` file is not created by WebDAV client.

lfss/eng/connection_pool.py CHANGED Viewed

@@ -29,7 +29,7 @@ async def get_connection(read_only: bool = False) -> aiosqlite.Connection:
     conn = await aiosqlite.connect(
         get_db_uri(DATA_HOME / 'index.db', read_only=read_only),
-        timeout = 20, uri = True
+        timeout = 10, uri = True
         )
     async with conn.cursor() as c:
         await c.execute(

lfss/eng/database.py CHANGED Viewed

@@ -161,7 +161,7 @@ class UserConn(DBObjectBase):
     async def list_peer_users(self, src_user: int | str, level: AccessLevel) -> list[UserRecord]:
         """
         List all users that src_user can do [AliasLevel] to, with level >= level,
-        Note: the returned list does not include src_user and admin users
+        Note: the returned list does not include src_user and is not apporiate for admin (who has all permissions for all users)
         """
         assert int(level) > AccessLevel.NONE, f"Invalid level, {level}"
         match src_user:
@@ -427,8 +427,7 @@ class FileConn(DBObjectBase):
         await self._user_size_inc(user_id, old.file_size)
         self.logger.info(f"Copied file {old_url} to {new_url}")
-    # not tested
-    async def copy_path(self, old_url: str, new_url: str, conflict_handler: Literal['skip', 'overwrite'] = 'overwrite', user_id: Optional[int] = None):
+    async def copy_path(self, old_url: str, new_url: str, user_id: Optional[int] = None):
         assert old_url.endswith('/'), "Old path must end with /"
         assert new_url.endswith('/'), "New path must end with /"
         if user_id is None:
@@ -440,11 +439,8 @@ class FileConn(DBObjectBase):
         for r in res:
             old_record = FileRecord(*r)
             new_r = new_url + old_record.url[len(old_url):]
-            if conflict_handler == 'overwrite':
-                await self.cur.execute("DELETE FROM fmeta WHERE url = ?", (new_r, ))
-            elif conflict_handler == 'skip':
-                if (await self.cur.execute("SELECT url FROM fmeta WHERE url = ?", (new_r, ))) is not None:
-                    continue
+            if await (await self.cur.execute("SELECT url FROM fmeta WHERE url = ?", (new_r, ))).fetchone() is not None:
+                raise FileExistsError(f"File {new_r} already exists")
             new_fid = str(uuid.uuid4())
             user_id = old_record.owner_id if user_id is None else user_id
             await self.cur.execute(
@@ -456,6 +452,7 @@ class FileConn(DBObjectBase):
             else:
                 await copy_file(LARGE_BLOB_DIR / old_record.file_id, LARGE_BLOB_DIR / new_fid)
             await self._user_size_inc(user_id, old_record.file_size)
+        self.logger.info(f"Copied path {old_url} to {new_url}")
     async def move_file(self, old_url: str, new_url: str):
         old = await self.get_file_record(old_url)
@@ -858,7 +855,7 @@ class Database:
         async with transaction() as cur:
             fconn = FileConn(cur)
-            await fconn.copy_path(old_url, new_url, 'overwrite', op_user.id)
+            await fconn.copy_path(old_url, new_url, op_user.id)
     async def __batch_delete_file_blobs(self, fconn: FileConn, file_records: list[FileRecord], batch_size: int = 512):
         # https://github.com/langchain-ai/langchain/issues/10321

lfss/eng/error.py CHANGED Viewed

@@ -6,6 +6,10 @@ class FileLockedError(LFSSExceptionBase):...
 class InvalidOptionsError(LFSSExceptionBase, ValueError):...
+class InvalidDataError(LFSSExceptionBase, ValueError):...
+class InvalidPathError(LFSSExceptionBase, ValueError):...
 class DatabaseLockedError(LFSSExceptionBase, sqlite3.DatabaseError):...
 class PathNotFoundError(LFSSExceptionBase, FileNotFoundError):...
@@ -14,8 +18,6 @@ class FileDuplicateError(LFSSExceptionBase, FileExistsError):...
 class PermissionDeniedError(LFSSExceptionBase, PermissionError):...
-class InvalidPathError(LFSSExceptionBase, ValueError):...
 class StorageExceededError(LFSSExceptionBase):...
 class TooManyItemsError(LFSSExceptionBase):...

lfss/eng/thumb.py CHANGED Viewed

@@ -1,5 +1,6 @@
 from lfss.eng.config import THUMB_DB, THUMB_SIZE
 from lfss.eng.database import FileConn
+from lfss.eng.error import *
 from lfss.eng.connection_pool import unique_cursor
 from typing import Optional
 from PIL import Image
@@ -32,7 +33,10 @@ async def _get_cache_thumb(c: aiosqlite.Cursor, path: str, ctime: str) -> Option
     return blob
 async def _save_cache_thumb(c: aiosqlite.Cursor, path: str, ctime: str, raw_bytes: bytes) -> bytes:
-    raw_img = Image.open(BytesIO(raw_bytes))
+    try:
+        raw_img = Image.open(BytesIO(raw_bytes))
+    except Exception:
+        raise InvalidDataError('Invalid image data for thumbnail: ' + path)
     raw_img.thumbnail(THUMB_SIZE)
     img = raw_img.convert('RGB')
     bio = BytesIO()

lfss/eng/utils.py CHANGED Viewed

@@ -36,17 +36,41 @@ def ensure_uri_compnents(path: str):
     """ Ensure the path components are safe to use """
     return encode_uri_compnents(decode_uri_compnents(path))
-g_debounce_tasks: OrderedDict[str, asyncio.Task] = OrderedDict()
-lock_debounce_task_queue = Lock()
+class TaskManager:
+    def __init__(self):
+        self._tasks: OrderedDict[str, asyncio.Task] = OrderedDict()
+    def push(self, task: asyncio.Task) -> str:
+        tid = uuid4().hex
+        if tid in self._tasks:
+            raise ValueError("Task ID collision")
+        self._tasks[tid] = task
+        return tid
+    def cancel(self, task_id: str):
+        task = self._tasks.pop(task_id, None)
+        if task is not None:
+            task.cancel()
+    def truncate(self):
+        new_tasks = OrderedDict()
+        for tid, task in self._tasks.items():
+            if not task.done():
+                new_tasks[tid] = task
+        self._tasks = new_tasks
+    async def wait_all(self):
+        async def stop_task(task: asyncio.Task):
+            if not task.done():
+                await task
+        await asyncio.gather(*map(stop_task, self._tasks.values()))
+        self._tasks.clear()
+    def __len__(self): return len(self._tasks)
+g_debounce_tasks: TaskManager = TaskManager()
 async def wait_for_debounce_tasks():
-    async def stop_task(task: asyncio.Task):
-        task.cancel()
-        try:
-            await task
-        except asyncio.CancelledError:
-            pass
-    await asyncio.gather(*map(stop_task, g_debounce_tasks.values()))
-    g_debounce_tasks.clear()
+    await g_debounce_tasks.wait_all()
 def debounce_async(delay: float = 0.1, max_wait: float = 1.):
     """
@@ -54,7 +78,8 @@ def debounce_async(delay: float = 0.1, max_wait: float = 1.):
     ensuring execution at least once every `max_wait` seconds.
     """
     def debounce_wrap(func):
-        task_record: tuple[str, asyncio.Task] | None = None
+        # task_record: tuple[str, asyncio.Task] | None = None
+        prev_task_id = None
         fn_execution_lock = Lock()
         last_execution_time = 0
@@ -67,12 +92,11 @@ def debounce_async(delay: float = 0.1, max_wait: float = 1.):
         @functools.wraps(func)
         async def wrapper(*args, **kwargs):
-            nonlocal task_record, last_execution_time
+            nonlocal prev_task_id, last_execution_time
-            async with lock_debounce_task_queue:
-                if task_record is not None:
-                    task_record[1].cancel()
-                    g_debounce_tasks.pop(task_record[0], None)
+            if prev_task_id is not None:
+                g_debounce_tasks.cancel(prev_task_id)
+                prev_task_id = None
             async with fn_execution_lock:
                 if time.monotonic() - last_execution_time > max_wait:
@@ -81,14 +105,12 @@ def debounce_async(delay: float = 0.1, max_wait: float = 1.):
                     return
             task = asyncio.create_task(delayed_func(*args, **kwargs))
-            task_uid = uuid4().hex
-            task_record = (task_uid, task)
-            async with lock_debounce_task_queue:
-                g_debounce_tasks[task_uid] = task
-                if len(g_debounce_tasks) > 2048:
-                    # finished tasks are not removed from the dict
-                    # so we need to clear it periodically
-                    await wait_for_debounce_tasks()
+            prev_task_id = g_debounce_tasks.push(task)
+            if len(g_debounce_tasks) > 1024:
+                # finished tasks are not removed from the dict
+                # so we need to clear it periodically
+                g_debounce_tasks.truncate()
         return wrapper
     return debounce_wrap

lfss/svc/app_base.py CHANGED Viewed

@@ -47,13 +47,14 @@ def handle_exception(fn):
             if isinstance(e, StorageExceededError): raise HTTPException(status_code=413, detail=str(e))
             if isinstance(e, PermissionError): raise HTTPException(status_code=403, detail=str(e))
             if isinstance(e, InvalidPathError): raise HTTPException(status_code=400, detail=str(e))
+            if isinstance(e, InvalidOptionsError): raise HTTPException(status_code=400, detail=str(e))
+            if isinstance(e, InvalidDataError): raise HTTPException(status_code=400, detail=str(e))
             if isinstance(e, FileNotFoundError): raise HTTPException(status_code=404, detail=str(e))
             if isinstance(e, FileDuplicateError): raise HTTPException(status_code=409, detail=str(e))
             if isinstance(e, FileExistsError): raise HTTPException(status_code=409, detail=str(e))
             if isinstance(e, TooManyItemsError): raise HTTPException(status_code=400, detail=str(e))
             if isinstance(e, DatabaseLockedError): raise HTTPException(status_code=503, detail=str(e))
             if isinstance(e, FileLockedError): raise HTTPException(status_code=423, detail=str(e))
-            if isinstance(e, InvalidOptionsError): raise HTTPException(status_code=400, detail=str(e))
             logger.error(f"Uncaptured error in {fn.__name__}: {e}")
             raise
     return wrapper

lfss/svc/app_dav.py CHANGED Viewed

@@ -9,11 +9,11 @@ import xml.etree.ElementTree as ET
 from ..eng.connection_pool import unique_cursor
 from ..eng.error import *
 from ..eng.config import DATA_HOME, DEBUG_MODE
-from ..eng.datatype import UserRecord, FileRecord, DirectoryRecord
-from ..eng.database import FileConn
+from ..eng.datatype import UserRecord, FileRecord, DirectoryRecord, AccessLevel
+from ..eng.database import FileConn, UserConn, check_path_permission
 from ..eng.utils import ensure_uri_compnents, decode_uri_compnents, format_last_modified, static_vars
 from .app_base import *
-from .common_impl import get_file_impl, put_file_impl, delete_impl, copy_impl
+from .common_impl import copy_impl
 LOCK_DB_PATH = DATA_HOME / "lock.db"
 MKDIR_PLACEHOLDER = ".lfss_keep"
@@ -53,11 +53,27 @@ async def eval_path(path: str) -> tuple[ptype, str, Optional[FileRecord | Direct
     # path now is url-safe and without leading slash
     if path.endswith("/"):
         lfss_path = path
-        async with unique_cursor() as c:
-            fconn = FileConn(c)
-            if await fconn.count_path_files(path, flat=True) == 0:
-                return None, lfss_path, None
-            return "dir", lfss_path, await fconn.get_path_record(path)
+        dir_path_sp = path.split("/")
+        if len(dir_path_sp) > 2:
+            async with unique_cursor() as c:
+                fconn = FileConn(c)
+                if await fconn.count_path_files(path, flat=True) == 0:
+                    return None, lfss_path, None
+                return "dir", lfss_path, await fconn.get_path_record(path)
+        else:
+            # test if its a user's root directory
+            assert len(dir_path_sp) == 2
+            username = path.split("/")[0]
+            async with unique_cursor() as c:
+                uconn = UserConn(c)
+                u = await uconn.get_user(username)
+                if u is None:
+                    return None, lfss_path, None
+                return "dir", lfss_path, DirectoryRecord(lfss_path)
+    # may be root directory
+    if path == "":
+        return "dir", "", DirectoryRecord("")
     # not end with /, check if it is a file
     async with unique_cursor() as c:
@@ -66,11 +82,10 @@ async def eval_path(path: str) -> tuple[ptype, str, Optional[FileRecord | Direct
             lfss_path = path
             return "file", lfss_path, res
-    if path == "": return "dir", "", DirectoryRecord("")
     async with unique_cursor() as c:
+        lfss_path = path + "/"
         fconn = FileConn(c)
-        if await fconn.count_path_files(path + "/") > 0:
-            lfss_path = path + "/"
+        if await fconn.count_path_files(lfss_path) > 0:
             return "dir", lfss_path, await fconn.get_path_record(lfss_path)
     return None, path, None
@@ -110,7 +125,7 @@ async def unlock_path(user: UserRecord, p: str, token: str):
                 raise FileLockedError(f"Failed to unlock file [{p}] with token {token}")
             await cur.execute("DELETE FROM locks WHERE path=?", (p,))
             await conn.commit()
-async def query_lock_el(p: str, top_el_name: str = f"{{{DAV_NS}}}lockinfo") -> Optional[ET.Element]:
+async def query_lock_element(p: str, top_el_name: str = f"{{{DAV_NS}}}lockinfo") -> Optional[ET.Element]:
     async with aiosqlite.connect(LOCK_DB_PATH) as conn:
         await conn.execute("BEGIN EXCLUSIVE")
         await conn.execute(lock_table_create_sql)
@@ -145,15 +160,16 @@ async def create_file_xml_element(frecord: FileRecord) -> ET.Element:
     href.text = f"/{frecord.url}"
     propstat = ET.SubElement(file_el, f"{{{DAV_NS}}}propstat")
     prop = ET.SubElement(propstat, f"{{{DAV_NS}}}prop")
-    ET.SubElement(prop, f"{{{DAV_NS}}}displayname").text = frecord.url.split("/")[-1]
+    ET.SubElement(prop, f"{{{DAV_NS}}}displayname").text = decode_uri_compnents(frecord.url.split("/")[-1])
     ET.SubElement(prop, f"{{{DAV_NS}}}resourcetype")
     ET.SubElement(prop, f"{{{DAV_NS}}}getcontentlength").text = str(frecord.file_size)
     ET.SubElement(prop, f"{{{DAV_NS}}}getlastmodified").text = format_last_modified(frecord.create_time)
     ET.SubElement(prop, f"{{{DAV_NS}}}getcontenttype").text = frecord.mime_type
-    lock_el = await query_lock_el(frecord.url, top_el_name=f"{{{DAV_NS}}}activelock")
+    lock_el = await query_lock_element(frecord.url, top_el_name=f"{{{DAV_NS}}}activelock")
     if lock_el is not None:
         lock_discovery = ET.SubElement(prop, f"{{{DAV_NS}}}lockdiscovery")
         lock_discovery.append(lock_el)
+    ET.SubElement(propstat, f"{{{DAV_NS}}}status").text = "HTTP/1.1 200 OK"
     return file_el
 async def create_dir_xml_element(drecord: DirectoryRecord) -> ET.Element:
@@ -162,15 +178,16 @@ async def create_dir_xml_element(drecord: DirectoryRecord) -> ET.Element:
     href.text = f"/{drecord.url}"
     propstat = ET.SubElement(dir_el, f"{{{DAV_NS}}}propstat")
     prop = ET.SubElement(propstat, f"{{{DAV_NS}}}prop")
-    ET.SubElement(prop, f"{{{DAV_NS}}}displayname").text = drecord.url.split("/")[-2]
+    ET.SubElement(prop, f"{{{DAV_NS}}}displayname").text = decode_uri_compnents(drecord.url.split("/")[-2])
     ET.SubElement(prop, f"{{{DAV_NS}}}resourcetype").append(ET.Element(f"{{{DAV_NS}}}collection"))
     if drecord.size >= 0:
         ET.SubElement(prop, f"{{{DAV_NS}}}getlastmodified").text = format_last_modified(drecord.create_time)
         ET.SubElement(prop, f"{{{DAV_NS}}}getcontentlength").text = str(drecord.size)
-    lock_el = await query_lock_el(drecord.url, top_el_name=f"{{{DAV_NS}}}activelock")
+    lock_el = await query_lock_element(drecord.url, top_el_name=f"{{{DAV_NS}}}activelock")
     if lock_el is not None:
         lock_discovery = ET.SubElement(prop, f"{{{DAV_NS}}}lockdiscovery")
         lock_discovery.append(lock_el)
+    ET.SubElement(propstat, f"{{{DAV_NS}}}status").text = "HTTP/1.1 200 OK"
     return dir_el
 async def xml_request_body(request: Request) -> Optional[ET.Element]:
@@ -186,64 +203,59 @@ async def dav_options(request: Request, path: str):
     return Response(headers={
         "DAV": "1,2",
         "MS-Author-Via": "DAV",
-        "Allow": "OPTIONS, GET, HEAD, POST, DELETE, TRACE, PROPFIND, PROPPATCH, COPY, MOVE, LOCK, UNLOCK",
+        "Allow": "OPTIONS, GET, HEAD, POST, DELETE, TRACE, PROPFIND, PROPPATCH, COPY, MOVE, LOCK, UNLOCK, MKCOL",
         "Content-Length": "0"
     })
-@router_dav.get("/{path:path}")
-@handle_exception
-async def dav_get(request: Request, path: str, user: UserRecord = Depends(get_current_user)):
-    ptype, path, _ = await eval_path(path)
-    if ptype is None: raise PathNotFoundError(path)
-    # elif ptype == "dir": raise InvalidOptionsError("Directory should not be fetched")
-    else: return await get_file_impl(request, user=user, path=path)
-@router_dav.head("/{path:path}")
-@handle_exception
-async def dav_head(request: Request, path: str, user: UserRecord = Depends(registered_user)):
-    ptype, path, _ = await eval_path(path)
-    # some clients may send HEAD request to check if the file exists
-    if ptype is None: raise PathNotFoundError(path)
-    elif ptype == "dir": return Response(status_code=200)
-    else: return await get_file_impl(request, user=user, path=path, is_head=True)
-@router_dav.put("/{path:path}")
-@handle_exception
-async def dav_put(request: Request, path: str, user: UserRecord = Depends(registered_user)):
-    _, path, _ = await eval_path(path)
-    return await put_file_impl(request, user=user, path=path, conflict='overwrite')
-@router_dav.delete("/{path:path}")
-@handle_exception
-async def dav_delete(path: str, user: UserRecord = Depends(registered_user)):
-    _, path, _ = await eval_path(path)
-    return await delete_impl(user=user, path=path)
 @router_dav.api_route("/{path:path}", methods=["PROPFIND"])
 @handle_exception
-async def dav_propfind(request: Request, path: str, user: UserRecord = Depends(registered_user)):
+async def dav_propfind(request: Request, path: str, user: UserRecord = Depends(registered_user), body: Optional[ET.Element] = Depends(xml_request_body)):
     if path.startswith("/"): path = path[1:]
     path = ensure_uri_compnents(path)
-    depth = request.headers.get("Depth", "1")
+    if body and DEBUG_MODE:
+        print("Propfind-body:", ET.tostring(body, encoding="utf-8", method="xml"))
+    depth = request.headers.get("Depth", "0")
     # Generate XML response
     multistatus = ET.Element(f"{{{DAV_NS}}}multistatus")
     path_type, lfss_path, record = await eval_path(path)
-    logger.info(f"PROPFIND {lfss_path} (depth: {depth})")
-    return_status = 200
+    logger.info(f"PROPFIND {lfss_path} (depth: {depth}), type: {path_type}, record: {record}")
+    if lfss_path and await check_path_permission(lfss_path, user) < AccessLevel.READ:
+        raise PermissionDeniedError(lfss_path)
     if path_type == "dir" and depth == "0":
         # query the directory itself
-        return_status = 200
         assert isinstance(record, DirectoryRecord)
         dir_el = await create_dir_xml_element(record)
         multistatus.append(dir_el)
+    elif path_type == "dir" and lfss_path == "":
+        # query root directory content
+        async def user_path_record(user_name: str, cur) -> DirectoryRecord:
+            try:
+                return await FileConn(cur).get_path_record(user_name + "/")
+            except PathNotFoundError:
+                return DirectoryRecord(user_name + "/", size=0, n_files=0, create_time="1970-01-01 00:00:00", update_time="1970-01-01 00:00:00", access_time="1970-01-01 00:00:00")
+        async with unique_cursor() as c:
+            uconn = UserConn(c)
+            if not user.is_admin:
+                for u in [user] + await uconn.list_peer_users(user.id, AccessLevel.READ):
+                    dir_el = await create_dir_xml_element(await user_path_record(u.username, c))
+                    multistatus.append(dir_el)
+            else:
+                async for u in uconn.all():
+                    dir_el = await create_dir_xml_element(await user_path_record(u.username, c))
+                    multistatus.append(dir_el)
     elif path_type == "dir":
-        return_status = 207
+        # query directory content
         async with unique_cursor() as c:
             flist = await FileConn(c).list_path_files(lfss_path, flat = True if depth == "infinity" else False)
         for frecord in flist:
-            if frecord.url.split("/")[-1] == MKDIR_PLACEHOLDER: continue
+            if frecord.url.endswith(f"/{MKDIR_PLACEHOLDER}"): continue
             file_el = await create_file_xml_element(frecord)
             multistatus.append(file_el)
@@ -254,6 +266,7 @@ async def dav_propfind(request: Request, path: str, user: UserRecord = Depends(r
             multistatus.append(dir_el)
     elif path_type == "file":
+        # query file
         assert isinstance(record, FileRecord)
         file_el = await create_file_xml_element(record)
         multistatus.append(file_el)
@@ -262,7 +275,7 @@ async def dav_propfind(request: Request, path: str, user: UserRecord = Depends(r
         raise PathNotFoundError(path)
     xml_response = ET.tostring(multistatus, encoding="utf-8", method="xml")
-    return Response(content=xml_response, media_type="application/xml", status_code=return_status)
+    return Response(content=xml_response, media_type="application/xml", status_code=207)
 @router_dav.api_route("/{path:path}", methods=["MKCOL"])
 @handle_exception
@@ -289,7 +302,7 @@ async def dav_move(request: Request, path: str, user: UserRecord = Depends(regis
     ptype, lfss_path, _ = await eval_path(path)
     if ptype is None:
         raise PathNotFoundError(path)
-    dptype, dlfss_path, ddav_path = await eval_path(destination)
+    dptype, dlfss_path, _ = await eval_path(destination)
     if dptype is not None:
         raise HTTPException(status_code=409, detail="Conflict")
@@ -339,13 +352,13 @@ async def dav_lock(request: Request, path: str, user: UserRecord = Depends(regis
     # lock_token = f"opaquelocktoken:{uuid.uuid4().hex}"
     lock_token = f"urn:uuid:{uuid.uuid4()}"
     logger.info(f"LOCK {path} (timeout: {timeout}), token: {lock_token}, depth: {lock_depth}")
-    if DEBUG_MODE:
+    if DEBUG_MODE and body:
         print("Lock-body:", ET.tostring(body, encoding="utf-8", method="xml"))
     async with dav_lock.lock:
         await lock_path(user, path, lock_token, lock_depth, timeout=timeout)
         response_elem = ET.Element(f"{{{DAV_NS}}}prop")
         lockdiscovery = ET.SubElement(response_elem, f"{{{DAV_NS}}}lockdiscovery")
-        activelock = await query_lock_el(path, top_el_name=f"{{{DAV_NS}}}activelock")
+        activelock = await query_lock_element(path, top_el_name=f"{{{DAV_NS}}}activelock")
         assert activelock is not None
     lockdiscovery.append(activelock)
     lock_response = ET.tostring(response_elem, encoding="utf-8", method="xml")
@@ -362,7 +375,7 @@ async def dav_unlock(request: Request, path: str, user: UserRecord = Depends(reg
     if lock_token.startswith("<") and lock_token.endswith(">"):
         lock_token = lock_token[1:-1]
     logger.info(f"UNLOCK {path}, token: {lock_token}")
-    if DEBUG_MODE:
+    if DEBUG_MODE and body:
         print("Unlock-body:", ET.tostring(body, encoding="utf-8", method="xml"))
     _, path, _ = await eval_path(path)
     await unlock_path(user, path, lock_token)

lfss/svc/app_native.py CHANGED Viewed

@@ -13,7 +13,7 @@ from ..eng.datatype import (
 )
 from .app_base import *
-from .common_impl import get_file_impl, put_file_impl, post_file_impl, delete_impl, copy_impl
+from .common_impl import get_impl, put_file_impl, post_file_impl, delete_impl, copy_impl
 @router_fs.get("/{path:path}")
 @handle_exception
@@ -23,7 +23,7 @@ async def get_file(
     download: bool = False, thumb: bool = False,
     user: UserRecord = Depends(get_current_user)
     ):
-    return await get_file_impl(
+    return await get_impl(
         request = request,
         user = user, path = path, download = download, thumb = thumb
         )
@@ -38,9 +38,7 @@ async def head_file(
     ):
     if path.startswith("_api/"):
         raise HTTPException(status_code=405, detail="HEAD not supported for API")
-    if path.endswith("/"):
-        raise HTTPException(status_code=405, detail="HEAD not supported for directory")
-    return await get_file_impl(
+    return await get_impl(
         request = request,
         user = user, path = path, download = download, thumb = thumb, is_head = True
         )
@@ -50,7 +48,7 @@ async def head_file(
 async def put_file(
     request: Request,
     path: str,
-    conflict: Literal["overwrite", "skip", "abort"] = "abort",
+    conflict: Literal["overwrite", "skip", "abort"] = "overwrite",
     permission: int = 0,
     user: UserRecord = Depends(registered_user)
     ):
@@ -64,7 +62,7 @@ async def put_file(
 async def post_file(
     path: str,
     file: UploadFile,
-    conflict: Literal["overwrite", "skip", "abort"] = "abort",
+    conflict: Literal["overwrite", "skip", "abort"] = "overwrite",
     permission: int = 0,
     user: UserRecord = Depends(registered_user)
     ):

lfss/svc/common_impl.py CHANGED Viewed

@@ -7,7 +7,7 @@ from ..eng.datatype import UserRecord, FileRecord, PathContents, AccessLevel, Fi
 from ..eng.database import FileConn, UserConn, delayed_log_access, check_file_read_permission, check_path_permission
 from ..eng.thumb import get_thumb
 from ..eng.utils import format_last_modified, ensure_uri_compnents
-from ..eng.config import CHUNK_SIZE
+from ..eng.config import CHUNK_SIZE, DEBUG_MODE
 from .app_base import skip_request_log, db, logger
@@ -60,10 +60,15 @@ async def emit_file(
     else:
         arng_e = range_end
-    if arng_s >= file_record.file_size or arng_e >= file_record.file_size:
-        raise HTTPException(status_code=416, detail="Range not satisfiable")
-    if arng_s > arng_e:
-        raise HTTPException(status_code=416, detail="Invalid range")
+    if file_record.file_size > 0:
+        if arng_s >= file_record.file_size or arng_e >= file_record.file_size:
+            if DEBUG_MODE: print(f"[Invalid range] Actual range: {arng_s}-{arng_e} (size: {file_record.file_size})")
+            raise HTTPException(status_code=416, detail="Range not satisfiable")
+        if arng_s > arng_e:
+            raise HTTPException(status_code=416, detail="Invalid range")
+    else:
+        if not (arng_s == 0 and arng_e == -1):
+            raise HTTPException(status_code=416, detail="Invalid range (file size is 0)")
     headers = {
         "Content-Disposition": f"{disposition}; filename={fname}",
@@ -87,7 +92,7 @@ async def emit_file(
         status_code=206 if range_start != -1 or range_end != -1 else 200
     )
-async def get_file_impl(
+async def get_impl(
     request: Request,
     user: UserRecord,
     path: str,
@@ -96,30 +101,12 @@ async def get_file_impl(
     is_head = False,
     ):
     path = ensure_uri_compnents(path)
+    if path.startswith("/"): path = path[1:]
     # handle directory query
     if path == "": path = "/"
     if path.endswith("/"):
-        # return file under the path as json
-        async with unique_cursor() as cur:
-            fconn = FileConn(cur)
-            if user.id == 0:
-                raise HTTPException(status_code=401, detail="Permission denied, credential required")
-            if thumb:
-                return await emit_thumbnail(path, download, create_time=None)
-            if path == "/":
-                peer_users = await UserConn(cur).list_peer_users(user.id, AccessLevel.READ)
-                return PathContents(
-                    dirs = await fconn.list_root_dirs(user.username, *[x.username for x in peer_users], skim=True) \
-                        if not user.is_admin else await fconn.list_root_dirs(skim=True),
-                    files = []
-                )
-            if not await check_path_permission(path, user, cursor=cur) >= AccessLevel.READ:
-                raise HTTPException(status_code=403, detail="Permission denied")
-            return await fconn.list_path(path)
+        return await _get_dir_impl(user=user, path=path, download=download, thumb=thumb, is_head=is_head)
     # handle file query
     async with unique_cursor() as cur:
@@ -147,6 +134,9 @@ async def get_file_impl(
     else:
         range_start, range_end = -1, -1
+    if DEBUG_MODE:
+        print(f"Get range: {range_start}-{range_end}")
     if thumb:
         if (range_start != -1 or range_end != -1): logger.warning("Range request for thumbnail")
         return await emit_thumbnail(path, download, create_time=file_record.create_time, is_head=is_head)
@@ -156,11 +146,55 @@ async def get_file_impl(
         else:
             return await emit_file(file_record, None, "inline", is_head = is_head, range_start=range_start, range_end=range_end)
+async def _get_dir_impl(
+    user: UserRecord,
+    path: str,
+    download: bool = False,
+    thumb: bool = False,
+    is_head = False,
+    ):
+    """ handle directory query, return file under the path as json """
+    assert path.endswith("/")
+    async with unique_cursor() as cur:
+        fconn = FileConn(cur)
+        if user.id == 0:
+            raise HTTPException(status_code=401, detail="Permission denied, credential required")
+        if thumb:
+            return await emit_thumbnail(path, download, create_time=None)
+        if path == "/":
+            if is_head: return Response(status_code=200)
+            peer_users = await UserConn(cur).list_peer_users(user.id, AccessLevel.READ)
+            return PathContents(
+                dirs = await fconn.list_root_dirs(user.username, *[x.username for x in peer_users], skim=True) \
+                    if not user.is_admin else await fconn.list_root_dirs(skim=True),
+                files = []
+            )
+        if not await check_path_permission(path, user, cursor=cur) >= AccessLevel.READ:
+            raise HTTPException(status_code=403, detail="Permission denied")
+        path_sp = path.split("/")
+        if is_head:
+            if len(path_sp) == 2:
+                assert path_sp[1] == ""
+                if await UserConn(cur).get_user(path_sp[0]):
+                    return Response(status_code=200)
+                else:
+                    raise HTTPException(status_code=404, detail="User not found")
+            else:
+                if await FileConn(cur).count_path_files(path, flat=True) > 0:
+                    return Response(status_code=200)
+                else:
+                    raise HTTPException(status_code=404, detail="Path not found")
+        return await fconn.list_path(path)
 async def put_file_impl(
     request: Request,
     user: UserRecord,
     path: str,
-    conflict: Literal["overwrite", "skip", "abort"] = "abort",
+    conflict: Literal["overwrite", "skip", "abort"] = "overwrite",
     permission: int = 0,
     ):
     path = ensure_uri_compnents(path)
@@ -187,7 +221,9 @@ async def put_file_impl(
         exists_flag = True
         if await check_path_permission(path, user) < AccessLevel.WRITE:
             raise HTTPException(status_code=403, detail="Permission denied, cannot overwrite other's file")
-        await db.delete_file(path)
+        old_record = await db.delete_file(path)
+        if old_record and permission == FileReadPermission.UNSET.value:
+            permission = old_record.permission.value    # inherit permission
     # check content-type
     content_type = request.headers.get("Content-Type", "application/octet-stream")
@@ -213,7 +249,7 @@ async def post_file_impl(
     path: str,
     user: UserRecord,
     file: UploadFile,
-    conflict: Literal["overwrite", "skip", "abort"] = "abort",
+    conflict: Literal["overwrite", "skip", "abort"] = "overwrite",
     permission: int = 0,
 ):
     path = ensure_uri_compnents(path)
@@ -240,7 +276,9 @@ async def post_file_impl(
         exists_flag = True
         if await check_path_permission(path, user) < AccessLevel.WRITE:
             raise HTTPException(status_code=403, detail="Permission denied, cannot overwrite other's file")
-        await db.delete_file(path)
+        old_record = await db.delete_file(path)
+        if old_record and permission == FileReadPermission.UNSET.value:
+            permission = old_record.permission.value    # inherit permission
     async def blob_reader():
         nonlocal file

{lfss-0.9.2.dist-info → lfss-0.9.4.dist-info}/METADATA RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: lfss
-Version: 0.9.2
+Version: 0.9.4
 Summary: Lightweight file storage service
 Home-page: https://github.com/MenxLi/lfss
 Author: li_mengxun

{lfss-0.9.2.dist-info → lfss-0.9.4.dist-info}/RECORD RENAMED Viewed

@@ -1,8 +1,9 @@
 Readme.md,sha256=JVe9T6N1Rz4hTiiCVoDYe2VB0dAi60VcBgb2twQdfZc,1834
+docs/Changelog.md,sha256=3mRHcda4UK8c105XtBfbeTWij0S4xNc-U8JTTPUqCJk,769
 docs/Enviroment_variables.md,sha256=LUZF1o70emp-5UPsvXPjcxapP940OqEZzSyyUUT9bEQ,569
 docs/Known_issues.md,sha256=ZqETcWP8lzTOel9b2mxEgCnADFF8IxOrEtiVO1NoMAk,251
 docs/Permission.md,sha256=mvK8gVBBgoIFJqikcaReU_bUo-mTq_ECqJaDDJoQF7Q,3126
-docs/Webdav.md,sha256=9Q41ROEJodVVAnlo1Tf0jqsyrbuHhv_ElSsXbIPXYIg,1547
+docs/Webdav.md,sha256=-Ja-BTWSY1BEMAyZycvEMNnkNTPZ49gSPzmf3Lbib70,1547
 frontend/api.js,sha256=GlQsNoZFEcy7QUUsLbXv7aP-KxRnIxM37FQHTaakGiQ,19387
 frontend/index.html,sha256=-k0bJ5FRqdl_H-O441D_H9E-iejgRCaL_z5UeYaS2qc,3384
 frontend/info.css,sha256=Ny0N3GywQ3a9q1_Qph_QFEKB4fEnTe_2DJ1Y5OsLLmQ,595
@@ -29,22 +30,22 @@ lfss/cli/vacuum.py,sha256=GOG72d3NYe9bYCNc3y8JecEmM-DrKlGq3JQcisv_xBg,3702
 lfss/eng/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 lfss/eng/bounded_pool.py,sha256=BI1dU-MBf82TMwJBYbjhEty7w1jIUKc5Bn9SnZ_-hoY,1288
 lfss/eng/config.py,sha256=DmnUYMeLOL-45OstysyMpSBPmLofgzvcSrsWjHvssYs,915
-lfss/eng/connection_pool.py,sha256=-tePasJxiZZ73ymgWf_kFnaKouc4Rrr4K6EXwjb7Mm4,6141
-lfss/eng/database.py,sha256=cfMq7Hgj8cHFtynDzpRiqb0XYNb6OKWMYc8PcWl8eVw,47285
+lfss/eng/connection_pool.py,sha256=4xOF1kXXGqCWeLX5ZVFALKjdY8N1VVAVSSTRfCzbj94,6141
+lfss/eng/database.py,sha256=2i8gbh1odOA09tS5VU9cUZy3poZUdCx3XX7UX7umtxw,47188
 lfss/eng/datatype.py,sha256=27UB7-l9SICy5lAvKjdzpTL_GohZjzstQcr9PtAq7nM,2709
-lfss/eng/error.py,sha256=sDbXo2R3APJAV0KtoYGCHx2qVZso7svtDzq-WjnzhAw,595
+lfss/eng/error.py,sha256=dAlQHXOnQcSkA2vTugJFSxcyDqoFlPucBoFpTZ7GI6w,654
 lfss/eng/log.py,sha256=u6WRZZsE7iOx6_CV2NHh1ugea26p408FI4WstZh896A,5139
-lfss/eng/thumb.py,sha256=YO1yTI8WzW7pBpQN9x5PtPayxhftb32IJl1zPSS9mks,3243
-lfss/eng/utils.py,sha256=zZ7r9BsNV8XJJVNOxfIqRCO1bxNzh7bc9vEJiCkgbKI,6208
+lfss/eng/thumb.py,sha256=x9jIHHU1tskmp-TavPPcxGpbmEjCp9gbH6ZlsEfqUxY,3383
+lfss/eng/utils.py,sha256=CYEQvPiM28k53hCJBE7N6O6a1xC_wvnP3KZx4DCnD0k,6723
 lfss/sql/init.sql,sha256=8LjHx0TBCkBD62xFfssSeHDqKYVQQJkZAg4rSm046f4,1496
 lfss/sql/pragma.sql,sha256=uENx7xXjARmro-A3XAK8OM8v5AxDMdCCRj47f86UuXg,206
 lfss/svc/app.py,sha256=ftWCpepBx-gTSG7i-TB-IdinPPstAYYQjCgnTfeMZeI,219
-lfss/svc/app_base.py,sha256=nc02DP4iMKP41fRl8M-iAhbHwyb4QJJTKKSJwtdCox4,6617
-lfss/svc/app_dav.py,sha256=nPMdPsYNcgxqHOt5bDaaA0Wy8AdRDJajEda_-KxOoHA,17466
-lfss/svc/app_native.py,sha256=xwMCOWp4ne3rmtiiYhfxETi__V-zPEfHw-c4iWNtXWc,9471
-lfss/svc/common_impl.py,sha256=_biK0F_AAw4PnMNWR0WuHJSRyIp1iTSOOIPBauZCJ9M,12143
+lfss/svc/app_base.py,sha256=BU_DndHW4sYiWUQcTis8iGljmUy8FHfZrzCkE0d1z-Y,6717
+lfss/svc/app_dav.py,sha256=D0KSgjtTktPjIhyIKG5eRmBdh5X8HYFYH151E6gzlbc,18245
+lfss/svc/app_native.py,sha256=6yBRJB8_p4RZgDVheDTv1ClBGc3etrQm94j1NiR4FUQ,9349
+lfss/svc/common_impl.py,sha256=0fjbqHWgqDhLfBEu6aC0Z5qgNt67C7z0Qroj7aV3Iq4,13830
 lfss/svc/request_log.py,sha256=v8yXEIzPjaksu76Oh5vgdbUEUrw8Kt4etLAXBWSGie8,3207
-lfss-0.9.2.dist-info/METADATA,sha256=0Q5klZ2iwBF1ZUQ5iximW02mMmoAM5ib08s0IsdyuLE,2594
-lfss-0.9.2.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
-lfss-0.9.2.dist-info/entry_points.txt,sha256=VJ8svMz7RLtMCgNk99CElx7zo7M-N-z7BWDVw2HA92E,205
-lfss-0.9.2.dist-info/RECORD,,
+lfss-0.9.4.dist-info/METADATA,sha256=3wUuwMRn55Z2lnX9wZRGMVxLbfphSLOk1gX01haFaOw,2594
+lfss-0.9.4.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
+lfss-0.9.4.dist-info/entry_points.txt,sha256=VJ8svMz7RLtMCgNk99CElx7zo7M-N-z7BWDVw2HA92E,205
+lfss-0.9.4.dist-info/RECORD,,

{lfss-0.9.2.dist-info → lfss-0.9.4.dist-info}/WHEEL RENAMED Viewed

File without changes

{lfss-0.9.2.dist-info → lfss-0.9.4.dist-info}/entry_points.txt RENAMED Viewed

File without changes

lfss 0.9.2__py3-none-any.whl → 0.9.4__py3-none-any.whl

lfss 0.9.2py3-none-any.whl → 0.9.4py3-none-any.whl