haiwen/seafile-server
1
0
Fork 0
mirror of https://github.com/haiwen/seafile-server.git synced 2025-06-30 00:41:50 +00:00
Code Issues Releases Wiki Activity
35f6678c1c
seafile-server/fileserver/share/share.go

647 lines
15 KiB
Go
Raw Normal View History

Go fileserver (#437) * Initial commit for fileserver written in golang. [gofileserver] Fix some syntaxt errors. Add fs backend and objstore test (#352) * Add fs backend and objstore test * modify test case and optimize fs backend * Modify function name and first write temporary files * Don't need to reopen the temp files Add comment for objstore (#354) * Add comment for objstore * Modify comment Add commitmgr and test case (#356) * Add commitmgr and test case * Redefine the interface * Modify comment and interface * Modify parameter and del unused method * Add comment for FromData and ToData Add blockmgr and test case (#357) * Add blockmgr and test case * Modify comment and interface Add fsmgr and test case (#358) * Add fsmgr and test case * Add save interface and error details * Modify errors and comments Add searpc package and test case (#360) * Add searpc package * Add searpc test case * Add return error and add Request struct * Modify returned error * Modify comments add checkPerm (#369) Add file and block download (#363) * Add file and block download * Modify init and use aes algorithm * Get block by offset and add stat method * Modify objID's type * Fix reset pos after add start * Add http error handing and record log when failed to read block or write block to response * Modify http return code and value names * Modify http return code and add log info * Block read add comment and only repeat once load ccnetdb and support sqlite (#371) Add zip download (#372) * Add zip download * Modify pack dir and log info * Modify http return code and use Deflate zip compression methods add /repo/<repo-id>/permission-check (#375) add /<repo-id>/commit/HEAD (#377) add /repo/<repo-id>/commit/<id> (#379) add /repo/<repo-id>/block/<id> (#380) add /repo/<repo-id>/fs-id-list (#383) add /repo/head-commits-multi (#388) Add file upload api (#378) * Add file upload api * Upload api implements post multi files and create relative path * Modify handle error and save files directly * Fix rebase conflict * index block use channel and optimize mkdir with parents * Handle jobs and results in a loop * Mkdir with parents use postMultiFiles and use pointer of SeafDirent * Del diff_simple size_sched virtual_repo * Need to check the path with and without slash * Modify merge trees and add merge test case * Del postFile and don't close results channel * Close the file and remove multipart temp file * Modify merge test case and compare the first name of path * Use pointer of Entries for SeafDir * Add test cases for different situations add /repo/<repo-id>/pack-fs (#389) add POST /<repo-id>/check-fs and /<repo-id>/check-blocks (#396) Merge compute repo (#397) * Add update repo size and merge virtual repo * Eliminate lint warnings * Uncomment merge virtual repo and compute repo size * Need init the dents * Use interface{} param and modify removeElems * Move update dir to file.go and modify logs * Del sync pkg add PUT /<repo-id>/commit/<commit-id> (#400) add PUT /<repo-id>/block/<id> (#401) add POST /<repo-id>/recv-fs (#398) add PUT /<repo-id>/commit/HEAD (#402) Add http return code (#403) Add file update API (#399) * Add file update API * Add GetObjIDByPath and fix change size error * Add traffic statistics for update api add diffTrees unit test (#391) add GET /accessible-repos (#406) add GET /<repo-id>/block-map/<file-id> (#405) Add test update repo size and merge virtual repo (#409) * Update dir need update repo size * Add test update repo size and merge virtual repo * Add delay for test ajax * Add delay before get repo size and modify comment Use go fileserver for unit test (#410) * Use go fileserver for unit test * Blocking scheduling update repo size * Add delay because of sqlite doesn't support concurrency * Post use multipart form encode * Del mysql database when test finished * Fix merge virtual repo failed when use sqlite3 Add upload block API (#412) fixed error Add quota-check API (#426) use diff package * Use central conf for go fileserver (#428) * Use central conf for go fileserver * Fix log error * use store id and remove share get repo owner (#430) * Fix permission error (#432) Co-authored-by: feiniks <36756310+feiniks@users.noreply.github.com> Co-authored-by: Xiangyue Cai <caixiangyue007@gmail.com>
2021-01-04 03:41:53 +00:00
// Package share manages share relations.
// share: manages personal shares and provide high level permission check functions.
package share
import (
"database/sql"
"fmt"
"log"
"path/filepath"
"strconv"
"strings"
"github.com/haiwen/seafile-server/fileserver/repomgr"
)
type group struct {
id int
groupName string
creatorName string
timestamp int64
parentGroupID int
}
var ccnetDB *sql.DB
var seafileDB *sql.DB
var groupTableName string
var cloudMode bool
// Init ccnetDB, seafileDB, groupTableName, cloudMode
func Init(cnDB *sql.DB, seafDB *sql.DB, grpTableName string, clMode bool) {
ccnetDB = cnDB
seafileDB = seafDB
groupTableName = grpTableName
cloudMode = clMode
}
// CheckPerm get user's repo permission
func CheckPerm(repoID string, user string) string {
var perm string
vInfo, err := repomgr.GetVirtualRepoInfo(repoID)
if err != nil {
log.Printf("Failed to get virtual repo info by repo id %s: %v", repoID, err)
}
if vInfo != nil {
perm = checkVirtualRepoPerm(repoID, vInfo.OriginRepoID, user, vInfo.Path)
return perm
}
perm = checkRepoSharePerm(repoID, user)
return perm
}
func checkVirtualRepoPerm(repoID, originRepoID, user, vPath string) string {
owner, err := repomgr.GetRepoOwner(originRepoID)
if err != nil {
log.Printf("Failed to get repo owner: %v", err)
}
var perm string
if owner != "" && owner == user {
perm = "rw"
return perm
}
perm = checkPermOnParentRepo(originRepoID, user, vPath)
if perm != "" {
return perm
}
perm = checkRepoSharePerm(originRepoID, user)
return perm
}
func getUserGroups(sqlStr string, args ...interface{}) ([]group, error) {
rows, err := ccnetDB.Query(sqlStr, args...)
if err != nil {
return nil, err
}
defer rows.Close()
var groups []group
var g group
for rows.Next() {
if err := rows.Scan(&g.id, &g.groupName,
&g.creatorName, &g.timestamp,
&g.parentGroupID); err == nil {
groups = append(groups, g)
}
}
if err := rows.Err(); err != nil {
return nil, err
}
return groups, nil
}
func getGroupsByUser(userName string, returnAncestors bool) ([]group, error) {
sqlStr := fmt.Sprintf("SELECT g.group_id, group_name, creator_name, timestamp, parent_group_id FROM "+
"`%s` g, GroupUser u WHERE g.group_id = u.group_id AND user_name=? ORDER BY g.group_id DESC",
groupTableName)
groups, err := getUserGroups(sqlStr, userName)
if err != nil {
err := fmt.Errorf("Failed to get groups by user %s: %v", userName, err)
return nil, err
}
if !returnAncestors {
return groups, nil
}
sqlStr = ""
var ret []group
for _, group := range groups {
parentGroupID := group.parentGroupID
groupID := group.id
if parentGroupID != 0 {
if sqlStr == "" {
sqlStr = fmt.Sprintf("SELECT path FROM GroupStructure WHERE group_id IN (%d",
groupID)
} else {
sqlStr += fmt.Sprintf(", %d", groupID)
}
} else {
ret = append(ret, group)
}
}
if sqlStr != "" {
sqlStr += ")"
paths, err := getGroupPaths(sqlStr)
if err != nil {
log.Printf("Failed to get group paths: %v", err)
}
if paths == "" {
err := fmt.Errorf("Failed to get groups path for user %s", userName)
return nil, err
}
sqlStr = fmt.Sprintf("SELECT g.group_id, group_name, creator_name, timestamp, parent_group_id FROM "+
"`%s` g WHERE g.group_id IN (%s) ORDER BY g.group_id DESC",
groupTableName, paths)
groups, err := getUserGroups(sqlStr)
if err != nil {
return nil, err
}
ret = append(ret, groups...)
}
return ret, nil
}
func getGroupPaths(sqlStr string) (string, error) {
var paths string
rows, err := ccnetDB.Query(sqlStr)
if err != nil {
return paths, err
}
defer rows.Close()
var path string
for rows.Next() {
rows.Scan(&path)
if paths == "" {
paths = path
} else {
paths += fmt.Sprintf(", %s", path)
}
}
if err := rows.Err(); err != nil {
return "", err
}
return paths, nil
}
func checkGroupPermByUser(repoID string, userName string) (string, error) {
groups, err := getGroupsByUser(userName, false)
if err != nil {
return "", err
}
if len(groups) == 0 {
return "", nil
}
var sqlBuilder strings.Builder
sqlBuilder.WriteString("SELECT permission FROM RepoGroup WHERE repo_id = ? AND group_id IN (")
for i := 0; i < len(groups); i++ {
sqlBuilder.WriteString(strconv.Itoa(groups[i].id))
if i+1 < len(groups) {
sqlBuilder.WriteString(",")
}
}
sqlBuilder.WriteString(")")
rows, err := seafileDB.Query(sqlBuilder.String(), repoID)
if err != nil {
err := fmt.Errorf("Failed to get group permission by user %s: %v", userName, err)
return "", err
}
defer rows.Close()
var perm string
var origPerm string
for rows.Next() {
if err := rows.Scan(&perm); err == nil {
if perm == "rw" {
origPerm = perm
} else if perm == "r" && origPerm == "" {
origPerm = perm
}
}
}
if err := rows.Err(); err != nil {
err := fmt.Errorf("Failed to get group permission for user %s: %v", userName, err)
return "", err
}
return origPerm, nil
}
func checkSharedRepoPerm(repoID string, email string) (string, error) {
sqlStr := "SELECT permission FROM SharedRepo WHERE repo_id=? AND to_email=?"
row := seafileDB.QueryRow(sqlStr, repoID, email)
var perm string
if err := row.Scan(&perm); err != nil {
if err != sql.ErrNoRows {
err := fmt.Errorf("Failed to check shared repo permission: %v", err)
return "", err
}
}
return perm, nil
}
func checkInnerPubRepoPerm(repoID string) (string, error) {
sqlStr := "SELECT permission FROM InnerPubRepo WHERE repo_id=?"
row := seafileDB.QueryRow(sqlStr, repoID)
var perm string
if err := row.Scan(&perm); err != nil {
if err != sql.ErrNoRows {
err := fmt.Errorf("Failed to check inner public repo permission: %v", err)
return "", err
}
}
return perm, nil
}
func checkRepoSharePerm(repoID string, userName string) string {
owner, err := repomgr.GetRepoOwner(repoID)
if err != nil {
log.Printf("Failed to get repo owner: %v", err)
}
if owner != "" && owner == userName {
perm := "rw"
return perm
}
perm, err := checkSharedRepoPerm(repoID, userName)
if err != nil {
log.Printf("Failed to get shared repo permission: %v", err)
}
if perm != "" {
return perm
}
perm, err = checkGroupPermByUser(repoID, userName)
if err != nil {
log.Printf("Failed to get group permission by user %s: %v", userName, err)
}
if perm != "" {
return perm
}
if !cloudMode {
perm, err = checkInnerPubRepoPerm(repoID)
if err != nil {
log.Printf("Failed to get inner pulic repo permission by repo id %s: %v", repoID, err)
return ""
}
return perm
}
return ""
}
func getSharedDirsToUser(originRepoID string, toEmail string) (map[string]string, error) {
dirs := make(map[string]string)
sqlStr := "SELECT v.path, s.permission FROM SharedRepo s, VirtualRepo v WHERE " +
"s.repo_id = v.repo_id AND s.to_email = ? AND v.origin_repo = ?"
rows, err := seafileDB.Query(sqlStr, toEmail, originRepoID)
if err != nil {
err := fmt.Errorf("Failed to get shared directories by user %s: %v", toEmail, err)
return nil, err
}
defer rows.Close()
var path string
var perm string
for rows.Next() {
if err := rows.Scan(&path, &perm); err == nil {
dirs[path] = perm
}
}
if err := rows.Err(); err != nil {
err := fmt.Errorf("Failed to get shared directories by user %s: %v", toEmail, err)
return nil, err
}
return dirs, nil
}
func getDirPerm(perms map[string]string, path string) string {
tmp := path
var perm string
for tmp != "" {
if perm, exists := perms[tmp]; exists {
return perm
}
tmp = filepath.Dir(tmp)
}
return perm
}
func convertGroupListToStr(groups []group) string {
var groupIDs strings.Builder
for i, group := range groups {
groupIDs.WriteString(strconv.Itoa(group.id))
if i+1 < len(groups) {
groupIDs.WriteString(",")
}
}
return groupIDs.String()
}
func getSharedDirsToGroup(originRepoID string, groups []group) (map[string]string, error) {
dirs := make(map[string]string)
groupIDs := convertGroupListToStr(groups)
sqlStr := fmt.Sprintf("SELECT v.path, s.permission "+
"FROM RepoGroup s, VirtualRepo v WHERE "+
"s.repo_id = v.repo_id AND v.origin_repo = ? "+
"AND s.group_id in (%s)", groupIDs)
rows, err := seafileDB.Query(sqlStr, originRepoID)
if err != nil {
err := fmt.Errorf("Failed to get shared directories: %v", err)
return nil, err
}
defer rows.Close()
var path string
var perm string
for rows.Next() {
if err := rows.Scan(&path, &perm); err == nil {
dirs[path] = perm
}
}
if err := rows.Err(); err != nil {
err := fmt.Errorf("Failed to get shared directories: %v", err)
return nil, err
}
return dirs, nil
}
func checkPermOnParentRepo(originRepoID, user, vPath string) string {
var perm string
userPerms, err := getSharedDirsToUser(originRepoID, user)
if err != nil {
log.Printf("Failed to get all shared folder perms in parent repo %.8s for user %s", originRepoID, user)
return ""
}
if len(userPerms) > 0 {
perm = getDirPerm(userPerms, vPath)
if perm != "" {
return perm
}
}
groups, err := getGroupsByUser(user, false)
if err != nil {
log.Printf("Failed to get groups by user %s: %v", user, err)
}
if len(groups) == 0 {
return perm
}
groupPerms, err := getSharedDirsToGroup(originRepoID, groups)
if err != nil {
log.Printf("Failed to get all shared folder perm from parent repo %.8s to all user groups", originRepoID)
return ""
}
if len(groupPerms) == 0 {
return ""
}
perm = getDirPerm(groupPerms, vPath)
return perm
}
// SharedRepo is a shared repo object
type SharedRepo struct {
Version int `json:"version"`
ID string `json:"id"`
HeadCommitID string `json:"head_commit_id"`
Name string `json:"name"`
MTime int64 `json:"mtime"`
Permission string `json:"permission"`
Type string `json:"type"`
Owner string `json:"owner"`
}
// GetReposByOwner get repos by owner
func GetReposByOwner(email string) ([]*SharedRepo, error) {
var repos []*SharedRepo
query := "SELECT o.repo_id, b.commit_id, i.name, " +
"i.version, i.update_time, i.last_modifier FROM " +
"RepoOwner o LEFT JOIN Branch b ON o.repo_id = b.repo_id " +
"LEFT JOIN RepoInfo i ON o.repo_id = i.repo_id " +
"WHERE owner_id=? AND " +
"o.repo_id NOT IN (SELECT v.repo_id FROM VirtualRepo v) " +
"ORDER BY i.update_time DESC, o.repo_id"
stmt, err := seafileDB.Prepare(query)
if err != nil {
return nil, err
}
defer stmt.Close()
rows, err := stmt.Query(email)
if err != nil {
return nil, err
}
defer rows.Close()
for rows.Next() {
repo := new(SharedRepo)
var repoName, lastModifier sql.NullString
if err := rows.Scan(&repo.ID, &repo.HeadCommitID,
&repoName, &repo.Version, &repo.MTime,
&lastModifier); err == nil {
if repo.HeadCommitID == "" {
continue
}
if !repoName.Valid || !lastModifier.Valid {
continue
}
if repoName.String == "" || lastModifier.String == "" {
continue
}
repo.Name = repoName.String
repos = append(repos, repo)
}
}
if err := rows.Err(); err != nil {
return nil, err
}
return repos, nil
}
// ListInnerPubRepos get inner public repos
func ListInnerPubRepos() ([]*SharedRepo, error) {
query := "SELECT InnerPubRepo.repo_id, " +
"owner_id, permission, commit_id, i.name, " +
"i.update_time, i.version " +
"FROM InnerPubRepo " +
"LEFT JOIN RepoInfo i ON InnerPubRepo.repo_id = i.repo_id, RepoOwner, Branch " +
"WHERE InnerPubRepo.repo_id=RepoOwner.repo_id AND " +
"InnerPubRepo.repo_id = Branch.repo_id AND Branch.name = 'master'"
stmt, err := seafileDB.Prepare(query)
if err != nil {
return nil, err
}
defer stmt.Close()
rows, err := stmt.Query()
if err != nil {
return nil, err
}
defer rows.Close()
var repos []*SharedRepo
for rows.Next() {
repo := new(SharedRepo)
var repoName sql.NullString
if err := rows.Scan(&repo.ID, &repo.Owner,
&repo.Permission, &repo.HeadCommitID, &repoName,
&repo.MTime, &repo.Version); err == nil {
if !repoName.Valid {
continue
}
if repoName.String == "" {
continue
}
repo.Name = repoName.String
repos = append(repos, repo)
}
}
if err := rows.Err(); err != nil {
return nil, err
}
return repos, nil
}
// ListShareRepos list share repos by email
func ListShareRepos(email, columnType string) ([]*SharedRepo, error) {
var repos []*SharedRepo
var query string
if columnType == "from_email" {
query = "SELECT sh.repo_id, to_email, " +
"permission, commit_id, " +
"i.name, i.update_time, i.version FROM " +
"SharedRepo sh LEFT JOIN RepoInfo i ON sh.repo_id = i.repo_id, Branch b " +
"WHERE from_email=? AND " +
"sh.repo_id = b.repo_id AND " +
"b.name = 'master' " +
"ORDER BY i.update_time DESC, sh.repo_id"
} else if columnType == "to_email" {
query = "SELECT sh.repo_id, from_email, " +
"permission, commit_id, " +
"i.name, i.update_time, i.version FROM " +
"SharedRepo sh LEFT JOIN RepoInfo i ON sh.repo_id = i.repo_id, Branch b " +
"WHERE to_email=? AND " +
"sh.repo_id = b.repo_id AND " +
"b.name = 'master' " +
"ORDER BY i.update_time DESC, sh.repo_id"
} else {
err := fmt.Errorf("Wrong column type: %s", columnType)
return nil, err
}
stmt, err := seafileDB.Prepare(query)
if err != nil {
return nil, err
}
defer stmt.Close()
rows, err := stmt.Query(email)
if err != nil {
return nil, err
}
defer rows.Close()
for rows.Next() {
repo := new(SharedRepo)
var repoName sql.NullString
if err := rows.Scan(&repo.ID, &repo.Owner,
&repo.Permission, &repo.HeadCommitID,
&repoName, &repo.MTime, &repo.Version); err == nil {
if !repoName.Valid {
continue
}
if repoName.String == "" {
continue
}
repo.Name = repoName.String
repos = append(repos, repo)
}
}
if err := rows.Err(); err != nil {
return nil, err
}
return repos, nil
}
[go] Move position for GetGroupReposByUser in share.go
2021-08-02 08:40:06 +00:00
// GetGroupReposByUser get group repos by user
func GetGroupReposByUser(user string, orgID int) ([]*SharedRepo, error) {
groups, err := getGroupsByUser(user, true)
if err != nil {
return nil, err
}
if len(groups) == 0 {
return nil, nil
}
var sqlBuilder strings.Builder
if orgID < 0 {
sqlBuilder.WriteString("SELECT g.repo_id, " +
"user_name, permission, commit_id, " +
"i.name, i.update_time, i.version " +
"FROM RepoGroup g " +
"LEFT JOIN RepoInfo i ON g.repo_id = i.repo_id, " +
"Branch b WHERE g.repo_id = b.repo_id AND " +
"b.name = 'master' AND group_id IN (")
} else {
sqlBuilder.WriteString("SELECT g.repo_id, " +
"owner, permission, commit_id, " +
"i.name, i.update_time, i.version " +
"FROM OrgGroupRepo g " +
"LEFT JOIN RepoInfo i ON g.repo_id = i.repo_id, " +
"Branch b WHERE g.repo_id = b.repo_id AND " +
"b.name = 'master' AND group_id IN (")
}
for i := 0; i < len(groups); i++ {
sqlBuilder.WriteString(strconv.Itoa(groups[i].id))
if i+1 < len(groups) {
sqlBuilder.WriteString(",")
}
}
sqlBuilder.WriteString(" ) ORDER BY group_id")
rows, err := seafileDB.Query(sqlBuilder.String())
if err != nil {
return nil, err
}
defer rows.Close()
var repos []*SharedRepo
for rows.Next() {
gRepo := new(SharedRepo)
if err := rows.Scan(&gRepo.ID, &gRepo.Owner,
&gRepo.Permission, &gRepo.HeadCommitID,
&gRepo.Name, &gRepo.MTime, &gRepo.Version); err == nil {
repos = append(repos, gRepo)
}
}
if err := rows.Err(); err != nil {
return nil, err
}
return repos, nil
}
Reference in New Issue Copy Permalink