haiwen/seafile-server
1
0
Fork 0
mirror of https://github.com/haiwen/seafile-server.git synced 2025-09-13 22:01:37 +00:00
Code Issues Releases Wiki Activity

modify some errors and be consistent with pro edition

Browse Source
This commit is contained in:
杨赫然
2019-11-26 14:53:43 +08:00
parent 08c78998c7
commit 9f0083f93b
3 changed files with 59 additions and 88 deletions
Download Patch File Download Diff File Expand all files Collapse all files

69
server/upload-file.c
View File

@@ -42,6 +42,7 @@ enum UploadError {
ERROR_NOT_EXIST,
ERROR_SIZE,
ERROR_QUOTA,
ERROR_FORBIDDEN,
ERROR_RECV,
ERROR_BLOCK_MISSING,
ERROR_INTERNAL,
@@ -59,7 +60,6 @@ typedef struct RecvFSM {
char *user;
char *boundary; /* boundary of multipart form-data. */
char *input_name; /* input name of the current form field. */
gboolean is_parent_dir;
char *parent_dir;
evbuf_t *line; /* buffer for a line */
@@ -292,7 +292,7 @@ check_parent_dir (evhtp_request_t *req, const char *repo_id,
static gboolean
is_parent_matched (const char *upload_dir,
const char *parent_dir)
const char *parent_dir)
{
gboolean ret = TRUE;
char *upload_dir_canon = NULL;
@@ -302,7 +302,7 @@ is_parent_matched (const char *upload_dir,
parent_dir_canon = get_canonical_path (parent_dir);
if (strcmp (upload_dir_canon,parent_dir_canon) != 0) {
ret = FALSE;
ret = FALSE;
}
g_free (upload_dir_canon);
@@ -501,9 +501,9 @@ upload_api_cb(evhtp_request_t *req, void *arg)
if (!check_parent_dir (req, fsm->repo_id, parent_dir))
goto out;
if (!fsm->is_parent_dir || !is_parent_matched (fsm->parent_dir, parent_dir)){
send_error_reply (req, EVHTP_RES_FORBIDDEN, "Invalid parent dir.\n");
goto out;
if (!fsm->parent_dir || !is_parent_matched (fsm->parent_dir, parent_dir)){
error_code = ERROR_FORBIDDEN;
goto error;
}
if (!check_tmp_file_list (fsm->files, &error_code))
@@ -605,6 +605,9 @@ error:
case ERROR_QUOTA:
send_error_reply (req, SEAF_HTTP_RES_NOQUOTA, "Out of quota.\n");
break;
case ERROR_FORBIDDEN:
send_error_reply (req, SEAF_HTTP_RES_FORBIDDEN, "Permission denied.");
break;
case ERROR_RECV:
case ERROR_INTERNAL:
send_error_reply (req, EVHTP_RES_SERVERR, "Internal error\n");
@@ -1169,9 +1172,10 @@ upload_ajax_cb(evhtp_request_t *req, void *arg)
if (!check_parent_dir (req, fsm->repo_id, parent_dir))
goto out;
if (!fsm->is_parent_dir || !is_parent_matched (fsm->parent_dir, parent_dir)){
send_error_reply (req, EVHTP_RES_FORBIDDEN, "Invalid parent dir.\n");
goto out;
if (!fsm->parent_dir || !is_parent_matched (fsm->parent_dir, parent_dir)){
error_code = ERROR_FORBIDDEN;
goto error;
}
if (!check_tmp_file_list (fsm->files, &error_code))
@@ -1266,6 +1270,9 @@ error:
case ERROR_QUOTA:
send_error_reply (req, SEAF_HTTP_RES_NOQUOTA, "Out of quota.");
break;
case ERROR_FORBIDDEN:
send_error_reply (req, SEAF_HTTP_RES_FORBIDDEN, "Permission denied.");
break;
case ERROR_RECV:
case ERROR_INTERNAL:
send_error_reply (req, EVHTP_RES_SERVERR, "Internal error.\n");
@@ -2370,40 +2377,20 @@ get_boundary (evhtp_headers_t *hdr)
return boundary;
}
static gboolean
get_parent_dir_from_obj_id(const char *obj_id, char **parent_dir, gboolean *is_parent_dir){
const char *_parent_dir = NULL;
json_t *object;
json_error_t err;
object = json_loads(obj_id,0,&err);
if (!object) {
return FALSE;
}
_parent_dir = json_object_get_string_member (object, "parent_dir");
if (_parent_dir){
*parent_dir = g_strdup(_parent_dir);
*is_parent_dir = TRUE;
}
json_decref (object);
return TRUE;
}
static int
check_access_token (const char *token,
const char *url_op,
char **repo_id,
char **parent_dir,
char **user,
char **token_type,
gboolean *is_parent_dir)
char **token_type)
{
SeafileWebAccess *webaccess;
const char *op;
const char *_repo_id;
const char *_obj_id;
const char *_parent_dir;
json_t *parent_dir_json;
webaccess = (SeafileWebAccess *)
seaf_web_at_manager_query_access_token (seaf->web_at_mgr, token);
@@ -2417,9 +2404,6 @@ check_access_token (const char *token,
return -1;
}
_obj_id = seafile_web_access_get_obj_id(webaccess);
get_parent_dir_from_obj_id (_obj_id, parent_dir, is_parent_dir);
/* token with op = "upload" can only be used for "upload-*" operations;
* token with op = "update" can only be used for "update-*" operations.
*/
@@ -2438,6 +2422,17 @@ check_access_token (const char *token,
*repo_id = g_strdup (_repo_id);
*user = g_strdup (seafile_web_access_get_username (webaccess));
_obj_id = seafile_web_access_get_obj_id (webaccess);
parent_dir_json = json_loadb (_obj_id, strlen (_obj_id), 0, NULL);
if (parent_dir_json) {
_parent_dir = json_object_get_string_member (parent_dir_json, "parent_dir");
if (_parent_dir){
*parent_dir = g_strdup(_parent_dir);
}
json_decref (parent_dir_json);
}
g_object_unref (webaccess);
return 0;
@@ -2531,7 +2526,6 @@ upload_headers_cb (evhtp_request_t *req, evhtp_headers_t *hdr, void *arg)
char *token_type = NULL;
RecvFSM *fsm = NULL;
Progress *progress = NULL;
gboolean is_parent_dir = FALSE;
if (evhtp_request_get_method(req) == htp_method_OPTIONS) {
return EVHTP_RES_OK;
@@ -2552,7 +2546,7 @@ upload_headers_cb (evhtp_request_t *req, evhtp_headers_t *hdr, void *arg)
}
char *url_op = parts[0];
if (check_access_token (token, url_op, &repo_id, &parent_dir, &user, &token_type, &is_parent_dir) < 0) {
if (check_access_token (token, url_op, &repo_id, &parent_dir, &user, &token_type) < 0) {
err_msg = "Access denied";
goto err;
}
@@ -2588,7 +2582,6 @@ upload_headers_cb (evhtp_request_t *req, evhtp_headers_t *hdr, void *arg)
fsm->boundary = boundary;
fsm->repo_id = repo_id;
fsm->parent_dir = parent_dir;
fsm->is_parent_dir = is_parent_dir;
fsm->user = user;
fsm->token_type = token_type;
fsm->rstart = rstart;