2020-11-29 23:12:56 +00:00
|
|
|
// Sort of an internal API endpoint to make testing easy.
|
|
|
|
// Eventually we could expose this as JSON or Msgpack or whatever. For now
|
|
|
|
// it's just a Rust struct that we can test on without caring about
|
|
|
|
// human-readable HTML
|
|
|
|
|
|
|
|
use std::{
|
|
|
|
collections::HashMap,
|
|
|
|
convert::TryInto,
|
|
|
|
path::{Path, PathBuf},
|
|
|
|
};
|
|
|
|
|
|
|
|
use percent_encoding::percent_decode;
|
|
|
|
use tokio::{
|
|
|
|
fs::{
|
|
|
|
File,
|
|
|
|
read_dir,
|
|
|
|
ReadDir,
|
|
|
|
},
|
|
|
|
io::AsyncReadExt,
|
|
|
|
};
|
|
|
|
|
|
|
|
#[cfg (test)]
|
|
|
|
use always_equal::test::AlwaysEqual;
|
|
|
|
|
|
|
|
#[cfg (not (test))]
|
|
|
|
use always_equal::prod::AlwaysEqual;
|
|
|
|
|
|
|
|
use ptth_core::{
|
|
|
|
http_serde::Method,
|
|
|
|
prefix_match,
|
|
|
|
prelude::*,
|
|
|
|
};
|
|
|
|
|
|
|
|
use crate::{
|
|
|
|
load_toml,
|
|
|
|
};
|
|
|
|
|
|
|
|
use super::{
|
|
|
|
errors::FileServerError,
|
|
|
|
markdown,
|
|
|
|
markdown::render_styled,
|
|
|
|
range,
|
|
|
|
};
|
|
|
|
|
2020-12-15 05:15:17 +00:00
|
|
|
#[derive (Debug, PartialEq)]
|
|
|
|
pub enum OutputFormat {
|
|
|
|
Json,
|
|
|
|
Html,
|
|
|
|
}
|
|
|
|
|
2020-11-29 23:12:56 +00:00
|
|
|
#[derive (Debug, PartialEq)]
|
|
|
|
pub struct ServeDirParams {
|
|
|
|
pub path: PathBuf,
|
|
|
|
pub dir: AlwaysEqual <ReadDir>,
|
2020-12-15 05:15:17 +00:00
|
|
|
pub format: OutputFormat,
|
2020-11-29 23:12:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
#[derive (Debug, PartialEq)]
|
|
|
|
pub struct ServeFileParams {
|
|
|
|
pub send_body: bool,
|
|
|
|
pub range: range::ValidParsed,
|
|
|
|
pub file: AlwaysEqual <File>,
|
|
|
|
}
|
|
|
|
|
|
|
|
#[derive (Debug, PartialEq)]
|
2020-11-29 23:15:45 +00:00
|
|
|
pub enum Response {
|
2020-11-29 23:12:56 +00:00
|
|
|
Favicon,
|
|
|
|
Forbidden,
|
|
|
|
MethodNotAllowed,
|
|
|
|
NotFound,
|
|
|
|
RangeNotSatisfiable (u64),
|
|
|
|
Redirect (String),
|
2020-12-15 05:15:17 +00:00
|
|
|
InvalidQuery,
|
|
|
|
|
2020-11-29 23:12:56 +00:00
|
|
|
Root,
|
|
|
|
ServeDir (ServeDirParams),
|
|
|
|
ServeFile (ServeFileParams),
|
|
|
|
|
|
|
|
MarkdownErr (markdown::Error),
|
|
|
|
MarkdownPreview (String),
|
|
|
|
}
|
|
|
|
|
2020-11-29 23:15:45 +00:00
|
|
|
fn serve_dir (
|
2020-11-29 23:12:56 +00:00
|
|
|
path_s: &str,
|
|
|
|
path: &Path,
|
|
|
|
dir: tokio::fs::ReadDir,
|
|
|
|
full_path: PathBuf,
|
2020-12-15 05:15:17 +00:00
|
|
|
uri: &http::Uri,
|
|
|
|
format: OutputFormat
|
2020-11-29 23:12:56 +00:00
|
|
|
)
|
2020-11-29 23:15:45 +00:00
|
|
|
-> Result <Response, FileServerError>
|
2020-11-29 23:12:56 +00:00
|
|
|
{
|
|
|
|
let has_trailing_slash = path_s.is_empty () || path_s.ends_with ('/');
|
|
|
|
|
|
|
|
if ! has_trailing_slash {
|
|
|
|
let file_name = path.file_name ().ok_or (FileServerError::NoFileNameRequested)?;
|
|
|
|
let file_name = file_name.to_str ().ok_or (FileServerError::FilePathNotUtf8)?;
|
2020-11-29 23:15:45 +00:00
|
|
|
return Ok (Response::Redirect (format! ("{}/", file_name)));
|
2020-11-29 23:12:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if uri.query ().is_some () {
|
2020-11-29 23:15:45 +00:00
|
|
|
return Ok (Response::InvalidQuery);
|
2020-11-29 23:12:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
let dir = dir.into ();
|
|
|
|
|
2020-11-29 23:15:45 +00:00
|
|
|
Ok (Response::ServeDir (ServeDirParams {
|
2020-11-29 23:12:56 +00:00
|
|
|
dir,
|
|
|
|
path: full_path,
|
2020-12-15 05:15:17 +00:00
|
|
|
format,
|
2020-11-29 23:12:56 +00:00
|
|
|
}))
|
|
|
|
}
|
|
|
|
|
2020-11-29 23:15:45 +00:00
|
|
|
async fn serve_file (
|
2020-11-29 23:12:56 +00:00
|
|
|
mut file: tokio::fs::File,
|
|
|
|
uri: &http::Uri,
|
|
|
|
send_body: bool,
|
|
|
|
headers: &HashMap <String, Vec <u8>>
|
|
|
|
)
|
2020-11-29 23:15:45 +00:00
|
|
|
-> Result <Response, FileServerError>
|
2020-11-29 23:12:56 +00:00
|
|
|
{
|
|
|
|
let file_md = file.metadata ().await.map_err (FileServerError::CantGetFileMetadata)?;
|
2020-12-10 06:24:56 +00:00
|
|
|
|
|
|
|
#[cfg (unix)]
|
2020-11-29 23:12:56 +00:00
|
|
|
{
|
2020-12-10 06:24:56 +00:00
|
|
|
use std::os::unix::fs::PermissionsExt;
|
|
|
|
if file_md.permissions ().mode () == load_toml::CONFIG_PERMISSIONS_MODE
|
|
|
|
{
|
|
|
|
return Ok (Response::Forbidden);
|
|
|
|
}
|
2020-11-29 23:12:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
let file_len = file_md.len ();
|
|
|
|
|
|
|
|
let range_header = headers.get ("range").and_then (|v| std::str::from_utf8 (v).ok ());
|
|
|
|
|
|
|
|
Ok (match range::check (range_header, file_len) {
|
2020-11-29 23:15:45 +00:00
|
|
|
range::Parsed::NotSatisfiable (file_len) => Response::RangeNotSatisfiable (file_len),
|
2020-11-29 23:12:56 +00:00
|
|
|
range::Parsed::Valid (range) => {
|
|
|
|
if uri.query () == Some ("as_markdown") {
|
|
|
|
const MAX_BUF_SIZE: u32 = 1_000_000;
|
|
|
|
|
|
|
|
if range.range_requested {
|
2020-11-29 23:15:45 +00:00
|
|
|
return Ok (Response::InvalidQuery);
|
2020-11-29 23:12:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
if file_len > MAX_BUF_SIZE.into () {
|
2020-11-29 23:15:45 +00:00
|
|
|
Response::MarkdownErr (markdown::Error::TooBig)
|
2020-11-29 23:12:56 +00:00
|
|
|
}
|
|
|
|
else {
|
|
|
|
let mut buffer = vec! [0_u8; MAX_BUF_SIZE.try_into ().expect ("Couldn't fit u32 into usize")];
|
|
|
|
let bytes_read = file.read (&mut buffer).await?;
|
|
|
|
buffer.truncate (bytes_read);
|
|
|
|
|
|
|
|
match render_styled (&buffer) {
|
2020-11-29 23:15:45 +00:00
|
|
|
Ok (x) => Response::MarkdownPreview (x),
|
|
|
|
Err (x) => Response::MarkdownErr (x),
|
2020-11-29 23:12:56 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
let file = file.into ();
|
|
|
|
|
2020-11-29 23:15:45 +00:00
|
|
|
Response::ServeFile (ServeFileParams {
|
2020-11-29 23:12:56 +00:00
|
|
|
file,
|
|
|
|
send_body,
|
|
|
|
range,
|
|
|
|
})
|
|
|
|
}
|
|
|
|
},
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2020-12-15 05:15:17 +00:00
|
|
|
async fn serve_api (
|
|
|
|
root: &Path,
|
|
|
|
uri: &http::Uri,
|
|
|
|
hidden_path: Option <&Path>,
|
|
|
|
path: &str
|
|
|
|
)
|
|
|
|
-> Result <Response, FileServerError>
|
|
|
|
{
|
|
|
|
use Response::*;
|
|
|
|
|
2020-12-18 23:41:52 +00:00
|
|
|
// API versioning will be major-only, so I'll keep adding stuff to v1
|
|
|
|
// until I need to deprecate or break something.
|
|
|
|
|
|
|
|
if let Some (path) = prefix_match ("/v1/dir/", path) {
|
|
|
|
let encoded_path = &path [0..];
|
|
|
|
|
|
|
|
let path_s = percent_decode (encoded_path.as_bytes ()).decode_utf8 ().map_err (FileServerError::PathNotUtf8)?;
|
|
|
|
let path = Path::new (&*path_s);
|
|
|
|
|
|
|
|
let full_path = root.join (path);
|
|
|
|
|
|
|
|
debug! ("full_path = {:?}", full_path);
|
|
|
|
|
|
|
|
if let Some (hidden_path) = hidden_path {
|
|
|
|
if full_path == hidden_path {
|
|
|
|
return Ok (Forbidden);
|
2020-12-15 05:15:17 +00:00
|
|
|
}
|
2020-12-18 23:41:52 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return if let Ok (dir) = read_dir (&full_path).await {
|
|
|
|
serve_dir (
|
|
|
|
&path_s,
|
|
|
|
path,
|
|
|
|
dir,
|
|
|
|
full_path,
|
|
|
|
&uri,
|
|
|
|
OutputFormat::Json
|
|
|
|
)
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
Ok (NotFound)
|
|
|
|
};
|
|
|
|
}
|
2020-12-15 05:15:17 +00:00
|
|
|
|
|
|
|
Ok (NotFound)
|
|
|
|
}
|
|
|
|
|
2020-12-18 20:43:34 +00:00
|
|
|
// Handle the requests internally without knowing anything about PTTH or
|
|
|
|
// HTML / handlebars
|
|
|
|
|
2020-11-29 23:15:45 +00:00
|
|
|
pub async fn serve_all (
|
2020-11-29 23:12:56 +00:00
|
|
|
root: &Path,
|
|
|
|
method: Method,
|
|
|
|
uri: &str,
|
|
|
|
headers: &HashMap <String, Vec <u8>>,
|
|
|
|
hidden_path: Option <&Path>
|
|
|
|
)
|
2020-11-29 23:15:45 +00:00
|
|
|
-> Result <Response, FileServerError>
|
2020-11-29 23:12:56 +00:00
|
|
|
{
|
|
|
|
use std::str::FromStr;
|
2020-11-29 23:15:45 +00:00
|
|
|
use Response::*;
|
2020-11-29 23:12:56 +00:00
|
|
|
|
|
|
|
info! ("Client requested {}", uri);
|
|
|
|
|
|
|
|
let uri = http::Uri::from_str (uri).map_err (FileServerError::InvalidUri)?;
|
|
|
|
|
|
|
|
let send_body = match &method {
|
|
|
|
Method::Get => true,
|
|
|
|
Method::Head => false,
|
|
|
|
m => {
|
|
|
|
debug! ("Unsupported method {:?}", m);
|
|
|
|
return Ok (MethodNotAllowed);
|
|
|
|
}
|
|
|
|
};
|
|
|
|
|
2020-12-15 05:15:17 +00:00
|
|
|
let path = uri.path ();
|
|
|
|
|
|
|
|
if path == "/favicon.ico" {
|
2020-11-29 23:12:56 +00:00
|
|
|
return Ok (Favicon);
|
|
|
|
}
|
|
|
|
|
2020-12-15 05:15:17 +00:00
|
|
|
if path == "/" {
|
|
|
|
return Ok (Root);
|
|
|
|
}
|
2020-11-29 23:12:56 +00:00
|
|
|
|
2020-12-15 05:15:17 +00:00
|
|
|
if let Some (path) = prefix_match ("/api", path) {
|
|
|
|
return serve_api (root, &uri, hidden_path, path).await;
|
2020-11-29 23:12:56 +00:00
|
|
|
}
|
|
|
|
|
2020-12-15 05:15:17 +00:00
|
|
|
let path = match prefix_match ("/files/", path) {
|
|
|
|
Some (x) => x,
|
|
|
|
None => return Ok (NotFound),
|
|
|
|
};
|
|
|
|
|
2020-11-29 23:12:56 +00:00
|
|
|
// TODO: There is totally a dir traversal attack in here somewhere
|
|
|
|
|
2020-12-15 05:15:17 +00:00
|
|
|
let encoded_path = &path [0..];
|
2020-11-29 23:12:56 +00:00
|
|
|
|
|
|
|
let path_s = percent_decode (encoded_path.as_bytes ()).decode_utf8 ().map_err (FileServerError::PathNotUtf8)?;
|
|
|
|
let path = Path::new (&*path_s);
|
|
|
|
|
|
|
|
let full_path = root.join (path);
|
|
|
|
|
|
|
|
debug! ("full_path = {:?}", full_path);
|
|
|
|
|
|
|
|
if let Some (hidden_path) = hidden_path {
|
|
|
|
if full_path == hidden_path {
|
|
|
|
return Ok (Forbidden);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if let Ok (dir) = read_dir (&full_path).await {
|
2020-11-29 23:15:45 +00:00
|
|
|
serve_dir (
|
2020-11-29 23:12:56 +00:00
|
|
|
&path_s,
|
|
|
|
path,
|
|
|
|
dir,
|
|
|
|
full_path,
|
2020-12-15 05:15:17 +00:00
|
|
|
&uri,
|
|
|
|
OutputFormat::Html
|
2020-11-29 23:12:56 +00:00
|
|
|
)
|
|
|
|
}
|
|
|
|
else if let Ok (file) = File::open (&full_path).await {
|
2020-11-29 23:15:45 +00:00
|
|
|
serve_file (
|
2020-11-29 23:12:56 +00:00
|
|
|
file,
|
|
|
|
&uri,
|
|
|
|
send_body,
|
|
|
|
headers
|
|
|
|
).await
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
Ok (NotFound)
|
|
|
|
}
|
|
|
|
}
|