| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301 | package share/*	Arozos File Share Manager	author: tobychui	This module handle file share request and other stuffs*/import (	"encoding/json"	"errors"	"fmt"	"image"	"image/color"	"image/draw"	"image/jpeg"	"io"	"io/fs"	"io/ioutil"	"log"	"math"	"mime"	"net/http"	"net/url"	"os"	"path/filepath"	"sort"	"strconv"	"strings"	"time"	"github.com/golang/freetype"	"github.com/nfnt/resize"	uuid "github.com/satori/go.uuid"	"github.com/valyala/fasttemplate"	"imuslab.com/arozos/mod/auth"	"imuslab.com/arozos/mod/common"	filesystem "imuslab.com/arozos/mod/filesystem"	"imuslab.com/arozos/mod/filesystem/metadata"	"imuslab.com/arozos/mod/share/shareEntry"	"imuslab.com/arozos/mod/user")type Options struct {	AuthAgent       *auth.AuthAgent	UserHandler     *user.UserHandler	ShareEntryTable *shareEntry.ShareEntryTable	HostName        string	TmpFolder       string}type Manager struct {	options Options}//Create a new Share Managerfunc NewShareManager(options Options) *Manager {	//Return a new manager object	return &Manager{		options: options,	}}func (s *Manager) HandleOPGServing(w http.ResponseWriter, r *http.Request, shareID string) {	shareEntry := s.GetShareObjectFromUUID(shareID)	if shareEntry == nil {		//This share is not valid		http.NotFound(w, r)		return	}	//Overlap and generate opg	//Load in base template	baseTemplate, err := os.Open("./system/share/default_opg.png")	if err != nil {		fmt.Println("[share/opg] " + err.Error())		http.NotFound(w, r)		return	}	base, _, err := image.Decode(baseTemplate)	if err != nil {		fmt.Println("[share/opg] " + err.Error())		http.NotFound(w, r)		return	}	//Create base canvas	rx := image.Rectangle{image.Point{0, 0}, base.Bounds().Size()}	resultopg := image.NewRGBA(rx)	draw.Draw(resultopg, base.Bounds(), base, image.Point{0, 0}, draw.Src)	//Append filename to the image	fontBytes, err := ioutil.ReadFile("./system/share/fonts/TaipeiSansTCBeta-Light.ttf")	if err != nil {		fmt.Println("[share/opg] " + err.Error())		http.NotFound(w, r)		return	}	utf8Font, err := freetype.ParseFont(fontBytes)	if err != nil {		fmt.Println("[share/opg] " + err.Error())		http.NotFound(w, r)		return	}	fontSize := float64(42)	ctx := freetype.NewContext()	ctx.SetDPI(72)	ctx.SetFont(utf8Font)	ctx.SetFontSize(fontSize)	ctx.SetClip(resultopg.Bounds())	ctx.SetDst(resultopg)	ctx.SetSrc(image.NewUniform(color.RGBA{255, 255, 255, 255}))	//Check if we need to split the filename into two lines	filename := filepath.Base(shareEntry.FileRealPath)	filenameOnly := strings.TrimSuffix(filename, filepath.Ext(filename))	fs := filesystem.GetFileSize(shareEntry.FileRealPath)	shareMeta := filepath.Ext(shareEntry.FileRealPath) + " / " + filesystem.GetFileDisplaySize(fs, 2)	if isDir(shareEntry.FileRealPath) {		fs, fc := filesystem.GetDirctorySize(shareEntry.FileRealPath, false)		shareMeta = strconv.Itoa(fc) + " items / " + filesystem.GetFileDisplaySize(fs, 2)	}	if len([]rune(filename)) > 20 {		//Split into lines		lines := []string{}		for i := 0; i < len([]rune(filenameOnly)); i += 20 {			endPos := int(math.Min(float64(len([]rune(filenameOnly))), float64(i+20)))			lines = append(lines, string([]rune(filenameOnly)[i:endPos]))		}		for j, line := range lines {			pt := freetype.Pt(100, (j+1)*60+int(ctx.PointToFixed(fontSize)>>6))			_, err = ctx.DrawString(line, pt)			if err != nil {				fmt.Println("[share/opg] " + err.Error())				return			}		}		fontSize = 36		ctx.SetFontSize(fontSize)		pt := freetype.Pt(100, (len(lines)+1)*60+int(ctx.PointToFixed(fontSize)>>6))		_, err = ctx.DrawString(shareMeta, pt)		if err != nil {			fmt.Println("[share/opg] " + err.Error())			http.NotFound(w, r)			return		}	} else {		//One liner		pt := freetype.Pt(100, 60+int(ctx.PointToFixed(fontSize)>>6))		_, err = ctx.DrawString(filenameOnly, pt)		if err != nil {			fmt.Println("[share/opg] " + err.Error())			http.NotFound(w, r)			return		}		fontSize = 36		ctx.SetFontSize(fontSize)		pt = freetype.Pt(100, 120+int(ctx.PointToFixed(fontSize)>>6))		_, err = ctx.DrawString(shareMeta, pt)		if err != nil {			fmt.Println("[share/opg] " + err.Error())			http.NotFound(w, r)			return		}	}	//Get thumbnail	ownerinfo, err := s.options.UserHandler.GetUserInfoFromUsername(shareEntry.Owner)	if err != nil {		fmt.Println("[share/opg] " + err.Error())		http.NotFound(w, r)		return	}	fsh, err := ownerinfo.GetFileSystemHandlerFromVirtualPath(shareEntry.FileVirtualPath)	if err != nil {		fmt.Println("[share/opg] " + err.Error())		http.NotFound(w, r)		return	}	rpath, _ := fsh.FileSystemAbstraction.VirtualPathToRealPath(shareEntry.FileVirtualPath, shareEntry.Owner)	cacheFileImagePath, err := metadata.GetCacheFilePath(fsh, rpath)	if err == nil {		//We got a thumbnail for this file. Render it as well		thumbnailFile, err := os.Open(cacheFileImagePath)		if err != nil {			fmt.Println("[share/opg] " + err.Error())			http.NotFound(w, r)			return		}		thumb, _, err := image.Decode(thumbnailFile)		if err != nil {			fmt.Println("[share/opg] " + err.Error())			http.NotFound(w, r)			return		}		resizedThumb := resize.Resize(250, 0, thumb, resize.Lanczos3)		draw.Draw(resultopg, resultopg.Bounds(), resizedThumb, image.Point{-(resultopg.Bounds().Dx() - resizedThumb.Bounds().Dx() - 90), -60}, draw.Over)	} else if isDir(shareEntry.FileRealPath) {		//Is directory but no thumbnail. Use default foldr share thumbnail		thumbnailFile, err := os.Open("./system/share/folder.png")		if err != nil {			fmt.Println("[share/opg] " + err.Error())			http.NotFound(w, r)			return		}		thumb, _, err := image.Decode(thumbnailFile)		if err != nil {			fmt.Println("[share/opg] " + err.Error())			http.NotFound(w, r)			return		}		resizedThumb := resize.Resize(250, 0, thumb, resize.Lanczos3)		draw.Draw(resultopg, resultopg.Bounds(), resizedThumb, image.Point{-(resultopg.Bounds().Dx() - resizedThumb.Bounds().Dx() - 90), -60}, draw.Over)	}	w.Header().Set("Content-Type", "image/jpeg")	jpeg.Encode(w, resultopg, nil)}//Main function for handle share. Must be called with http.HandleFunc (No auth)func (s *Manager) HandleShareAccess(w http.ResponseWriter, r *http.Request) {	//New download method variables	subpathElements := []string{}	directDownload := false	directServe := false	relpath := ""	id, err := mv(r, "id", false)	if err != nil {		//ID is not defined in the URL paramter. New ID defination is based on the subpath content		requestURI := filepath.ToSlash(filepath.Clean(r.URL.Path))		subpathElements = strings.Split(requestURI[1:], "/")		if len(subpathElements) == 2 {			//E.g. /share/{id} => Show the download page			id = subpathElements[1]			//Check if there is missing / at the end. Redirect if true			if r.URL.Path[len(r.URL.Path)-1:] != "/" {				http.Redirect(w, r, r.URL.Path+"/", http.StatusTemporaryRedirect)				return			}		} else if len(subpathElements) >= 3 {			//E.g. /share/download/{uuid} or /share/preview/{uuid}			id = subpathElements[2]			if subpathElements[1] == "download" {				directDownload = true				//Check if this contain a subpath				if len(subpathElements) > 3 {					relpath = strings.Join(subpathElements[3:], "/")				}			} else if subpathElements[1] == "preview" {				directServe = true			} else if len(subpathElements) == 3 {				//Check if the last element is the filename				if strings.Contains(subpathElements[2], ".") {					//Share link contain filename. Redirect to share interface					http.Redirect(w, r, "./", http.StatusTemporaryRedirect)					return				} else {					//Incorrect operation type					w.WriteHeader(http.StatusBadRequest)					w.Header().Set("Content-Type", "text/plain") // this					w.Write([]byte("400 - Operation type not supported: " + subpathElements[1]))					return				}			} else if len(subpathElements) >= 4 {				if subpathElements[1] == "opg" {					//Handle serving opg preview image, usually with					// /share/opg/{req.timestamp}/{uuid}					s.HandleOPGServing(w, r, subpathElements[3])					return				}				//Invalid operation type				w.WriteHeader(http.StatusBadRequest)				w.Header().Set("Content-Type", "text/plain") // this				w.Write([]byte("400 - Operation type not supported: " + subpathElements[1]))				return			}		} else if len(subpathElements) == 1 {			//ID is missing. Serve the id input page			content, err := ioutil.ReadFile("system/share/index.html")			if err != nil {				//Handling index not found. Is server updated correctly?				w.WriteHeader(http.StatusInternalServerError)				w.Write([]byte("500 - Internal Server Error"))				return			}			t := fasttemplate.New(string(content), "{{", "}}")			s := t.ExecuteString(map[string]interface{}{				"hostname": s.options.HostName,			})			w.Write([]byte(s))			return		} else {			http.NotFound(w, r)			return		}	} else {		//Parse and redirect to new share path		download, _ := mv(r, "download", false)		if download == "true" {			directDownload = true		}		serve, _ := mv(r, "serve", false)		if serve == "true" {			directServe = true		}		relpath, _ = mv(r, "rel", false)		redirectURL := "./" + id + "/"		if directDownload == true {			redirectURL = "./download/" + id + "/"		}		http.Redirect(w, r, redirectURL, http.StatusTemporaryRedirect)		return	}	//Check if id exists	val, ok := s.options.ShareEntryTable.UrlToFileMap.Load(id)	if ok {		//Parse the option structure		shareOption := val.(*shareEntry.ShareOption)		//Check for permission		if shareOption.Permission == "anyone" {			//OK to proceed		} else if shareOption.Permission == "signedin" {			if !s.options.AuthAgent.CheckAuth(r) {				//Redirect to login page				if directDownload || directServe {					w.WriteHeader(http.StatusUnauthorized)					w.Write([]byte("401 - Unauthorized"))				} else {					http.Redirect(w, r, common.ConstructRelativePathFromRequestURL(r.RequestURI, "login.system")+"?redirect=/share/"+id, 307)				}				return			} else {				//Ok to proccedd			}		} else if shareOption.Permission == "samegroup" {			thisuserinfo, err := s.options.UserHandler.GetUserInfoFromRequest(w, r)			if err != nil {				if directDownload || directServe {					w.WriteHeader(http.StatusUnauthorized)					w.Write([]byte("401 - Unauthorized"))				} else {					http.Redirect(w, r, common.ConstructRelativePathFromRequestURL(r.RequestURI, "login.system")+"?redirect=/share/"+id, 307)				}				return			}			//Check if all the user groups are inside the share owner groups			valid := true			thisUsersGroupByName := []string{}			for _, pg := range thisuserinfo.PermissionGroup {				thisUsersGroupByName = append(thisUsersGroupByName, pg.Name)			}			for _, allowedpg := range shareOption.Accessibles {				if inArray(thisUsersGroupByName, allowedpg) {					//This required group is inside this user's group. OK				} else {					//This required group is not inside user's group. Reject					valid = false				}			}			if !valid {				//Serve permission denied page				if directDownload || directServe {					w.WriteHeader(http.StatusForbidden)					w.Write([]byte("401 - Forbidden"))				} else {					ServePermissionDeniedPage(w)				}				return			}		} else if shareOption.Permission == "users" {			thisuserinfo, err := s.options.UserHandler.GetUserInfoFromRequest(w, r)			if err != nil {				//User not logged in. Redirect to login page				if directDownload || directServe {					w.WriteHeader(http.StatusUnauthorized)					w.Write([]byte("401 - Unauthorized"))				} else {					http.Redirect(w, r, common.ConstructRelativePathFromRequestURL(r.RequestURI, "login.system")+"?redirect=/share/"+id, 307)				}				return			}			//Check if username in the allowed user list			if !inArray(shareOption.Accessibles, thisuserinfo.Username) && shareOption.Owner != thisuserinfo.Username {				//Serve permission denied page				if directDownload || directServe {					w.WriteHeader(http.StatusForbidden)					w.Write([]byte("401 - Forbidden"))				} else {					ServePermissionDeniedPage(w)				}				return			}		} else if shareOption.Permission == "groups" {			thisuserinfo, err := s.options.UserHandler.GetUserInfoFromRequest(w, r)			if err != nil {				//User not logged in. Redirect to login page				if directDownload || directServe {					w.WriteHeader(http.StatusUnauthorized)					w.Write([]byte("401 - Unauthorized"))				} else {					http.Redirect(w, r, common.ConstructRelativePathFromRequestURL(r.RequestURI, "login.system")+"?redirect=/share/"+id, 307)				}				return			}			allowAccess := false			thisUsersGroupByName := []string{}			for _, pg := range thisuserinfo.PermissionGroup {				thisUsersGroupByName = append(thisUsersGroupByName, pg.Name)			}			for _, thisUserPg := range thisUsersGroupByName {				if inArray(shareOption.Accessibles, thisUserPg) {					allowAccess = true				}			}			if !allowAccess {				//Serve permission denied page				if directDownload || directServe {					w.WriteHeader(http.StatusForbidden)					w.Write([]byte("401 - Forbidden"))				} else {					ServePermissionDeniedPage(w)				}				return			}		} else {			//Unsupported mode. Show notfound			http.NotFound(w, r)			return		}		//Resolve the fsh from the entry		owner, err := s.options.UserHandler.GetUserInfoFromUsername(shareOption.Owner)		if err != nil {			w.WriteHeader(http.StatusForbidden)			w.Write([]byte("401 - Share account not exists"))			return		}		targetFsh, err := owner.GetFileSystemHandlerFromVirtualPath(shareOption.FileVirtualPath)		if err != nil {			w.WriteHeader(http.StatusInternalServerError)			w.Write([]byte("500 - Unable to load Shared File"))			return		}		targetFshAbs := targetFsh.FileSystemAbstraction		fileRuntimeAbsPath, _ := targetFshAbs.VirtualPathToRealPath(shareOption.FileVirtualPath, owner.Username)		if !targetFshAbs.FileExists(fileRuntimeAbsPath) {			http.NotFound(w, r)			return		}		//Serve the download page		if targetFshAbs.IsDir(fileRuntimeAbsPath) {			//This share is a folder			type File struct {				Filename string				RelPath  string				Filesize string				IsDir    bool			}			if directDownload {				if relpath != "" {					//User specified a specific file within the directory. Escape the relpath					targetFilepath := filepath.Join(fileRuntimeAbsPath, relpath)					//Check if file exists					if !targetFshAbs.FileExists(targetFilepath) {						http.NotFound(w, r)						return					}					//Validate the absolute path to prevent path escape					reqPath := filepath.ToSlash(filepath.Clean(targetFilepath))					rootPath, _ := targetFshAbs.VirtualPathToRealPath(shareOption.FileVirtualPath, shareOption.Owner)					if !strings.HasPrefix(reqPath, rootPath) {						//Directory escape detected						w.WriteHeader(http.StatusBadRequest)						w.Write([]byte("400 - Bad Request: Invalid relative path"))						return					}					//Serve the target file					w.Header().Set("Content-Disposition", "attachment; filename*=UTF-8''"+strings.ReplaceAll(url.QueryEscape(filepath.Base(targetFilepath)), "+", "%20"))					w.Header().Set("Content-Type", r.Header.Get("Content-Type"))					//http.ServeFile(w, r, targetFilepath)					f, _ := targetFshAbs.ReadStream(targetFilepath)					io.Copy(w, f)					f.Close()				} else {					//Download this folder as zip					//Create a zip using ArOZ Zipper, tmp zip files are located under tmp/share-cache/*.zip					tmpFolder := s.options.TmpFolder					tmpFolder = filepath.Join(tmpFolder, "share-cache")					os.MkdirAll(tmpFolder, 0755)					targetZipFilename := filepath.Join(tmpFolder, filepath.Base(fileRuntimeAbsPath)) + ".zip"					//Check if the target fs require buffer					zippingSource := shareOption.FileRealPath					localBuff := ""					if targetFsh.RequireBuffer {						//Buffer all the required files for zipping						localBuff = filepath.Join(tmpFolder, uuid.NewV4().String(), filepath.Base(fileRuntimeAbsPath))						os.MkdirAll(localBuff, 0755)						//Buffer all files into tmp folder						targetFshAbs.Walk(fileRuntimeAbsPath, func(path string, info fs.FileInfo, err error) error {							relPath := strings.TrimPrefix(filepath.ToSlash(path), filepath.ToSlash(fileRuntimeAbsPath))							localPath := filepath.Join(localBuff, relPath)							if info.IsDir() {								os.MkdirAll(localPath, 0755)							} else {								f, err := targetFshAbs.ReadStream(path)								if err != nil {									log.Println("[Share] Buffer and zip download operation failed: ", err)								}								defer f.Close()								dest, err := os.OpenFile(localPath, os.O_CREATE|os.O_WRONLY, 0775)								if err != nil {									log.Println("[Share] Buffer and zip download operation failed: ", err)								}								defer dest.Close()								_, err = io.Copy(dest, f)								if err != nil {									log.Println("[Share] Buffer and zip download operation failed: ", err)								}							}							return nil						})						zippingSource = localBuff					}					//Build a filelist					err := filesystem.ArozZipFile([]string{zippingSource}, targetZipFilename, false)					if err != nil {						//Failed to create zip file						w.WriteHeader(http.StatusInternalServerError)						w.Write([]byte("500 - Internal Server Error: Zip file creation failed"))						log.Println("Failed to create zip file for share download: " + err.Error())						return					}					//Serve thje zip file					w.Header().Set("Content-Disposition", "attachment; filename*=UTF-8''"+strings.ReplaceAll(url.QueryEscape(filepath.Base(shareOption.FileRealPath)), "+", "%20")+".zip")					w.Header().Set("Content-Type", r.Header.Get("Content-Type"))					http.ServeFile(w, r, targetZipFilename)					//Remove the buffer file if exists					if targetFsh.RequireBuffer {						os.RemoveAll(filepath.Dir(localBuff))					}				}			} else if directServe {				//Folder provide no direct serve method.				w.WriteHeader(http.StatusBadRequest)				w.Write([]byte("400 - Cannot preview folder type shares"))				return			} else {				//Show download page. Do not allow serving				content, err := ioutil.ReadFile("./system/share/downloadPageFolder.html")				if err != nil {					http.NotFound(w, r)					return				}				//Get file size				fsize, fcount := targetFsh.GetDirctorySizeFromRealPath(fileRuntimeAbsPath, false)				//Build the tree list of the folder				treeList := map[string][]File{}				err = targetFshAbs.Walk(filepath.Clean(fileRuntimeAbsPath), func(file string, info os.FileInfo, err error) error {					if err != nil {						//If error skip this						return nil					}					if filepath.Base(file)[:1] != "." {						fileSize := targetFshAbs.GetFileSize(file)						if targetFshAbs.IsDir(file) {							fileSize, _ = targetFsh.GetDirctorySizeFromRealPath(file, false)						}						relPath, err := filepath.Rel(fileRuntimeAbsPath, file)						if err != nil {							relPath = ""						}						relPath = filepath.ToSlash(filepath.Clean(relPath))						relDir := filepath.ToSlash(filepath.Dir(relPath))						if relPath == "." {							//The root file object. Skip this							return nil						}						treeList[relDir] = append(treeList[relDir], File{							Filename: filepath.Base(file),							RelPath:  filepath.ToSlash(relPath),							Filesize: filesystem.GetFileDisplaySize(fileSize, 2),							IsDir:    targetFshAbs.IsDir(file),						})					}					return nil				})				if err != nil {					w.WriteHeader(http.StatusInternalServerError)					w.Write([]byte("500 - Internal Server Error"))					return				}				tl, _ := json.Marshal(treeList)				//Get modification time				fmodtime, _ := targetFshAbs.GetModTime(fileRuntimeAbsPath)				timeString := time.Unix(fmodtime, 0).Format("02-01-2006 15:04:05")				t := fasttemplate.New(string(content), "{{", "}}")				s := t.ExecuteString(map[string]interface{}{					"hostname":     s.options.HostName,					"host":         r.Host,					"reqid":        id,					"mime":         "application/x-directory",					"size":         filesystem.GetFileDisplaySize(fsize, 2),					"filecount":    strconv.Itoa(fcount),					"modtime":      timeString,					"downloadurl":  "../../share/download/" + id,					"filename":     filepath.Base(fileRuntimeAbsPath),					"reqtime":      strconv.Itoa(int(time.Now().Unix())),					"requri":       "//" + r.Host + r.URL.Path,					"opg_image":    "/share/opg/" + strconv.Itoa(int(time.Now().Unix())) + "/" + id,					"treelist":     tl,					"downloaduuid": id,				})				w.Write([]byte(s))				return			}		} else {			//This share is a file			contentType := mime.TypeByExtension(filepath.Ext(fileRuntimeAbsPath))			if directDownload {				//Serve the file directly				w.Header().Set("Content-Disposition", "attachment; filename=\""+filepath.Base(shareOption.FileVirtualPath)+"\"")				w.Header().Set("Content-Type", contentType)				w.Header().Set("Content-Length", strconv.Itoa(int(targetFshAbs.GetFileSize(fileRuntimeAbsPath))))				if filesystem.FileExists(fileRuntimeAbsPath) {					//This file exists in local file system. Serve it directly					http.ServeFile(w, r, fileRuntimeAbsPath)				} else {					//This file is not on local file system. Use streaming					f, _ := targetFshAbs.ReadStream(fileRuntimeAbsPath)					io.Copy(w, f)					f.Close()				}			} else if directServe {				w.Header().Set("Access-Control-Allow-Origin", "*")				w.Header().Set("Access-Control-Allow-Headers", "Content-Type")				w.Header().Set("Content-Type", contentType)				f, _ := targetFshAbs.ReadStream(fileRuntimeAbsPath)				io.Copy(w, f)				f.Close()			} else {				//Serve the download page				content, err := ioutil.ReadFile("./system/share/downloadPage.html")				if err != nil {					http.NotFound(w, r)					return				}				//Get file mime type				mime, ext, err := filesystem.GetMime(fileRuntimeAbsPath)				if err != nil {					mime = "Unknown"				}				//Load the preview template				templateRoot := "./system/share/"				previewTemplate := ""				if ext == ".mp4" || ext == ".webm" {					previewTemplate = filepath.Join(templateRoot, "video.html")				} else if ext == ".mp3" || ext == ".wav" || ext == ".flac" || ext == ".ogg" {					previewTemplate = filepath.Join(templateRoot, "audio.html")				} else if ext == ".png" || ext == ".jpg" || ext == ".jpeg" || ext == ".webp" {					previewTemplate = filepath.Join(templateRoot, "image.html")				} else if ext == ".pdf" {					previewTemplate = filepath.Join(templateRoot, "iframe.html")				} else {					//Format do not support preview. Use the default.html					previewTemplate = filepath.Join(templateRoot, "default.html")				}				tp, err := ioutil.ReadFile(previewTemplate)				if err != nil {					tp = []byte("")				}				//Merge two templates				content = []byte(strings.ReplaceAll(string(content), "{{previewer}}", string(tp)))				//Get file size				fsize := targetFshAbs.GetFileSize(fileRuntimeAbsPath)				//Get modification time				fmodtime, _ := targetFshAbs.GetModTime(fileRuntimeAbsPath)				timeString := time.Unix(fmodtime, 0).Format("02-01-2006 15:04:05")				//Check if ext match with filepath ext				displayExt := ext				if ext != filepath.Ext(fileRuntimeAbsPath) {					displayExt = filepath.Ext(fileRuntimeAbsPath) + " (" + ext + ")"				}				t := fasttemplate.New(string(content), "{{", "}}")				s := t.ExecuteString(map[string]interface{}{					"hostname":    s.options.HostName,					"host":        r.Host,					"reqid":       id,					"requri":      "//" + r.Host + r.URL.Path,					"mime":        mime,					"ext":         displayExt,					"size":        filesystem.GetFileDisplaySize(fsize, 2),					"modtime":     timeString,					"downloadurl": "/share/download/" + id + "/" + filepath.Base(fileRuntimeAbsPath),					"preview_url": "/share/preview/" + id + "/",					"filename":    filepath.Base(fileRuntimeAbsPath),					"opg_image":   "/share/opg/" + strconv.Itoa(int(time.Now().Unix())) + "/" + id,					"reqtime":     strconv.Itoa(int(time.Now().Unix())),				})				w.Write([]byte(s))				return			}		}	} else {		//This share not exists		if directDownload {			//Send 404 header			http.NotFound(w, r)			return		} else {			//Send not found page			content, err := ioutil.ReadFile("./system/share/notfound.html")			if err != nil {				http.NotFound(w, r)				return			}			t := fasttemplate.New(string(content), "{{", "}}")			s := t.ExecuteString(map[string]interface{}{				"hostname": s.options.HostName,				"reqid":    id,				"reqtime":  strconv.Itoa(int(time.Now().Unix())),			})			w.Write([]byte(s))			return		}	}}//Check if a file is sharedfunc (s *Manager) HandleShareCheck(w http.ResponseWriter, r *http.Request) {	//Get the vpath from paramters	vpath, err := mv(r, "path", true)	if err != nil {		sendErrorResponse(w, "Invalid path given")		return	}	//Get userinfo	userinfo, err := s.options.UserHandler.GetUserInfoFromRequest(w, r)	if err != nil {		sendErrorResponse(w, "User not logged in")		return	}	fsh, _ := userinfo.GetFileSystemHandlerFromVirtualPath(vpath)	pathHash := shareEntry.GetPathHash(fsh, vpath, userinfo.Username)	type Result struct {		IsShared  bool		ShareUUID *shareEntry.ShareOption	}	//Check if share exists	shareExists := s.options.ShareEntryTable.FileIsShared(pathHash)	if !shareExists {		//Share not exists		js, _ := json.Marshal(Result{			IsShared:  false,			ShareUUID: &shareEntry.ShareOption{},		})		sendJSONResponse(w, string(js))	} else {		//Share exists		thisSharedInfo := s.options.ShareEntryTable.GetShareObjectFromPathHash(pathHash)		js, _ := json.Marshal(Result{			IsShared:  true,			ShareUUID: thisSharedInfo,		})		sendJSONResponse(w, string(js))	}}//Create new share from the given pathfunc (s *Manager) HandleCreateNewShare(w http.ResponseWriter, r *http.Request) {	//Get the vpath from paramters	vpath, err := mv(r, "path", true)	if err != nil {		sendErrorResponse(w, "Invalid path given")		return	}	//Get userinfo	userinfo, err := s.options.UserHandler.GetUserInfoFromRequest(w, r)	if err != nil {		sendErrorResponse(w, "User not logged in")		return	}	//Get the target fsh that this vpath come from	vpathSourceFsh := userinfo.GetRootFSHFromVpathInUserScope(vpath)	if vpathSourceFsh == nil {		sendErrorResponse(w, "Invalid vpath given")		return	}	share, err := s.CreateNewShare(userinfo, vpathSourceFsh, vpath)	if err != nil {		sendErrorResponse(w, err.Error())		return	}	js, _ := json.Marshal(share)	sendJSONResponse(w, string(js))}// Handle Share Edit.// For allowing groups / users, use the following syntax// groups:group1,group2,group3// users:user1,user2,user3// For basic modes, use the following keywords// anyone / signedin / samegroup// anyone: Anyone who has the link// signedin: Anyone logged in to this system// samegroup: The requesting user has the same (or more) user group as the share ownerfunc (s *Manager) HandleEditShare(w http.ResponseWriter, r *http.Request) {	userinfo, err := s.options.UserHandler.GetUserInfoFromRequest(w, r)	if err != nil {		sendErrorResponse(w, "User not logged in")		return	}	uuid, err := mv(r, "uuid", true)	if err != nil {		sendErrorResponse(w, "Invalid path given")		return	}	shareMode, _ := mv(r, "mode", true)	if shareMode == "" {		shareMode = "signedin"	}	//Check if share exists	so := s.options.ShareEntryTable.GetShareObjectFromUUID(uuid)	if so == nil {		//This share url not exists		sendErrorResponse(w, "Share UUID not exists")		return	}	//Check if the user has permission to edit this share	if !s.CanModifyShareEntry(userinfo, so.FileVirtualPath) {		common.SendErrorResponse(w, "Permission Denied")		return	}	//Validate and extract the storage mode	ok, sharetype, settings := validateShareModes(shareMode)	if !ok {		sendErrorResponse(w, "Invalid share setting")		return	}	//Analysis the sharetype	if sharetype == "anyone" || sharetype == "signedin" || sharetype == "samegroup" {		//Basic types.		so.Permission = sharetype		if sharetype == "samegroup" {			//Write user groups into accessible (Must be all match inorder to allow access)			userpg := []string{}			for _, pg := range userinfo.PermissionGroup {				userpg = append(userpg, pg.Name)			}			so.Accessibles = userpg		}		//Write changes to database		s.options.ShareEntryTable.Database.Write("share", uuid, so)	} else if sharetype == "groups" || sharetype == "users" {		//Username or group is listed = ok		so.Permission = sharetype		so.Accessibles = settings		//Write changes to database		s.options.ShareEntryTable.Database.Write("share", uuid, so)	}	sendOK(w)}func (s *Manager) HandleDeleteShare(w http.ResponseWriter, r *http.Request) {	//Get the vpath from paramters	uuid, err := mv(r, "uuid", true)	if err != nil {		sendErrorResponse(w, "Invalid uuid given")		return	}	//Get userinfo	userinfo, err := s.options.UserHandler.GetUserInfoFromRequest(w, r)	if err != nil {		sendErrorResponse(w, "User not logged in")		return	}	//Delete the share setting	err = s.DeleteShareByUUID(userinfo, uuid)	if err != nil {		sendErrorResponse(w, err.Error())	} else {		sendOK(w)	}}func (s *Manager) HandleListAllShares(w http.ResponseWriter, r *http.Request) {	userinfo, err := s.options.UserHandler.GetUserInfoFromRequest(w, r)	if err != nil {		common.SendErrorResponse(w, "User not logged in")		return	}	fshId, _ := common.Mv(r, "fsh", false)	results := []*shareEntry.ShareOption{}	if fshId == "" {		//List all		allFsh := userinfo.GetAllFileSystemHandler()		for _, thisFsh := range allFsh {			allShares := s.ListAllShareByFshId(thisFsh.UUID, userinfo)			for _, thisShare := range allShares {				if s.ShareIsValid(thisShare) {					results = append(results, thisShare)				}			}		}	} else {		//List fsh only		targetFsh, err := userinfo.GetFileSystemHandlerFromVirtualPath(fshId)		if err != nil {			common.SendErrorResponse(w, err.Error())			return		}		sharesInThisFsh := s.ListAllShareByFshId(targetFsh.UUID, userinfo)		for _, thisShare := range sharesInThisFsh {			if s.ShareIsValid(thisShare) {				results = append(results, thisShare)			}		}	}	//Reduce the data	type Share struct {		UUID                 string		FileVirtualPath      string		Owner                string		Permission           string		IsFolder             bool		IsOwnerOfShare       bool		CanAccess            bool		CanOpenInFileManager bool		CanDelete            bool	}	reducedResult := []*Share{}	for _, result := range results {		permissionText := result.Permission		if result.Permission == "groups" || result.Permission == "users" {			permissionText = permissionText + " (" + strings.Join(result.Accessibles, ", ") + ")"		}		thisShareInfo := Share{			UUID:                 result.UUID,			FileVirtualPath:      result.FileVirtualPath,			Owner:                result.Owner,			Permission:           permissionText,			IsFolder:             result.IsFolder,			IsOwnerOfShare:       userinfo.Username == result.Owner,			CanAccess:            result.IsAccessibleBy(userinfo.Username, userinfo.GetUserPermissionGroupNames()),			CanOpenInFileManager: s.UserCanOpenShareInFileManager(result, userinfo),			CanDelete:            s.CanModifyShareEntry(userinfo, result.FileVirtualPath),		}		reducedResult = append(reducedResult, &thisShareInfo)	}	js, _ := json.Marshal(reducedResult)	common.SendJSONResponse(w, string(js))}/*	Check if the user can open the share in File Manager	There are two conditions where the user can open the file in file manager	1. If the user is the owner of the file	2. If the user is NOT the owner of the file but the target fsh is public accessible and in user's fsh list*/func (s *Manager) UserCanOpenShareInFileManager(share *shareEntry.ShareOption, userinfo *user.User) bool {	if share.Owner == userinfo.Username {		return true	}	fsh, err := userinfo.GetFileSystemHandlerFromVirtualPath(share.FileVirtualPath)	if err != nil {		//User do not have permission to access this fsh		return false	}	rpath, _ := fsh.FileSystemAbstraction.VirtualPathToRealPath(share.FileVirtualPath, userinfo.Username)	if fsh.Hierarchy == "public" && fsh.FileSystemAbstraction.FileExists(rpath) {		return true	}	return false}//Craete a new file or folder sharefunc (s *Manager) CreateNewShare(userinfo *user.User, srcFsh *filesystem.FileSystemHandler, vpath string) (*shareEntry.ShareOption, error) {	//Translate the vpath to realpath	return s.options.ShareEntryTable.CreateNewShare(srcFsh, vpath, userinfo.Username, userinfo.GetUserPermissionGroupNames())}func ServePermissionDeniedPage(w http.ResponseWriter) {	w.WriteHeader(http.StatusForbidden)	pageContent := []byte("Permissioned Denied")	if fileExists("system/share/permissionDenied.html") {		content, err := ioutil.ReadFile("system/share/permissionDenied.html")		if err == nil {			pageContent = content		}	}	w.Write([]byte(pageContent))}/*	Validate Share Mode string	will return	1. bool => Is valid	2. permission type: {basic / groups / users}	3. mode string*/func validateShareModes(mode string) (bool, string, []string) {	// user:a,b,c,d	validModes := []string{"anyone", "signedin", "samegroup"}	if inArray(validModes, mode) {		//Standard modes		return true, mode, []string{}	} else if len(mode) > 7 && mode[:7] == "groups:" {		//Handle custom group case like groups:a,b,c,d		groupList := mode[7:]		if len(groupList) > 0 {			groups := strings.Split(groupList, ",")			return true, "groups", groups		} else {			//Invalid configuration			return false, "groups", []string{}		}	} else if len(mode) > 6 && mode[:6] == "users:" {		//Handle custom usersname like users:a,b,c,d		userList := mode[6:]		if len(userList) > 0 {			users := strings.Split(userList, ",")			return true, "users", users		} else {			//Invalid configuration			return false, "users", []string{}		}	}	return false, "", []string{}}func (s *Manager) ListAllShareByFshId(fshId string, userinfo *user.User) []*shareEntry.ShareOption {	results := []*shareEntry.ShareOption{}	s.options.ShareEntryTable.FileToUrlMap.Range(func(k, v interface{}) bool {		thisShareOption := v.(*shareEntry.ShareOption)		if (!userinfo.IsAdmin() && thisShareOption.IsAccessibleBy(userinfo.Username, userinfo.GetUserPermissionGroupNames())) || userinfo.IsAdmin() {			id, _, _ := filesystem.GetIDFromVirtualPath(thisShareOption.FileVirtualPath)			if id == fshId {				results = append(results, thisShareOption)			}		}		return true	})	sort.Slice(results, func(i, j int) bool {		return results[i].UUID < results[j].UUID	})	return results}func (s *Manager) ShareIsValid(thisShareOption *shareEntry.ShareOption) bool {	vpath := thisShareOption.FileVirtualPath	userinfo, _ := s.options.UserHandler.GetUserInfoFromUsername(thisShareOption.Owner)	fsh, err := userinfo.GetFileSystemHandlerFromVirtualPath(vpath)	if err != nil {		return false	}	fshAbs := fsh.FileSystemAbstraction	rpath, _ := fshAbs.VirtualPathToRealPath(vpath, userinfo.Username)	if !fshAbs.FileExists(rpath) {		return false	}	return true}func (s *Manager) GetPathHashFromShare(thisShareOption *shareEntry.ShareOption) (string, error) {	vpath := thisShareOption.FileVirtualPath	userinfo, _ := s.options.UserHandler.GetUserInfoFromUsername(thisShareOption.Owner)	fsh, err := userinfo.GetFileSystemHandlerFromVirtualPath(vpath)	if err != nil {		return "", err	}	pathHash := shareEntry.GetPathHash(fsh, vpath, userinfo.Username)	return pathHash, nil}//Check and clear shares that its pointinf files no longe existsfunc (s *Manager) ValidateAndClearShares() {	//Iterate through all shares within the system	s.options.ShareEntryTable.FileToUrlMap.Range(func(k, v interface{}) bool {		thisShareOption := v.(*shareEntry.ShareOption)		pathHash, err := s.GetPathHashFromShare(thisShareOption)		if err != nil {			//Unable to resolve path hash. Filesystem handler is gone?			//s.options.ShareEntryTable.RemoveShareByUUID(thisShareOption.UUID)			return true		}		if !s.ShareIsValid(thisShareOption) {			//This share source file don't exists anymore. Remove it			s.options.ShareEntryTable.RemoveShareByPathHash(pathHash)			log.Println("*Share* Removing share to file: " + thisShareOption.FileRealPath + " as it no longer exists")		}		return true	})}//Check if the user has the permission to modify this share entryfunc (s *Manager) CanModifyShareEntry(userinfo *user.User, vpath string) bool {	shareEntry := s.GetShareObjectFromUserAndVpath(userinfo, vpath)	if shareEntry == nil {		//Share entry not found		return false	}	//Check if the user is the share owner or the user is admin	if userinfo.IsAdmin() {		return true	} else if userinfo.Username == shareEntry.Owner {		return true	}	//Public fsh where the user and owner both can access	fsh, err := userinfo.GetFileSystemHandlerFromVirtualPath(vpath)	if err != nil {		return false	}	rpath, _ := fsh.FileSystemAbstraction.VirtualPathToRealPath(vpath, userinfo.Username)	if userinfo.CanWrite(vpath) && fsh.Hierarchy == "public" && fsh.FileSystemAbstraction.FileExists(rpath) {		return true	}	return false}func (s *Manager) DeleteShareByVpath(userinfo *user.User, vpath string) error {	ps := getPathHashFromUsernameAndVpath(userinfo, vpath)	if !s.CanModifyShareEntry(userinfo, vpath) {		return errors.New("Permission denied")	}	return s.options.ShareEntryTable.DeleteShareByPathHash(ps)}func (s *Manager) DeleteShareByUUID(userinfo *user.User, uuid string) error {	so := s.GetShareObjectFromUUID(uuid)	if so == nil {		return errors.New("Invalid share uuid")	}	if !s.CanModifyShareEntry(userinfo, so.FileVirtualPath) {		return errors.New("Permission denied")	}	return s.options.ShareEntryTable.DeleteShareByUUID(uuid)}func (s *Manager) GetShareUUIDFromUserAndVpath(userinfo *user.User, vpath string) string {	ps := getPathHashFromUsernameAndVpath(userinfo, vpath)	return s.options.ShareEntryTable.GetShareUUIDFromPathHash(ps)}func (s *Manager) GetShareObjectFromUserAndVpath(userinfo *user.User, vpath string) *shareEntry.ShareOption {	ps := getPathHashFromUsernameAndVpath(userinfo, vpath)	return s.options.ShareEntryTable.GetShareObjectFromPathHash(ps)}func (s *Manager) GetShareObjectFromUUID(uuid string) *shareEntry.ShareOption {	return s.options.ShareEntryTable.GetShareObjectFromUUID(uuid)}func (s *Manager) FileIsShared(userinfo *user.User, vpath string) bool {	ps := getPathHashFromUsernameAndVpath(userinfo, vpath)	return s.options.ShareEntryTable.FileIsShared(ps)}func (s *Manager) RemoveShareByUUID(userinfo *user.User, uuid string) error {	shareObject := s.GetShareObjectFromUUID(uuid)	if shareObject == nil {		return errors.New("Share entry not found")	}	if !s.CanModifyShareEntry(userinfo, shareObject.FileVirtualPath) {		return errors.New("Permission denied")	}	return s.options.ShareEntryTable.RemoveShareByUUID(uuid)}func getPathHashFromUsernameAndVpath(userinfo *user.User, vpath string) string {	fsh, _ := userinfo.GetFileSystemHandlerFromVirtualPath(vpath)	return shareEntry.GetPathHash(fsh, vpath, userinfo.Username)}
 |