Acasă Explorează Ajutor
Autentificare
TC
/
arozos
1
0
Bifurcare 0
Fisiere Probleme 0 Trageți solicitările 0 Wiki
Arbore: b23ce82990
Ramuri Etichete
arozos
/
mod
/
agi
/
agi.appdata.go

agi.appdata.go 3.4 KB
Istoric Crud

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131 
  1. package agi
    2. 

  2. 

  3. import (
    4. 

  4. 	"encoding/json"
    5. 

  5. 	"errors"
    6. 

  6. 	"io/ioutil"
    7. 

  7. 	"log"
    8. 

  8. 	"path/filepath"
    9. 

  9. 

  10. 	"github.com/robertkrimen/otto"
    11. 

  11. 	"imuslab.com/arozos/mod/filesystem"
    12. 

  12. 	user "imuslab.com/arozos/mod/user"
    13. 

  13. 	"imuslab.com/arozos/mod/utils"
    14. 

  14. )
    15. 

  15. 

  16. /*
    17. 

  17. 	AGI Appdata Access Library
    18. 

  18. 	Author: tobychui
    19. 

  19. 

  20. 	This library allow agi script to access files located in the web root
    21. 

  21. 	*This library provide READ ONLY function*
    22. 

  22. 	You cannot write to web folder due to security reasons. If you need to read write
    23. 

  23. 	web root (which is not recommended), ask the user to mount it top web:/ manually
    24. 

  24. */
    25. 

  25. 

  26. var webRoot string = "./web" //The web folder root
    27. 

  27. 

  28. func (g *Gateway) AppdataLibRegister() {
    29. 

  29. 	err := g.RegisterLib("appdata", g.injectAppdataLibFunctions)
    30. 

  30. 	if err != nil {
    31. 

  31. 		log.Fatal(err)
    32. 

  32. 	}
    33. 

  33. }
    34. 

  34. 

  35. func (g *Gateway) injectAppdataLibFunctions(vm *otto.Otto, u *user.User, scriptFsh *filesystem.FileSystemHandler, scriptPath string) {
    36. 

  36. 	vm.Set("_appdata_readfile", func(call otto.FunctionCall) otto.Value {
    37. 

  37. 		relpath, err := call.Argument(0).ToString()
    38. 

  38. 		if err != nil {
    39. 

  39. 			g.raiseError(err)
    40. 

  40. 			return otto.FalseValue()
    41. 

  41. 		}
    42. 

  42. 

  43. 		//Check if this is path escape
    44. 

  44. 		escaped, err := checkRootEscape(webRoot, filepath.Join(webRoot, relpath))
    45. 

  45. 		if err != nil {
    46. 

  46. 			g.raiseError(err)
    47. 

  47. 			return otto.FalseValue()
    48. 

  48. 		}
    49. 

  49. 

  50. 		if escaped {
    51. 

  51. 			g.raiseError(errors.New("Path escape detected"))
    52. 

  52. 			return otto.FalseValue()
    53. 

  53. 		}
    54. 

  54. 

  55. 		//Check if file exists
    56. 

  56. 		targetFile := filepath.Join(webRoot, relpath)
    57. 

  57. 		if utils.FileExists(targetFile) && !filesystem.IsDir(targetFile) {
    58. 

  58. 			content, err := ioutil.ReadFile(targetFile)
    59. 

  59. 			if err != nil {
    60. 

  60. 				g.raiseError(err)
    61. 

  61. 				return otto.FalseValue()
    62. 

  62. 			}
    63. 

  63. 

  64. 			//OK. Return the content of the file
    65. 

  65. 			result, _ := vm.ToValue(string(content))
    66. 

  66. 			return result
    67. 

  67. 		} else if filesystem.IsDir(targetFile) {
    68. 

  68. 			g.raiseError(errors.New("Cannot read from directory"))
    69. 

  69. 			return otto.FalseValue()
    70. 

  70. 

  71. 		} else {
    72. 

  72. 			g.raiseError(errors.New("File not exists"))
    73. 

  73. 			return otto.FalseValue()
    74. 

  74. 		}
    75. 

  75. 	})
    76. 

  76. 

  77. 	vm.Set("_appdata_listdir", func(call otto.FunctionCall) otto.Value {
    78. 

  78. 		relpath, err := call.Argument(0).ToString()
    79. 

  79. 		if err != nil {
    80. 

  80. 			g.raiseError(err)
    81. 

  81. 			return otto.FalseValue()
    82. 

  82. 		}
    83. 

  83. 

  84. 		//Check if this is path escape
    85. 

  85. 		escaped, err := checkRootEscape(webRoot, filepath.Join(webRoot, relpath))
    86. 

  86. 		if err != nil {
    87. 

  87. 			g.raiseError(err)
    88. 

  88. 			return otto.FalseValue()
    89. 

  89. 		}
    90. 

  90. 

  91. 		if escaped {
    92. 

  92. 			g.raiseError(errors.New("Path escape detected"))
    93. 

  93. 			return otto.FalseValue()
    94. 

  94. 		}
    95. 

  95. 

  96. 		//Check if file exists
    97. 

  97. 		targetFolder := filepath.Join(webRoot, relpath)
    98. 

  98. 		if utils.FileExists(targetFolder) && filesystem.IsDir(targetFolder) {
    99. 

  99. 			//Glob the directory for filelist
    100. 

  100. 			files, err := filepath.Glob(filepath.ToSlash(filepath.Clean(targetFolder)) + "/*")
    101. 

  101. 			if err != nil {
    102. 

  102. 				g.raiseError(err)
    103. 

  103. 				return otto.FalseValue()
    104. 

  104. 			}
    105. 

  105. 

  106. 			results := []string{}
    107. 

  107. 			for _, file := range files {
    108. 

  108. 				rel, _ := filepath.Rel(webRoot, file)
    109. 

  109. 				rel = filepath.ToSlash(rel)
    110. 

  110. 				results = append(results, rel)
    111. 

  111. 			}
    112. 

  112. 

  113. 			js, _ := json.Marshal(results)
    114. 

  114. 

  115. 			//OK. Return the content of the file
    116. 

  116. 			result, _ := vm.ToValue(string(js))
    117. 

  117. 			return result
    118. 

  118. 

  119. 		} else {
    120. 

  120. 			g.raiseError(errors.New("Directory not exists"))
    121. 

  121. 			return otto.FalseValue()
    122. 

  122. 		}
    123. 

  123. 	})
    124. 

  124. 

  125. 	//Wrap all the native code function into an imagelib class
    126. 

  126. 	vm.Run(`
    127. 

  127. 		var appdata = {};
    128. 

  128. 		appdata.readFile = _appdata_readfile;
    129. 

  129. 		appdata.listDir = _appdata_listdir;
    130. 

  130. 	`)
    131. 

  131. }
    132.