make xvol and xdev apply at runtime (closes #24):
* when accessing files inside an xdev volume, verify that the file exists on the same device/filesystem as the volume root * when accessing files inside an xvol volume, verify that the file exists within any volume where the user has read access
This commit is contained in:
		
							parent
							
								
									83178d0836
								
							
						
					
					
						commit
						544e0549bc
					
				
							
								
								
									
										10
									
								
								.vscode/launch.py
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										10
									
								
								.vscode/launch.py
									
									
									
									
										vendored
									
									
								
							| @ -30,9 +30,17 @@ except: | |||||||
| 
 | 
 | ||||||
| argv = [os.path.expanduser(x) if x.startswith("~") else x for x in argv] | argv = [os.path.expanduser(x) if x.startswith("~") else x for x in argv] | ||||||
| 
 | 
 | ||||||
|  | sfx = "" | ||||||
|  | if len(sys.argv) > 1 and os.path.isfile(sys.argv[1]): | ||||||
|  |     sfx = sys.argv[1] | ||||||
|  |     sys.argv = [sys.argv[0]] + sys.argv[2:] | ||||||
|  | 
 | ||||||
| argv += sys.argv[1:] | argv += sys.argv[1:] | ||||||
| 
 | 
 | ||||||
| if re.search(" -j ?[0-9]", " ".join(argv)): | if sfx: | ||||||
|  |     argv = [sys.executable, sfx] + argv | ||||||
|  |     sp.check_call(argv) | ||||||
|  | elif re.search(" -j ?[0-9]", " ".join(argv)): | ||||||
|     argv = [sys.executable, "-m", "copyparty"] + argv |     argv = [sys.executable, "-m", "copyparty"] + argv | ||||||
|     sp.check_call(argv) |     sp.check_call(argv) | ||||||
| else: | else: | ||||||
|  | |||||||
| @ -958,7 +958,11 @@ avoid traversing into other filesystems  using `--xdev` / volflag `:c,xdev`, ski | |||||||
| 
 | 
 | ||||||
| and/or you can `--xvol` / `:c,xvol` to ignore all symlinks leaving the volume's top directory, but still allow bind-mounts pointing elsewhere | and/or you can `--xvol` / `:c,xvol` to ignore all symlinks leaving the volume's top directory, but still allow bind-mounts pointing elsewhere | ||||||
| 
 | 
 | ||||||
| **NB: only affects the indexer** -- users can still access anything inside a volume, unless shadowed by another volume | * symlinks are permitted with `xvol` if they point into another volume where the user has the same level of access | ||||||
|  | 
 | ||||||
|  | these options will reduce performance; unlikely worst-case estimates are 14% reduction for directory listings, 35% for download-as-tar | ||||||
|  | 
 | ||||||
|  | as of copyparty v1.7.0 these options also prevent file access at runtime -- in previous versions it was just hints for the indexer | ||||||
| 
 | 
 | ||||||
| ### periodic rescan | ### periodic rescan | ||||||
| 
 | 
 | ||||||
|  | |||||||
| @ -838,6 +838,8 @@ def add_safety(ap, fk_salt): | |||||||
|     ap2.add_argument("-ss", action="store_true", help="further increase safety: Prevent js-injection, accidental move/delete, broken symlinks, webdav, 404 on 403, ban on excessive 404s.\n └─Alias of\033[32m -s --unpost=0 --no-del --no-mv --hardlink --vague-403 --ban-404=50,60,1440 -nih") |     ap2.add_argument("-ss", action="store_true", help="further increase safety: Prevent js-injection, accidental move/delete, broken symlinks, webdav, 404 on 403, ban on excessive 404s.\n └─Alias of\033[32m -s --unpost=0 --no-del --no-mv --hardlink --vague-403 --ban-404=50,60,1440 -nih") | ||||||
|     ap2.add_argument("-sss", action="store_true", help="further increase safety: Enable logging to disk, scan for dangerous symlinks.\n └─Alias of\033[32m -ss --no-dav --no-logues --no-readme -lo=cpp-%%Y-%%m%%d-%%H%%M%%S.txt.xz --ls=**,*,ln,p,r") |     ap2.add_argument("-sss", action="store_true", help="further increase safety: Enable logging to disk, scan for dangerous symlinks.\n └─Alias of\033[32m -ss --no-dav --no-logues --no-readme -lo=cpp-%%Y-%%m%%d-%%H%%M%%S.txt.xz --ls=**,*,ln,p,r") | ||||||
|     ap2.add_argument("--ls", metavar="U[,V[,F]]", type=u, help="do a sanity/safety check of all volumes on startup; arguments \033[33mUSER\033[0m,\033[33mVOL\033[0m,\033[33mFLAGS\033[0m; example [\033[32m**,*,ln,p,r\033[0m]") |     ap2.add_argument("--ls", metavar="U[,V[,F]]", type=u, help="do a sanity/safety check of all volumes on startup; arguments \033[33mUSER\033[0m,\033[33mVOL\033[0m,\033[33mFLAGS\033[0m; example [\033[32m**,*,ln,p,r\033[0m]") | ||||||
|  |     ap2.add_argument("--xvol", action="store_true", help="never follow symlinks leaving the volume root, unless the link is into another volume where the user has similar access (volflag=xvol)") | ||||||
|  |     ap2.add_argument("--xdev", action="store_true", help="stay within the filesystem of the volume root; do not descend into other devices (symlink or bind-mount to another HDD, ...) (volflag=xdev)") | ||||||
|     ap2.add_argument("--salt", type=u, default="hunter2", help="up2k file-hash salt; serves no purpose, no reason to change this (but delete all databases if you do)") |     ap2.add_argument("--salt", type=u, default="hunter2", help="up2k file-hash salt; serves no purpose, no reason to change this (but delete all databases if you do)") | ||||||
|     ap2.add_argument("--fk-salt", metavar="SALT", type=u, default=fk_salt, help="per-file accesskey salt; used to generate unpredictable URLs for hidden files -- this one DOES matter") |     ap2.add_argument("--fk-salt", metavar="SALT", type=u, default=fk_salt, help="per-file accesskey salt; used to generate unpredictable URLs for hidden files -- this one DOES matter") | ||||||
|     ap2.add_argument("--no-dot-mv", action="store_true", help="disallow moving dotfiles; makes it impossible to move folders containing dotfiles") |     ap2.add_argument("--no-dot-mv", action="store_true", help="disallow moving dotfiles; makes it impossible to move folders containing dotfiles") | ||||||
| @ -931,8 +933,6 @@ def add_db_general(ap, hcores): | |||||||
|     ap2.add_argument("--no-forget", action="store_true", help="never forget indexed files, even when deleted from disk -- makes it impossible to ever upload the same file twice (volflag=noforget)") |     ap2.add_argument("--no-forget", action="store_true", help="never forget indexed files, even when deleted from disk -- makes it impossible to ever upload the same file twice (volflag=noforget)") | ||||||
|     ap2.add_argument("--dbd", metavar="PROFILE", default="wal", help="database durability profile; sets the tradeoff between robustness and speed, see --help-dbd (volflag=dbd)") |     ap2.add_argument("--dbd", metavar="PROFILE", default="wal", help="database durability profile; sets the tradeoff between robustness and speed, see --help-dbd (volflag=dbd)") | ||||||
|     ap2.add_argument("--xlink", action="store_true", help="on upload: check all volumes for dupes, not just the target volume (volflag=xlink)") |     ap2.add_argument("--xlink", action="store_true", help="on upload: check all volumes for dupes, not just the target volume (volflag=xlink)") | ||||||
|     ap2.add_argument("--xdev", action="store_true", help="do not descend into other filesystems (symlink or bind-mount to another HDD, ...) (volflag=xdev)") |  | ||||||
|     ap2.add_argument("--xvol", action="store_true", help="skip symlinks leaving the volume root (volflag=xvol)") |  | ||||||
|     ap2.add_argument("--hash-mt", metavar="CORES", type=int, default=hcores, help="num cpu cores to use for file hashing; set 0 or 1 for single-core hashing") |     ap2.add_argument("--hash-mt", metavar="CORES", type=int, default=hcores, help="num cpu cores to use for file hashing; set 0 or 1 for single-core hashing") | ||||||
|     ap2.add_argument("--re-maxage", metavar="SEC", type=int, default=0, help="disk rescan volume interval, 0=off (volflag=scan)") |     ap2.add_argument("--re-maxage", metavar="SEC", type=int, default=0, help="disk rescan volume interval, 0=off (volflag=scan)") | ||||||
|     ap2.add_argument("--db-act", metavar="SEC", type=float, default=10, help="defer any scheduled volume reindexing until SEC seconds after last db write (uploads, renames, ...)") |     ap2.add_argument("--db-act", metavar="SEC", type=float, default=10, help="defer any scheduled volume reindexing until SEC seconds after last db write (uploads, renames, ...)") | ||||||
|  | |||||||
| @ -285,6 +285,8 @@ class VFS(object): | |||||||
|         self.vpath = vpath  # absolute path in the virtual filesystem |         self.vpath = vpath  # absolute path in the virtual filesystem | ||||||
|         self.axs = axs |         self.axs = axs | ||||||
|         self.flags = flags  # config options |         self.flags = flags  # config options | ||||||
|  |         self.root = self | ||||||
|  |         self.dev = 0  # st_dev | ||||||
|         self.nodes: dict[str, VFS] = {}  # child nodes |         self.nodes: dict[str, VFS] = {}  # child nodes | ||||||
|         self.histtab: dict[str, str] = {}  # all realpath->histpath |         self.histtab: dict[str, str] = {}  # all realpath->histpath | ||||||
|         self.dbv: Optional[VFS] = None  # closest full/non-jump parent |         self.dbv: Optional[VFS] = None  # closest full/non-jump parent | ||||||
| @ -297,11 +299,17 @@ class VFS(object): | |||||||
|         self.apget: dict[str, list[str]] = {} |         self.apget: dict[str, list[str]] = {} | ||||||
| 
 | 
 | ||||||
|         if realpath: |         if realpath: | ||||||
|  |             rp = realpath + ("" if realpath.endswith(os.sep) else os.sep) | ||||||
|  |             vp = vpath + ("/" if vpath else "") | ||||||
|             self.histpath = os.path.join(realpath, ".hist")  # db / thumbcache |             self.histpath = os.path.join(realpath, ".hist")  # db / thumbcache | ||||||
|             self.all_vols = {vpath: self}  # flattened recursive |             self.all_vols = {vpath: self}  # flattened recursive | ||||||
|  |             self.all_aps = [(rp, self)] | ||||||
|  |             self.all_vps = [(vp, self)] | ||||||
|         else: |         else: | ||||||
|             self.histpath = "" |             self.histpath = "" | ||||||
|             self.all_vols = {} |             self.all_vols = {} | ||||||
|  |             self.all_aps = [] | ||||||
|  |             self.all_vps = [] | ||||||
| 
 | 
 | ||||||
|     def __repr__(self) -> str: |     def __repr__(self) -> str: | ||||||
|         return "VFS(%s)" % ( |         return "VFS(%s)" % ( | ||||||
| @ -311,12 +319,22 @@ class VFS(object): | |||||||
|             ) |             ) | ||||||
|         ) |         ) | ||||||
| 
 | 
 | ||||||
|     def get_all_vols(self, outdict: dict[str, "VFS"]) -> None: |     def get_all_vols( | ||||||
|  |         self, | ||||||
|  |         vols: dict[str, "VFS"], | ||||||
|  |         aps: list[tuple[str, "VFS"]], | ||||||
|  |         vps: list[tuple[str, "VFS"]], | ||||||
|  |     ) -> None: | ||||||
|         if self.realpath: |         if self.realpath: | ||||||
|             outdict[self.vpath] = self |             vols[self.vpath] = self | ||||||
|  |             rp = self.realpath | ||||||
|  |             rp += "" if rp.endswith(os.sep) else os.sep | ||||||
|  |             vp = self.vpath + ("/" if self.vpath else "") | ||||||
|  |             aps.append((rp, self)) | ||||||
|  |             vps.append((vp, self)) | ||||||
| 
 | 
 | ||||||
|         for v in self.nodes.values(): |         for v in self.nodes.values(): | ||||||
|             v.get_all_vols(outdict) |             v.get_all_vols(vols, aps, vps) | ||||||
| 
 | 
 | ||||||
|     def add(self, src: str, dst: str) -> "VFS": |     def add(self, src: str, dst: str) -> "VFS": | ||||||
|         """get existing, or add new path to the vfs""" |         """get existing, or add new path to the vfs""" | ||||||
| @ -390,7 +408,11 @@ class VFS(object): | |||||||
|         self, vpath: str, uname: str |         self, vpath: str, uname: str | ||||||
|     ) -> tuple[bool, bool, bool, bool, bool, bool]: |     ) -> tuple[bool, bool, bool, bool, bool, bool]: | ||||||
|         """can Read,Write,Move,Delete,Get,Upget""" |         """can Read,Write,Move,Delete,Get,Upget""" | ||||||
|  |         if vpath: | ||||||
|             vn, _ = self._find(undot(vpath)) |             vn, _ = self._find(undot(vpath)) | ||||||
|  |         else: | ||||||
|  |             vn = self | ||||||
|  | 
 | ||||||
|         c = vn.axs |         c = vn.axs | ||||||
|         return ( |         return ( | ||||||
|             uname in c.uread or "*" in c.uread, |             uname in c.uread or "*" in c.uread, | ||||||
| @ -545,6 +567,15 @@ class VFS(object): | |||||||
|                 self.log("vfs.walk", t.format(seen[-1], fsroot, self.vpath, rem), 3) |                 self.log("vfs.walk", t.format(seen[-1], fsroot, self.vpath, rem), 3) | ||||||
|             return |             return | ||||||
| 
 | 
 | ||||||
|  |         if "xdev" in self.flags or "xvol" in self.flags: | ||||||
|  |             rm1 = [] | ||||||
|  |             for le in vfs_ls: | ||||||
|  |                 ap = absreal(os.path.join(fsroot, le[0])) | ||||||
|  |                 vn2 = self.chk_ap(ap) | ||||||
|  |                 if not vn2 or not vn2.get("", uname, True, False): | ||||||
|  |                     rm1.append(le) | ||||||
|  |             _ = [vfs_ls.remove(x) for x in rm1]  # type: ignore | ||||||
|  | 
 | ||||||
|         seen = seen[:] + [fsroot] |         seen = seen[:] + [fsroot] | ||||||
|         rfiles = [x for x in vfs_ls if not stat.S_ISDIR(x[1].st_mode)] |         rfiles = [x for x in vfs_ls if not stat.S_ISDIR(x[1].st_mode)] | ||||||
|         rdirs = [x for x in vfs_ls if stat.S_ISDIR(x[1].st_mode)] |         rdirs = [x for x in vfs_ls if stat.S_ISDIR(x[1].st_mode)] | ||||||
| @ -643,6 +674,44 @@ class VFS(object): | |||||||
|             for d in [{"vp": v, "ap": a, "st": n} for v, a, n in ret2]: |             for d in [{"vp": v, "ap": a, "st": n} for v, a, n in ret2]: | ||||||
|                 yield d |                 yield d | ||||||
| 
 | 
 | ||||||
|  |     def chk_ap(self, ap: str, st: Optional[os.stat_result] = None) -> Optional["VFS"]: | ||||||
|  |         aps = ap + os.sep | ||||||
|  |         if "xdev" in self.flags and not ANYWIN: | ||||||
|  |             if not st: | ||||||
|  |                 ap2 = ap.replace("\\", "/") if ANYWIN else ap | ||||||
|  |                 while ap2: | ||||||
|  |                     try: | ||||||
|  |                         st = bos.stat(ap2) | ||||||
|  |                         break | ||||||
|  |                     except: | ||||||
|  |                         if "/" not in ap2: | ||||||
|  |                             raise | ||||||
|  |                         ap2 = ap2.rsplit("/", 1)[0] | ||||||
|  |                 assert st | ||||||
|  | 
 | ||||||
|  |             vdev = self.dev | ||||||
|  |             if not vdev: | ||||||
|  |                 vdev = self.dev = bos.stat(self.realpath).st_dev | ||||||
|  | 
 | ||||||
|  |             if vdev != st.st_dev: | ||||||
|  |                 if self.log: | ||||||
|  |                     t = "xdev: {}[{}] => {}[{}]" | ||||||
|  |                     self.log("vfs", t.format(vdev, self.realpath, st.st_dev, ap), 3) | ||||||
|  | 
 | ||||||
|  |                 return None | ||||||
|  | 
 | ||||||
|  |         if "xvol" in self.flags: | ||||||
|  |             for vap, vn in self.root.all_aps: | ||||||
|  |                 if aps.startswith(vap): | ||||||
|  |                     return vn | ||||||
|  | 
 | ||||||
|  |             if self.log: | ||||||
|  |                 self.log("vfs", "xvol: [{}]".format(ap), 3) | ||||||
|  | 
 | ||||||
|  |             return None | ||||||
|  | 
 | ||||||
|  |         return self | ||||||
|  | 
 | ||||||
| 
 | 
 | ||||||
| if WINDOWS: | if WINDOWS: | ||||||
|     re_vol = re.compile(r"^([a-zA-Z]:[\\/][^:]*|[^:]*):([^:]*):(.*)$") |     re_vol = re.compile(r"^([a-zA-Z]:[\\/][^:]*|[^:]*):([^:]*):(.*)$") | ||||||
| @ -1069,7 +1138,13 @@ class AuthSrv(object): | |||||||
| 
 | 
 | ||||||
|         assert vfs |         assert vfs | ||||||
|         vfs.all_vols = {} |         vfs.all_vols = {} | ||||||
|         vfs.get_all_vols(vfs.all_vols) |         vfs.all_aps = [] | ||||||
|  |         vfs.all_vps = [] | ||||||
|  |         vfs.get_all_vols(vfs.all_vols, vfs.all_aps, vfs.all_vps) | ||||||
|  |         for vol in vfs.all_vols.values(): | ||||||
|  |             vol.all_aps.sort(key=lambda x: len(x[0]), reverse=True) | ||||||
|  |             vol.all_vps.sort(key=lambda x: len(x[0]), reverse=True) | ||||||
|  |             vol.root = vfs | ||||||
| 
 | 
 | ||||||
|         for perm in "read write move del get pget".split(): |         for perm in "read write move del get pget".split(): | ||||||
|             axs_key = "u" + perm |             axs_key = "u" + perm | ||||||
|  | |||||||
| @ -107,7 +107,7 @@ flagcats = { | |||||||
|         "dbd=[acid|swal|wal|yolo]": "database speed-durability tradeoff", |         "dbd=[acid|swal|wal|yolo]": "database speed-durability tradeoff", | ||||||
|         "xlink": "cross-volume dupe detection / linking", |         "xlink": "cross-volume dupe detection / linking", | ||||||
|         "xdev": "do not descend into other filesystems", |         "xdev": "do not descend into other filesystems", | ||||||
|         "xvol": "skip symlinks leaving the volume root", |         "xvol": "do not follow symlinks leaving the volume root", | ||||||
|         "dotsrch": "show dotfiles in search results", |         "dotsrch": "show dotfiles in search results", | ||||||
|         "nodotsrch": "hide dotfiles in search results (default)", |         "nodotsrch": "hide dotfiles in search results (default)", | ||||||
|     }, |     }, | ||||||
|  | |||||||
| @ -144,17 +144,30 @@ class FtpFs(AbstractedFS): | |||||||
|         d: bool = False, |         d: bool = False, | ||||||
|     ) -> tuple[str, VFS, str]: |     ) -> tuple[str, VFS, str]: | ||||||
|         try: |         try: | ||||||
|             vpath = vpath.replace("\\", "/").lstrip("/") |             vpath = vpath.replace("\\", "/").strip("/") | ||||||
|             rd, fn = os.path.split(vpath) |             rd, fn = os.path.split(vpath) | ||||||
|             if ANYWIN and relchk(rd): |             if ANYWIN and relchk(rd): | ||||||
|                 logging.warning("malicious vpath: %s", vpath) |                 logging.warning("malicious vpath: %s", vpath) | ||||||
|                 raise FSE("Unsupported characters in filepath", 1) |                 t = "Unsupported characters in [{}]" | ||||||
|  |                 raise FSE(t.format(vpath), 1) | ||||||
| 
 | 
 | ||||||
|             fn = sanitize_fn(fn or "", "", [".prologue.html", ".epilogue.html"]) |             fn = sanitize_fn(fn or "", "", [".prologue.html", ".epilogue.html"]) | ||||||
|             vpath = vjoin(rd, fn) |             vpath = vjoin(rd, fn) | ||||||
|             vfs, rem = self.hub.asrv.vfs.get(vpath, self.uname, r, w, m, d) |             vfs, rem = self.hub.asrv.vfs.get(vpath, self.uname, r, w, m, d) | ||||||
|             if not vfs.realpath: |             if not vfs.realpath: | ||||||
|                 raise FSE("No filesystem mounted at this path", 1) |                 t = "No filesystem mounted at [{}]" | ||||||
|  |                 raise FSE(t.format(vpath)) | ||||||
|  | 
 | ||||||
|  |             if "xdev" in vfs.flags or "xvol" in vfs.flags: | ||||||
|  |                 ap = vfs.canonical(rem) | ||||||
|  |                 avfs = vfs.chk_ap(ap) | ||||||
|  |                 t = "Permission denied in [{}]" | ||||||
|  |                 if not avfs: | ||||||
|  |                     raise FSE(t.format(vpath), 1) | ||||||
|  | 
 | ||||||
|  |                 cr, cw, cm, cd, _, _ = avfs.can_access("", self.h.uname) | ||||||
|  |                 if r and not cr or w and not cw or m and not cm or d and not cd: | ||||||
|  |                     raise FSE(t.format(vpath), 1) | ||||||
| 
 | 
 | ||||||
|             return os.path.join(vfs.realpath, rem), vfs, rem |             return os.path.join(vfs.realpath, rem), vfs, rem | ||||||
|         except Pebkac as ex: |         except Pebkac as ex: | ||||||
| @ -207,10 +220,18 @@ class FtpFs(AbstractedFS): | |||||||
|         nwd = join(self.cwd, path) |         nwd = join(self.cwd, path) | ||||||
|         vfs, rem = self.hub.asrv.vfs.get(nwd, self.uname, False, False) |         vfs, rem = self.hub.asrv.vfs.get(nwd, self.uname, False, False) | ||||||
|         ap = vfs.canonical(rem) |         ap = vfs.canonical(rem) | ||||||
|         if not bos.path.isdir(ap): |         try: | ||||||
|  |             st = bos.stat(ap) | ||||||
|  |             if not stat.S_ISDIR(st.st_mode): | ||||||
|  |                 raise Exception() | ||||||
|  |         except: | ||||||
|             # returning 550 is library-default and suitable |             # returning 550 is library-default and suitable | ||||||
|             raise FSE("No such file or directory") |             raise FSE("No such file or directory") | ||||||
| 
 | 
 | ||||||
|  |         avfs = vfs.chk_ap(ap, st) | ||||||
|  |         if not avfs: | ||||||
|  |             raise FSE("Permission denied", 1) | ||||||
|  | 
 | ||||||
|         self.cwd = nwd |         self.cwd = nwd | ||||||
|         ( |         ( | ||||||
|             self.can_read, |             self.can_read, | ||||||
| @ -219,16 +240,18 @@ class FtpFs(AbstractedFS): | |||||||
|             self.can_delete, |             self.can_delete, | ||||||
|             self.can_get, |             self.can_get, | ||||||
|             self.can_upget, |             self.can_upget, | ||||||
|         ) = self.hub.asrv.vfs.can_access(self.cwd.lstrip("/"), self.h.uname) |         ) = avfs.can_access("", self.h.uname) | ||||||
| 
 | 
 | ||||||
|     def mkdir(self, path: str) -> None: |     def mkdir(self, path: str) -> None: | ||||||
|         ap = self.rv2a(path, w=True)[0] |         ap = self.rv2a(path, w=True)[0] | ||||||
|         bos.makedirs(ap)  # filezilla expects this |         bos.makedirs(ap)  # filezilla expects this | ||||||
| 
 | 
 | ||||||
|     def listdir(self, path: str) -> list[str]: |     def listdir(self, path: str) -> list[str]: | ||||||
|         vpath = join(self.cwd, path).lstrip("/") |         vpath = join(self.cwd, path) | ||||||
|         try: |         try: | ||||||
|             vfs, rem = self.hub.asrv.vfs.get(vpath, self.uname, True, False) |             ap, vfs, rem = self.v2a(vpath, True, False) | ||||||
|  |             if not bos.path.isdir(ap): | ||||||
|  |                 raise FSE("No such file or directory", 1) | ||||||
| 
 | 
 | ||||||
|             fsroot, vfs_ls1, vfs_virt = vfs.ls( |             fsroot, vfs_ls1, vfs_virt = vfs.ls( | ||||||
|                 rem, |                 rem, | ||||||
| @ -249,7 +272,7 @@ class FtpFs(AbstractedFS): | |||||||
|             if getattr(ex, "severity", 0): |             if getattr(ex, "severity", 0): | ||||||
|                 raise |                 raise | ||||||
| 
 | 
 | ||||||
|             if vpath: |             if vpath.strip("/"): | ||||||
|                 # display write-only folders as empty |                 # display write-only folders as empty | ||||||
|                 return [] |                 return [] | ||||||
| 
 | 
 | ||||||
| @ -389,7 +412,7 @@ class FtpHandler(FTPHandler): | |||||||
|     def ftp_STOR(self, file: str, mode: str = "w") -> Any: |     def ftp_STOR(self, file: str, mode: str = "w") -> Any: | ||||||
|         # Optional[str] |         # Optional[str] | ||||||
|         vp = join(self.fs.cwd, file).lstrip("/") |         vp = join(self.fs.cwd, file).lstrip("/") | ||||||
|         ap, vfs, rem = self.fs.v2a(vp) |         ap, vfs, rem = self.fs.v2a(vp, w=True) | ||||||
|         self.vfs_map[ap] = vp |         self.vfs_map[ap] = vp | ||||||
|         xbu = vfs.flags.get("xbu") |         xbu = vfs.flags.get("xbu") | ||||||
|         if xbu and not runhook( |         if xbu and not runhook( | ||||||
|  | |||||||
| @ -135,6 +135,7 @@ class HttpCli(object): | |||||||
|         self.ouparam: dict[str, str] = {} |         self.ouparam: dict[str, str] = {} | ||||||
|         self.uparam: dict[str, str] = {} |         self.uparam: dict[str, str] = {} | ||||||
|         self.cookies: dict[str, str] = {} |         self.cookies: dict[str, str] = {} | ||||||
|  |         self.avn: Optional[VFS] = None | ||||||
|         self.vpath = " " |         self.vpath = " " | ||||||
|         self.uname = " " |         self.uname = " " | ||||||
|         self.pw = " " |         self.pw = " " | ||||||
| @ -411,6 +412,13 @@ class HttpCli(object): | |||||||
|             uparam["b"] = "" |             uparam["b"] = "" | ||||||
|             cookies["b"] = "" |             cookies["b"] = "" | ||||||
| 
 | 
 | ||||||
|  |         vn, rem = self.asrv.vfs.get(self.vpath, self.uname, False, False) | ||||||
|  |         if "xdev" in vn.flags or "xvol" in vn.flags: | ||||||
|  |             ap = vn.canonical(rem) | ||||||
|  |             avn = vn.chk_ap(ap) | ||||||
|  |         else: | ||||||
|  |             avn = vn | ||||||
|  | 
 | ||||||
|         ( |         ( | ||||||
|             self.can_read, |             self.can_read, | ||||||
|             self.can_write, |             self.can_write, | ||||||
| @ -418,7 +426,10 @@ class HttpCli(object): | |||||||
|             self.can_delete, |             self.can_delete, | ||||||
|             self.can_get, |             self.can_get, | ||||||
|             self.can_upget, |             self.can_upget, | ||||||
|         ) = self.asrv.vfs.can_access(self.vpath, self.uname) |         ) = ( | ||||||
|  |             avn.can_access("", self.uname) if avn else [False] * 6 | ||||||
|  |         ) | ||||||
|  |         self.avn = avn | ||||||
| 
 | 
 | ||||||
|         self.s.settimeout(self.args.s_tbody or None) |         self.s.settimeout(self.args.s_tbody or None) | ||||||
| 
 | 
 | ||||||
| @ -875,7 +886,7 @@ class HttpCli(object): | |||||||
|         try: |         try: | ||||||
|             topdir = {"vp": "", "st": bos.stat(tap)} |             topdir = {"vp": "", "st": bos.stat(tap)} | ||||||
|         except OSError as ex: |         except OSError as ex: | ||||||
|             if ex.errno != errno.ENOENT: |             if ex.errno not in (errno.ENOENT, errno.ENOTDIR): | ||||||
|                 raise |                 raise | ||||||
|             raise Pebkac(404) |             raise Pebkac(404) | ||||||
| 
 | 
 | ||||||
|  | |||||||
		Loading…
	
		Reference in New Issue
	
	Block a user
	 ed
						ed