mirror of
https://github.com/AlistGo/alist.git
synced 2025-04-28 00:04:13 +08:00
112363031a
* Determine whether the URL requires Sign * Add File and Mem based KV NOT TESTED: TokenKV Function * Change Token KV func to common func. Add File based KV func * Remove KV, Remove Token I found that the original Sign function is enough to complete the link signature, and only need to add simple configuration items to meet the requirements. * Add IsStorageSigned func to judge if Signing is enabled in the storage settings. It should be working now. * Add a SIGN button to the management panel. * Add enable_sign to the basic storage struct. Can enable sign for every driver now. Bug: When sign enabled, in download page, Copy link doesn't contain a sign. (Not done yet) * Fix a bug from commit 8f6c25f. Response of fsread function does not contain sign. * Optimize code and follow advices. - Add back public/dist/README.md - Enable sign when DownProxyUrl is enabled - Merge needSign() to isEncrypt() in fsread.go * simplify code --------- Co-authored-by: Andy Hsu <i@nn.ci>
75 lines
2.0 KiB
Go
75 lines
2.0 KiB
Go
package common
|
|
|
|
import (
|
|
"path"
|
|
"regexp"
|
|
"strings"
|
|
|
|
"github.com/alist-org/alist/v3/internal/conf"
|
|
"github.com/alist-org/alist/v3/internal/driver"
|
|
"github.com/alist-org/alist/v3/internal/model"
|
|
"github.com/alist-org/alist/v3/internal/op"
|
|
"github.com/alist-org/alist/v3/pkg/utils"
|
|
)
|
|
|
|
func IsStorageSignEnabled(rawPath string) bool {
|
|
storage := op.GetBalancedStorage(rawPath)
|
|
return storage != nil && storage.GetStorage().EnableSign
|
|
}
|
|
|
|
func CanWrite(meta *model.Meta, path string) bool {
|
|
if meta == nil || !meta.Write {
|
|
return false
|
|
}
|
|
return meta.WSub || meta.Path == path
|
|
}
|
|
|
|
func IsApply(metaPath, reqPath string, applySub bool) bool {
|
|
if utils.PathEqual(metaPath, reqPath) {
|
|
return true
|
|
}
|
|
return utils.IsSubPath(metaPath, reqPath) && applySub
|
|
}
|
|
|
|
func CanAccess(user *model.User, meta *model.Meta, reqPath string, password string) bool {
|
|
// if the reqPath is in hide (only can check the nearest meta) and user can't see hides, can't access
|
|
if meta != nil && !user.CanSeeHides() && meta.Hide != "" &&
|
|
IsApply(meta.Path, path.Dir(reqPath), meta.HSub) { // the meta should apply to the parent of current path
|
|
for _, hide := range strings.Split(meta.Hide, "\n") {
|
|
re := regexp.MustCompile(hide)
|
|
if re.MatchString(path.Base(reqPath)) {
|
|
return false
|
|
}
|
|
}
|
|
}
|
|
// if is not guest and can access without password
|
|
if user.CanAccessWithoutPassword() {
|
|
return true
|
|
}
|
|
// if meta is nil or password is empty, can access
|
|
if meta == nil || meta.Password == "" {
|
|
return true
|
|
}
|
|
// if meta doesn't apply to sub_folder, can access
|
|
if !utils.PathEqual(meta.Path, reqPath) && !meta.PSub {
|
|
return true
|
|
}
|
|
// validate password
|
|
return meta.Password == password
|
|
}
|
|
|
|
// ShouldProxy TODO need optimize
|
|
// when should be proxy?
|
|
// 1. config.MustProxy()
|
|
// 2. storage.WebProxy
|
|
// 3. proxy_types
|
|
func ShouldProxy(storage driver.Driver, filename string) bool {
|
|
if storage.Config().MustProxy() || storage.GetStorage().WebProxy {
|
|
return true
|
|
}
|
|
if utils.SliceContains(conf.SlicesMap[conf.ProxyTypes], utils.Ext(filename)) {
|
|
return true
|
|
}
|
|
return false
|
|
}
|