feat: v2 (#599)

Read https://github.com/filebrowser/filebrowser/pull/575. Former-commit-id: 7aedcaaf72b863033e3f089d6df308d41a3fd00c [formerly bdbe4d49161b901c4adf9c245895a1be2d62e4a7] [formerly acfc1ec67c423e0b3e065a8c1f8897c5249af65b [formerly d309066def]] Former-commit-id: 0c7d925a38a68ccabdf2c4bbd8c302ee89b93509 [formerly a6173925a1382955d93b334ded93f70d6dddd694] Former-commit-id: e032e0804dd051df86f42962de2b39caec5318b7
2026-01-23 02:35:10 +00:00 · 2019-01-05 22:44:33 +00:00 · 2019-01-05 22:44:33 +00:00 · 12b2c21522
commit 12b2c21522
parent 53a4601361
121 changed files with 5410 additions and 4697 deletions
--- a/users/password.go
+++ b/users/password.go
@ -0,0 +1,17 @@
+package users
+
+import (
+	"golang.org/x/crypto/bcrypt"
+)
+
+// HashPwd hashes a password.
+func HashPwd(password string) (string, error) {
+	bytes, err := bcrypt.GenerateFromPassword([]byte(password), bcrypt.DefaultCost)
+	return string(bytes), err
+}
+
+// CheckPwd checks if a password is correct.
+func CheckPwd(password, hash string) bool {
+	err := bcrypt.CompareHashAndPassword([]byte(hash), []byte(password))
+	return err == nil
+}
--- a/users/permissions.go
+++ b/users/permissions.go
@ -0,0 +1,13 @@
+package users
+
+// Permissions describe a user's permissions.
+type Permissions struct {
+	Admin    bool `json:"admin"`
+	Execute  bool `json:"execute"`
+	Create   bool `json:"create"`
+	Rename   bool `json:"rename"`
+	Modify   bool `json:"modify"`
+	Delete   bool `json:"delete"`
+	Share    bool `json:"share"`
+	Download bool `json:"download"`
+}
--- a/users/storage.go
+++ b/users/storage.go
@ -0,0 +1,127 @@
+package users
+
+import (
+	"sync"
+	"time"
+
+	"github.com/filebrowser/filebrowser/v2/errors"
+)
+
+// StorageBackend is the interface to implement for a users storage.
+type StorageBackend interface {
+	GetByID(uint) (*User, error)
+	GetByUsername(string) (*User, error)
+	Gets() ([]*User, error)
+	Save(u *User) error
+	Update(u *User, fields ...string) error
+	DeleteByID(uint) error
+	DeleteByUsername(string) error
+}
+
+// Storage is a users storage.
+type Storage struct {
+	back    StorageBackend
+	updated map[uint]int64
+	mux     sync.RWMutex
+}
+
+// NewStorage creates a users storage from a backend.
+func NewStorage(back StorageBackend) *Storage {
+	return &Storage{
+		back:    back,
+		updated: map[uint]int64{},
+	}
+}
+
+// Get allows you to get a user by its name or username. The provided
+// id must be a string for username lookup or a uint for id lookup. If id
+// is neither, a ErrInvalidDataType will be returned.
+func (s *Storage) Get(id interface{}) (*User, error) {
+	var (
+		user *User
+		err  error
+	)
+
+	switch id.(type) {
+	case string:
+		user, err = s.back.GetByUsername(id.(string))
+	case uint:
+		user, err = s.back.GetByID(id.(uint))
+	default:
+		return nil, errors.ErrInvalidDataType
+	}
+
+	if err != nil {
+		return nil, err
+	}
+
+	user.Clean()
+	return user, err
+}
+
+// Gets gets a list of all users.
+func (s *Storage) Gets() ([]*User, error) {
+	users, err := s.back.Gets()
+	if err != nil {
+		return nil, err
+	}
+
+	for _, user := range users {
+		user.Clean()
+	}
+
+	return users, err
+}
+
+// Update updates a user in the database.
+func (s *Storage) Update(user *User, fields ...string) error {
+	err := user.Clean(fields...)
+	if err != nil {
+		return err
+	}
+
+	err = s.back.Update(user, fields...)
+	if err != nil {
+		return err
+	}
+
+	s.mux.Lock()
+	s.updated[user.ID] = time.Now().Unix()
+	s.mux.Unlock()
+	return nil
+}
+
+// Save saves the user in a storage.
+func (s *Storage) Save(user *User) error {
+	if err := user.Clean(); err != nil {
+		return err
+	}
+
+	return s.back.Save(user)
+}
+
+// Delete allows you to delete a user by its name or username. The provided
+// id must be a string for username lookup or a uint for id lookup. If id
+// is neither, a ErrInvalidDataType will be returned.
+func (s *Storage) Delete(id interface{}) (err error) {
+	switch id.(type) {
+	case string:
+		err = s.back.DeleteByUsername(id.(string))
+	case uint:
+		err = s.back.DeleteByID(id.(uint))
+	default:
+		err = errors.ErrInvalidDataType
+	}
+
+	return
+}
+
+// LastUpdate gets the timestamp for the last update of an user.
+func (s *Storage) LastUpdate(id uint) int64 {
+	s.mux.RLock()
+	defer s.mux.RUnlock()
+	if val, ok := s.updated[id]; ok {
+		return val
+	}
+	return 0
+}
--- a/users/users.go
+++ b/users/users.go
@ -0,0 +1,117 @@
+package users
+
+import (
+	"github.com/filebrowser/filebrowser/v2/errors"
+	"path/filepath"
+	"regexp"
+
+	"github.com/filebrowser/filebrowser/v2/files"
+	"github.com/filebrowser/filebrowser/v2/rules"
+	"github.com/spf13/afero"
+)
+
+// ViewMode describes a view mode.
+type ViewMode string
+
+const (
+	ListViewMode   ViewMode = "list"
+	MosaicViewMode ViewMode = "mosaic"
+)
+
+// User describes a user.
+type User struct {
+	ID           uint          `storm:"id,increment" json:"id"`
+	Username     string        `storm:"unique" json:"username"`
+	Password     string        `json:"password"`
+	Scope        string        `json:"scope"`
+	Locale       string        `json:"locale"`
+	LockPassword bool          `json:"lockPassword"`
+	ViewMode     ViewMode      `json:"viewMode"`
+	Perm         Permissions   `json:"perm"`
+	Commands     []string      `json:"commands"`
+	Sorting      files.Sorting `json:"sorting"`
+	Fs           afero.Fs      `json:"-"`
+	Rules        []rules.Rule  `json:"rules"`
+}
+
+// GetRules implements rules.Provider.
+func (u *User) GetRules() []rules.Rule {
+	return u.Rules
+}
+
+var checkableFields = []string{
+	"Username",
+	"Password",
+	"Scope",
+	"ViewMode",
+	"Commands",
+	"Sorting",
+	"Rules",
+}
+
+// Clean cleans up a user and verifies if all its fields
+// are alright to be saved.
+func (u *User) Clean(fields ...string) error {
+	if len(fields) == 0 {
+		fields = checkableFields
+	}
+
+	for _, field := range fields {
+		switch field {
+		case "Username":
+			if u.Username == "" {
+				return errors.ErrEmptyUsername
+			}
+		case "Password":
+			if u.Password == "" {
+				return errors.ErrEmptyPassword
+			}
+		case "Scope":
+			if !filepath.IsAbs(u.Scope) {
+				return errors.ErrScopeIsRelative
+			}
+		case "ViewMode":
+			if u.ViewMode == "" {
+				u.ViewMode = ListViewMode
+			}
+		case "Commands":
+			if u.Commands == nil {
+				u.Commands = []string{}
+			}
+		case "Sorting":
+			if u.Sorting.By == "" {
+				u.Sorting.By = "name"
+			}
+		case "Rules":
+			if u.Rules == nil {
+				u.Rules = []rules.Rule{}
+			}
+		}
+	}
+
+	if u.Fs == nil {
+		u.Fs = afero.NewBasePathFs(afero.NewOsFs(), u.Scope)
+	}
+
+	return nil
+}
+
+// FullPath gets the full path for a user's relative path.
+func (u *User) FullPath(path string) string {
+	return afero.FullBaseFsPath(u.Fs.(*afero.BasePathFs), path)
+}
+
+// CanExecute checks if an user can execute a specific command.
+func (u *User) CanExecute(command string) bool {
+	if !u.Perm.Execute {
+		return false
+	}
+
+	for _, cmd := range u.Commands {
+		if regexp.MustCompile(cmd).MatchString(command) {
+			return true
+		}
+	}
+
+	return false
+}