flounder

A simple gemini site builder
Log | Files | Refs | README | LICENSE

commit cc7d3feee74b827a859c04a7d993d8214c52fba5
parent a297c298b1ae42c18be5d1092888c98b76410540
Author: alex wennerberg <alex@alexwennerberg.com>
Date:   Sun, 31 Jan 2021 13:22:37 -0800

Add max file count limit

Diffstat:
Mconfig.go | 1+
Mexample-config.toml | 3++-
Mhttp.go | 36+++++++++++++-----------------------
Mutils.go | 27++++++++++++++-------------
4 files changed, 30 insertions(+), 37 deletions(-)

diff --git a/config.go b/config.go @@ -23,6 +23,7 @@ type Config struct { CookieStoreKey string OkExtensions []string MaxFileBytes int + MaxFilesPerUser int MaxUserBytes int64 SMTPServer string SMTPUsername string diff --git a/example-config.toml b/example-config.toml @@ -28,5 +28,6 @@ DBFile="./flounder.db" MaxFileBytes=128000 # 128 KB MaxUserBytes=10000000 # 10 MB +MaxFilesPerUser=1024 -OkExtensions=[".gmi", ".txt", ".jpg", ".jpeg", ".gif", ".png", ".svg", ".webp", ".midi", ".json", ".csv", ".gemini", ".mp3", ".css", ".ttf", ".otf", ".woff", ".woff2"] +OkExtensions=[".gmi", ".txt", ".jpg", ".jpeg", ".gif", ".png", ".svg", ".webp", ".midi", ".json", ".csv", ".gemini", ".mp3", ".css", ".ttf", ".otf", ".woff", ".woff2", ""] diff --git a/http.go b/http.go @@ -94,7 +94,7 @@ func editFileHandler(w http.ResponseWriter, r *http.Request) { // Unix files use just LF fileText = strings.ReplaceAll(fileText, "\r\n", "\n") fileBytes := []byte(fileText) - err := checkIfValidFile(filePath, fileBytes) + err := checkIfValidFile(user.Username, filePath, fileBytes) if err != nil { log.Println(err) renderError(w, err.Error(), http.StatusBadRequest) @@ -109,25 +109,20 @@ func editFileHandler(w http.ResponseWriter, r *http.Request) { } // create directories if dne os.MkdirAll(path.Dir(filePath), os.ModePerm) - if userHasSpace(user.Username, len(fileBytes)) { - if isText { // Cant edit binary files here - err = ioutil.WriteFile(filePath, fileBytes, 0644) - } - } else { - renderError(w, fmt.Sprintf("Bad Request: Out of file space. Max space: %d.", c.MaxUserBytes), http.StatusBadRequest) - return - } - if err != nil { - panic(err) - } - alert = "saved" newName := filepath.Clean(r.Form.Get("rename")) - err = checkIfValidFile(newName, fileBytes) + err = checkIfValidFile(user.Username, newName, fileBytes) if err != nil { log.Println(err) renderError(w, err.Error(), http.StatusBadRequest) return } + if isText { // Cant edit binary files here + err = ioutil.WriteFile(filePath, fileBytes, 0644) + if err != nil { + log.Println(err) + renderError(w, err.Error(), http.StatusBadRequest) + } + } if newName != fileName { newPath := path.Join(c.FilesDirectory, user.Username, newName) os.MkdirAll(path.Dir(newPath), os.ModePerm) @@ -138,7 +133,7 @@ func editFileHandler(w http.ResponseWriter, r *http.Request) { } } - err := checkIfValidFile(filePath, nil) + err := checkIfValidFile(user.Username, filePath, nil) if err != nil { log.Println(err) renderError(w, err.Error(), http.StatusBadRequest) @@ -192,7 +187,7 @@ func uploadFilesHandler(w http.ResponseWriter, r *http.Request) { return } dest, _ := ioutil.ReadAll(file) - err = checkIfValidFile(fileName, dest) + err = checkIfValidFile(user.Username, fileName, dest) if err != nil { log.Println(err) renderError(w, err.Error(), http.StatusBadRequest) @@ -205,12 +200,7 @@ func uploadFilesHandler(w http.ResponseWriter, r *http.Request) { panic(err) } defer f.Close() - if userHasSpace(user.Username, c.MaxFileBytes) { // Not quite right - io.Copy(f, bytes.NewReader(dest)) - } else { - renderError(w, fmt.Sprintf("Bad Request: Out of file space. Max space: %d.", c.MaxUserBytes), http.StatusBadRequest) - return - } + io.Copy(f, bytes.NewReader(dest)) } http.Redirect(w, r, "/my_site", http.StatusSeeOther) } @@ -764,7 +754,7 @@ func runHTTPServer() { serveMux.HandleFunc(hostname+"/delete-account", deleteAccountHandler) serveMux.HandleFunc(hostname+"/reset-password", resetPasswordHandler) - // Check domain -- used by caddy + // Used by Caddy serveMux.HandleFunc(hostname+"/check-domain", checkDomainHandler) // admin commands diff --git a/utils.go b/utils.go @@ -142,16 +142,6 @@ func safeGetFilePath(username string, filename string) string { return path.Join(getUserDirectory(username), filepath.Clean(filename)) } -// TODO move into checkIfValidFile. rename it -func userHasSpace(user string, newBytes int) bool { - userPath := path.Join(c.FilesDirectory, user) - size, err := dirSize(userPath) - if err != nil || size+int64(newBytes) > c.MaxUserBytes { - return false - } - return true -} - func dirSize(path string) (int64, error) { var size int64 err := filepath.Walk(path, func(_ string, info os.FileInfo, err error) error { @@ -166,8 +156,8 @@ func dirSize(path string) (int64, error) { return size, err } -/// Perform some checks to make sure the file is OK -func checkIfValidFile(filename string, fileBytes []byte) error { +/// Perform some checks to make sure the file is OK to upload +func checkIfValidFile(username string, filename string, fileBytes []byte) error { if len(filename) == 0 { return fmt.Errorf("Please enter a filename") } @@ -187,7 +177,18 @@ func checkIfValidFile(filename string, fileBytes []byte) error { if len(fileBytes) > c.MaxFileBytes { return fmt.Errorf("File too large. File was %d bytes, Max file size is %d", len(fileBytes), c.MaxFileBytes) } - // + userFolder := getUserDirectory(username) + myFiles, err := getMyFilesRecursive(userFolder, username) + if err != nil { + return err + } + if len(myFiles) >= c.MaxFilesPerUser { + return fmt.Errorf("You have reached the max number of files. Delete some before uploading") + } + size, err := dirSize(userFolder) + if err != nil || size+int64(len(fileBytes)) > c.MaxUserBytes { + return fmt.Errorf("You are out of storage space. Delete some files before continuing.") + } return nil }