fix file permission bug
This commit is contained in:
parent
5dff1fd490
commit
95cdebcc09
|
@ -54,7 +54,8 @@ func GoFmtHandler(w http.ResponseWriter, r *http.Request) {
|
|||
filePath := args["file"].(string)
|
||||
|
||||
if util.Go.IsAPI(filePath) {
|
||||
// ignore it
|
||||
data["succ"] = false
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
|
|
|
@ -101,7 +101,7 @@ func GetFilesHandler(w http.ResponseWriter, r *http.Request) {
|
|||
workspaceNode := Node{
|
||||
Id: filepath.ToSlash(workspacePath), // jQuery API can't accept "\", so we convert it to "/"
|
||||
Name: workspace[strings.LastIndex(workspace, conf.PathSeparator)+1:],
|
||||
Path: workspacePath,
|
||||
Path: filepath.ToSlash(workspacePath),
|
||||
IconSkin: "ico-ztree-dir-workspace ",
|
||||
Type: "d",
|
||||
Creatable: true,
|
||||
|
@ -134,7 +134,7 @@ func RefreshDirectoryHandler(w http.ResponseWriter, r *http.Request) {
|
|||
r.ParseForm()
|
||||
path := r.FormValue("path")
|
||||
|
||||
if !authWorkspace(username, path) {
|
||||
if !util.Go.IsAPI(path) && !session.CanAccess(username, path) {
|
||||
http.Error(w, "Forbidden", http.StatusForbidden)
|
||||
|
||||
return
|
||||
|
@ -178,7 +178,7 @@ func GetFileHandler(w http.ResponseWriter, r *http.Request) {
|
|||
|
||||
path := args["path"].(string)
|
||||
|
||||
if !authWorkspace(username, path) {
|
||||
if !util.Go.IsAPI(path) && !session.CanAccess(username, path) {
|
||||
http.Error(w, "Forbidden", http.StatusForbidden)
|
||||
|
||||
return
|
||||
|
@ -252,7 +252,7 @@ func SaveFileHandler(w http.ResponseWriter, r *http.Request) {
|
|||
filePath := args["file"].(string)
|
||||
sid := args["sid"].(string)
|
||||
|
||||
if !authWorkspace(username, filePath) {
|
||||
if util.Go.IsAPI(filePath) || !session.CanAccess(username, filePath) {
|
||||
http.Error(w, "Forbidden", http.StatusForbidden)
|
||||
|
||||
return
|
||||
|
@ -307,7 +307,7 @@ func NewFileHandler(w http.ResponseWriter, r *http.Request) {
|
|||
|
||||
path := args["path"].(string)
|
||||
|
||||
if !authWorkspace(username, path) {
|
||||
if util.Go.IsAPI(path) || !session.CanAccess(username, path) {
|
||||
http.Error(w, "Forbidden", http.StatusForbidden)
|
||||
|
||||
return
|
||||
|
@ -358,7 +358,8 @@ func RemoveFileHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
path := args["path"].(string)
|
||||
if !authWorkspace(username, path) {
|
||||
|
||||
if util.Go.IsAPI(path) || !session.CanAccess(username, path) {
|
||||
http.Error(w, "Forbidden", http.StatusForbidden)
|
||||
|
||||
return
|
||||
|
@ -403,14 +404,15 @@ func RenameFileHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
oldPath := args["oldPath"].(string)
|
||||
if !authWorkspace(username, oldPath) {
|
||||
if util.Go.IsAPI(oldPath) ||
|
||||
!session.CanAccess(username, oldPath) {
|
||||
http.Error(w, "Forbidden", http.StatusForbidden)
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
newPath := args["newPath"].(string)
|
||||
if !authWorkspace(username, newPath) {
|
||||
if util.Go.IsAPI(newPath) || !session.CanAccess(username, newPath) {
|
||||
http.Error(w, "Forbidden", http.StatusForbidden)
|
||||
|
||||
return
|
||||
|
@ -466,7 +468,7 @@ func FindHandler(w http.ResponseWriter, r *http.Request) {
|
|||
}
|
||||
|
||||
path := args["path"].(string) // path of selected file in file tree
|
||||
if !authWorkspace(username, path) {
|
||||
if !util.Go.IsAPI(path) && !session.CanAccess(username, path) {
|
||||
http.Error(w, "Forbidden", http.StatusForbidden)
|
||||
|
||||
return
|
||||
|
@ -561,7 +563,7 @@ func walk(path string, node *Node, creatable, removable, isGOAPI bool) {
|
|||
child := Node{
|
||||
Id: filepath.ToSlash(fpath), // jQuery API can't accept "\", so we convert it to "/"
|
||||
Name: filename,
|
||||
Path: fpath,
|
||||
Path: filepath.ToSlash(fpath),
|
||||
Removable: removable,
|
||||
IsGoAPI: isGOAPI,
|
||||
Children: []*Node{}}
|
||||
|
@ -844,22 +846,3 @@ func searchInFile(path string, text string) []*Snippet {
|
|||
|
||||
return ret
|
||||
}
|
||||
|
||||
func authWorkspace(username, path string) bool {
|
||||
path = filepath.FromSlash(path)
|
||||
|
||||
if strings.HasPrefix(path, util.Go.GetAPIPath()) {
|
||||
return true
|
||||
}
|
||||
|
||||
userWorkspace := conf.GetUserWorkspace(username)
|
||||
workspaces := filepath.SplitList(userWorkspace)
|
||||
|
||||
for _, workspace := range workspaces {
|
||||
if strings.HasPrefix(path, workspace) {
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
||||
return false
|
||||
}
|
||||
|
|
|
@ -59,6 +59,13 @@ func BuildHandler(w http.ResponseWriter, r *http.Request) {
|
|||
sid := args["sid"].(string)
|
||||
|
||||
filePath := args["file"].(string)
|
||||
|
||||
if util.Go.IsAPI(filePath) || !session.CanAccess(username, filePath) {
|
||||
http.Error(w, "Forbidden", http.StatusForbidden)
|
||||
|
||||
return
|
||||
}
|
||||
|
||||
curDir := filepath.Dir(filePath)
|
||||
|
||||
fout, err := os.Create(filePath)
|
||||
|
|
|
@ -305,6 +305,22 @@ func FixedTimeSave() {
|
|||
}()
|
||||
}
|
||||
|
||||
// CanAccess determines whether the user specified by the given username can access the specified path.
|
||||
func CanAccess(username, path string) bool {
|
||||
path = filepath.FromSlash(path)
|
||||
|
||||
userWorkspace := conf.GetUserWorkspace(username)
|
||||
workspaces := filepath.SplitList(userWorkspace)
|
||||
|
||||
for _, workspace := range workspaces {
|
||||
if strings.HasPrefix(path, workspace) {
|
||||
return true
|
||||
}
|
||||
}
|
||||
|
||||
return false
|
||||
}
|
||||
|
||||
func getOnlineUsers() []*conf.User {
|
||||
ret := []*conf.User{}
|
||||
|
||||
|
|
|
@ -335,6 +335,7 @@ var editors = {
|
|||
},
|
||||
_initCodeMirrorHotKeys: function () {
|
||||
CodeMirror.registerHelper("hint", "go", function (editor) {
|
||||
editor = wide.curEditor; // 使用当前编辑器覆盖实参,因为异步调用的原因,实参不一定正确
|
||||
var word = /[\w$]+/;
|
||||
|
||||
var cur = editor.getCursor(), curLine = editor.getLine(cur.line);
|
||||
|
@ -415,7 +416,7 @@ var editors = {
|
|||
}
|
||||
|
||||
editor.doc.markClean();
|
||||
$(".edit-panel .tabs > div.current > span").removeClass("changed");
|
||||
$(".edit-panel .tabs .current > span:eq(0)").removeClass("changed");
|
||||
}
|
||||
});
|
||||
|
||||
|
@ -786,6 +787,7 @@ var editors = {
|
|||
foldGutter: true,
|
||||
cursorHeight: 1,
|
||||
path: data.path,
|
||||
readOnly: wide.curNode.isGOAPI,
|
||||
profile: 'xhtml', // define Emmet output profile
|
||||
extraKeys: {
|
||||
"Ctrl-\\": "autocompleteAnyWord",
|
||||
|
|
|
@ -499,10 +499,7 @@ var tree = {
|
|||
request = newWideRequest();
|
||||
|
||||
request.oldPath = wide.curNode.path;
|
||||
|
||||
request.newPath = wide.curNode.path.substring(0,
|
||||
wide.curNode.path.lastIndexOf(config.pathSeparator))
|
||||
+ config.pathSeparator + name;
|
||||
request.newPath = wide.curNode.path.substring(0, wide.curNode.path.lastIndexOf("/")) + name;
|
||||
|
||||
$.ajax({
|
||||
type: 'POST',
|
||||
|
|
|
@ -164,7 +164,7 @@ var wide = {
|
|||
var request = newWideRequest(),
|
||||
name = $("#dialogNewFilePrompt > input").val();
|
||||
|
||||
request.path = wide.curNode.path + config.pathSeparator + name;
|
||||
request.path = wide.curNode.path + "/" + name;
|
||||
request.fileType = "f";
|
||||
|
||||
$.ajax({
|
||||
|
@ -214,7 +214,7 @@ var wide = {
|
|||
var name = $("#dialogNewDirPrompt > input").val(),
|
||||
request = newWideRequest();
|
||||
|
||||
request.path = wide.curNode.path + config.pathSeparator + name;
|
||||
request.path = wide.curNode.path + "/" + name;
|
||||
request.fileType = "d";
|
||||
|
||||
$.ajax({
|
||||
|
@ -300,7 +300,7 @@ var wide = {
|
|||
var goFileHTML = '';
|
||||
for (var i = 0, max = data.founds.length; i < max; i++) {
|
||||
var path = data.founds[i].path,
|
||||
name = path.substr(path.lastIndexOf(config.pathSeparator) + 1),
|
||||
name = path.substr(path.lastIndexOf("/") + 1),
|
||||
icoSkin = wide.getClassBySuffix(name.split(".")[1]);
|
||||
if (i === 0) {
|
||||
goFileHTML += '<li data-index="' + i + '" class="selected" title="'
|
||||
|
|
|
@ -50,7 +50,7 @@ func (*mygo) GetAPIPath() string {
|
|||
func (*mygo) IsAPI(path string) bool {
|
||||
apiPath := Go.GetAPIPath()
|
||||
|
||||
return strings.HasPrefix(path, apiPath)
|
||||
return strings.HasPrefix(filepath.FromSlash(path), apiPath)
|
||||
}
|
||||
|
||||
// GetGoFormats gets Go format tools. It may return ["gofmt", "goimports"].
|
||||
|
|
Loading…
Reference in New Issue