This commit is contained in:
Liang Ding 2015-04-29 18:04:30 +08:00
parent 3ee68aa6ce
commit e3b5fbbfa8
1 changed files with 128 additions and 11 deletions

View File

@ -74,16 +74,16 @@ func initAPINode() {
// The Go API source code package also as a child node, // The Go API source code package also as a child node,
// so that users can easily view the Go API source code in file tree. // so that users can easily view the Go API source code in file tree.
func GetFilesHandler(w http.ResponseWriter, r *http.Request) { func GetFilesHandler(w http.ResponseWriter, r *http.Request) {
data := map[string]interface{}{"succ": true} httpSession, _ := session.HTTPSession.Get(r, "wide-session")
defer util.RetGzJSON(w, r, data) if httpSession.IsNew {
session, _ := session.HTTPSession.Get(r, "wide-session")
if session.IsNew {
http.Error(w, "Forbidden", http.StatusForbidden) http.Error(w, "Forbidden", http.StatusForbidden)
return return
} }
username := session.Values["username"].(string) username := httpSession.Values["username"].(string)
data := map[string]interface{}{"succ": true}
defer util.RetGzJSON(w, r, data)
userWorkspace := conf.GetUserWorkspace(username) userWorkspace := conf.GetUserWorkspace(username)
workspaces := filepath.SplitList(userWorkspace) workspaces := filepath.SplitList(userWorkspace)
@ -123,9 +123,23 @@ func GetFilesHandler(w http.ResponseWriter, r *http.Request) {
// RefreshDirectoryHandler handles request of refresh a directory of file tree. // RefreshDirectoryHandler handles request of refresh a directory of file tree.
func RefreshDirectoryHandler(w http.ResponseWriter, r *http.Request) { func RefreshDirectoryHandler(w http.ResponseWriter, r *http.Request) {
httpSession, _ := session.HTTPSession.Get(r, "wide-session")
if httpSession.IsNew {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
username := httpSession.Values["username"].(string)
r.ParseForm() r.ParseForm()
path := r.FormValue("path") path := r.FormValue("path")
if !authWorkspace(username, path) {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
node := Node{Name: "root", Path: path, IconSkin: "ico-ztree-dir ", Type: "d", Children: []*Node{}} node := Node{Name: "root", Path: path, IconSkin: "ico-ztree-dir ", Type: "d", Children: []*Node{}}
walk(path, &node, true, true, false) walk(path, &node, true, true, false)
@ -142,6 +156,14 @@ func RefreshDirectoryHandler(w http.ResponseWriter, r *http.Request) {
// GetFileHandler handles request of opening file by editor. // GetFileHandler handles request of opening file by editor.
func GetFileHandler(w http.ResponseWriter, r *http.Request) { func GetFileHandler(w http.ResponseWriter, r *http.Request) {
httpSession, _ := session.HTTPSession.Get(r, "wide-session")
if httpSession.IsNew {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
username := httpSession.Values["username"].(string)
data := map[string]interface{}{"succ": true} data := map[string]interface{}{"succ": true}
defer util.RetJSON(w, r, data) defer util.RetJSON(w, r, data)
@ -156,6 +178,12 @@ func GetFileHandler(w http.ResponseWriter, r *http.Request) {
path := args["path"].(string) path := args["path"].(string)
if !authWorkspace(username, path) {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
size := util.File.GetFileSize(path) size := util.File.GetFileSize(path)
if size > 5242880 { // 5M if size > 5242880 { // 5M
data["succ"] = false data["succ"] = false
@ -201,6 +229,14 @@ func GetFileHandler(w http.ResponseWriter, r *http.Request) {
// SaveFileHandler handles request of saving file. // SaveFileHandler handles request of saving file.
func SaveFileHandler(w http.ResponseWriter, r *http.Request) { func SaveFileHandler(w http.ResponseWriter, r *http.Request) {
httpSession, _ := session.HTTPSession.Get(r, "wide-session")
if httpSession.IsNew {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
username := httpSession.Values["username"].(string)
data := map[string]interface{}{"succ": true} data := map[string]interface{}{"succ": true}
defer util.RetJSON(w, r, data) defer util.RetJSON(w, r, data)
@ -216,6 +252,12 @@ func SaveFileHandler(w http.ResponseWriter, r *http.Request) {
filePath := args["file"].(string) filePath := args["file"].(string)
sid := args["sid"].(string) sid := args["sid"].(string)
if !authWorkspace(username, filePath) {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
fout, err := os.Create(filePath) fout, err := os.Create(filePath)
if nil != err { if nil != err {
@ -243,6 +285,14 @@ func SaveFileHandler(w http.ResponseWriter, r *http.Request) {
// NewFileHandler handles request of creating file or directory. // NewFileHandler handles request of creating file or directory.
func NewFileHandler(w http.ResponseWriter, r *http.Request) { func NewFileHandler(w http.ResponseWriter, r *http.Request) {
httpSession, _ := session.HTTPSession.Get(r, "wide-session")
if httpSession.IsNew {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
username := httpSession.Values["username"].(string)
data := map[string]interface{}{"succ": true} data := map[string]interface{}{"succ": true}
defer util.RetJSON(w, r, data) defer util.RetJSON(w, r, data)
@ -256,6 +306,13 @@ func NewFileHandler(w http.ResponseWriter, r *http.Request) {
} }
path := args["path"].(string) path := args["path"].(string)
if !authWorkspace(username, path) {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
fileType := args["fileType"].(string) fileType := args["fileType"].(string)
sid := args["sid"].(string) sid := args["sid"].(string)
@ -280,6 +337,14 @@ func NewFileHandler(w http.ResponseWriter, r *http.Request) {
// RemoveFileHandler handles request of removing file or directory. // RemoveFileHandler handles request of removing file or directory.
func RemoveFileHandler(w http.ResponseWriter, r *http.Request) { func RemoveFileHandler(w http.ResponseWriter, r *http.Request) {
httpSession, _ := session.HTTPSession.Get(r, "wide-session")
if httpSession.IsNew {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
username := httpSession.Values["username"].(string)
data := map[string]interface{}{"succ": true} data := map[string]interface{}{"succ": true}
defer util.RetJSON(w, r, data) defer util.RetJSON(w, r, data)
@ -293,6 +358,12 @@ func RemoveFileHandler(w http.ResponseWriter, r *http.Request) {
} }
path := args["path"].(string) path := args["path"].(string)
if !authWorkspace(username, path) {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
sid := args["sid"].(string) sid := args["sid"].(string)
wSession := session.WideSessions.Get(sid) wSession := session.WideSessions.Get(sid)
@ -311,6 +382,14 @@ func RemoveFileHandler(w http.ResponseWriter, r *http.Request) {
// RenameFileHandler handles request of renaming file or directory. // RenameFileHandler handles request of renaming file or directory.
func RenameFileHandler(w http.ResponseWriter, r *http.Request) { func RenameFileHandler(w http.ResponseWriter, r *http.Request) {
httpSession, _ := session.HTTPSession.Get(r, "wide-session")
if httpSession.IsNew {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
username := httpSession.Values["username"].(string)
data := map[string]interface{}{"succ": true} data := map[string]interface{}{"succ": true}
defer util.RetJSON(w, r, data) defer util.RetJSON(w, r, data)
@ -324,7 +403,19 @@ func RenameFileHandler(w http.ResponseWriter, r *http.Request) {
} }
oldPath := args["oldPath"].(string) oldPath := args["oldPath"].(string)
if !authWorkspace(username, oldPath) {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
newPath := args["newPath"].(string) newPath := args["newPath"].(string)
if !authWorkspace(username, newPath) {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
sid := args["sid"].(string) sid := args["sid"].(string)
wSession := session.WideSessions.Get(sid) wSession := session.WideSessions.Get(sid)
@ -355,6 +446,14 @@ func (f foundPaths) Less(i, j int) bool { return f[i].score > f[j].score }
// FindHandler handles request of find files under the specified directory with the specified filename pattern. // FindHandler handles request of find files under the specified directory with the specified filename pattern.
func FindHandler(w http.ResponseWriter, r *http.Request) { func FindHandler(w http.ResponseWriter, r *http.Request) {
httpSession, _ := session.HTTPSession.Get(r, "wide-session")
if httpSession.IsNew {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
username := httpSession.Values["username"].(string)
data := map[string]interface{}{"succ": true} data := map[string]interface{}{"succ": true}
defer util.RetJSON(w, r, data) defer util.RetJSON(w, r, data)
@ -367,15 +466,13 @@ func FindHandler(w http.ResponseWriter, r *http.Request) {
} }
path := args["path"].(string) // path of selected file in file tree path := args["path"].(string) // path of selected file in file tree
name := args["name"].(string) if !authWorkspace(username, path) {
session, _ := session.HTTPSession.Get(r, "wide-session")
if session.IsNew {
http.Error(w, "Forbidden", http.StatusForbidden) http.Error(w, "Forbidden", http.StatusForbidden)
return return
} }
username := session.Values["username"].(string)
name := args["name"].(string)
userWorkspace := conf.GetUserWorkspace(username) userWorkspace := conf.GetUserWorkspace(username)
workspaces := filepath.SplitList(userWorkspace) workspaces := filepath.SplitList(userWorkspace)
@ -403,6 +500,13 @@ func FindHandler(w http.ResponseWriter, r *http.Request) {
// SearchTextHandler handles request of searching files under the specified directory with the specified keyword. // SearchTextHandler handles request of searching files under the specified directory with the specified keyword.
func SearchTextHandler(w http.ResponseWriter, r *http.Request) { func SearchTextHandler(w http.ResponseWriter, r *http.Request) {
httpSession, _ := session.HTTPSession.Get(r, "wide-session")
if httpSession.IsNew {
http.Error(w, "Forbidden", http.StatusForbidden)
return
}
data := map[string]interface{}{"succ": true} data := map[string]interface{}{"succ": true}
defer util.RetJSON(w, r, data) defer util.RetJSON(w, r, data)
@ -740,3 +844,16 @@ func searchInFile(path string, text string) []*Snippet {
return ret return ret
} }
func authWorkspace(username, path string) bool {
userWorkspace := conf.GetUserWorkspace(username)
workspaces := filepath.SplitList(userWorkspace)
for _, workspace := range workspaces {
if strings.HasPrefix(path, workspace) {
return true
}
}
return false
}