forked from neri/datatrash
181 lines
6.4 KiB
Rust
181 lines
6.4 KiB
Rust
use crate::{config, file_kind::FileKind};
|
|
use actix_multipart::{Field, Multipart};
|
|
use actix_web::{error, http::header::DispositionParam};
|
|
use async_std::{fs, fs::File, path::Path, prelude::*};
|
|
use chrono::{prelude::*, Duration};
|
|
use futures::{StreamExt, TryStreamExt};
|
|
|
|
pub(crate) struct UploadConfig {
|
|
pub original_name: String,
|
|
pub valid_till: DateTime<Local>,
|
|
pub kind: FileKind,
|
|
pub delete_on_download: bool,
|
|
}
|
|
|
|
pub(crate) async fn parse_multipart(
|
|
mut payload: Multipart,
|
|
file_id: &str,
|
|
filename: &Path,
|
|
config: &config::Config,
|
|
) -> Result<UploadConfig, error::Error> {
|
|
let mut original_name: Option<String> = None;
|
|
let mut keep_for: Option<String> = None;
|
|
let mut kind: Option<FileKind> = None;
|
|
let mut delete_on_download = false;
|
|
let mut password = None;
|
|
let mut size = 0;
|
|
|
|
while let Ok(Some(field)) = payload.try_next().await {
|
|
let name = get_field_name(&field)?;
|
|
let name = name.as_str();
|
|
match name {
|
|
"keep_for" => {
|
|
keep_for = Some(parse_string(name, field).await?);
|
|
}
|
|
"file" => {
|
|
let file_original_name = get_original_filename(&field);
|
|
if file_original_name == None || file_original_name.as_deref() == Some("") {
|
|
continue;
|
|
}
|
|
original_name = file_original_name;
|
|
kind = Some(FileKind::Binary);
|
|
let mut file = fs::File::create(&filename).await.map_err(|file_err| {
|
|
log::error!("could not create file {:?}", file_err);
|
|
error::ErrorInternalServerError("could not create file")
|
|
})?;
|
|
size = write_to_file(&mut file, field, config.max_file_size).await?;
|
|
}
|
|
"text" => {
|
|
if original_name.is_some() {
|
|
continue;
|
|
}
|
|
original_name = Some(format!("{}.txt", file_id));
|
|
kind = Some(FileKind::Text);
|
|
let mut file = fs::File::create(&filename).await.map_err(|file_err| {
|
|
log::error!("could not create file {:?}", file_err);
|
|
error::ErrorInternalServerError("could not create file")
|
|
})?;
|
|
size = write_to_file(&mut file, field, config.max_file_size).await?;
|
|
}
|
|
"delete_on_download" => {
|
|
delete_on_download = dbg!(parse_string(name, field).await?) != "false";
|
|
}
|
|
"password" => {
|
|
password = Some(parse_string(name, field).await?);
|
|
}
|
|
_ => {}
|
|
};
|
|
}
|
|
|
|
let original_name = original_name.ok_or_else(|| error::ErrorBadRequest("no content found"))?;
|
|
let kind = kind.ok_or_else(|| error::ErrorBadRequest("no content found"))?;
|
|
|
|
if original_name.len() > 255 {
|
|
return Err(error::ErrorBadRequest("filename is too long"));
|
|
}
|
|
let validated_keep_for: u64 = if let Some(keep_for) = keep_for {
|
|
let seconds = keep_for.parse().map_err(|e| {
|
|
error::ErrorBadRequest(format!("field keep_for is not a number: {}", e))
|
|
})?;
|
|
let max_keep_for = Duration::days(31).num_seconds() as u64;
|
|
if seconds > max_keep_for {
|
|
return Err(error::ErrorBadRequest(format!(
|
|
"maximum allowed validity is {} seconds, but you specified {} seconds",
|
|
max_keep_for, seconds
|
|
)));
|
|
}
|
|
seconds
|
|
} else {
|
|
1800
|
|
};
|
|
let valid_till = Local::now() + Duration::seconds(validated_keep_for as i64);
|
|
|
|
check_auth_requirements(size, validated_keep_for, password, config)?;
|
|
|
|
Ok(UploadConfig {
|
|
original_name,
|
|
valid_till,
|
|
kind,
|
|
delete_on_download,
|
|
})
|
|
}
|
|
|
|
fn check_auth_requirements(
|
|
size: u64,
|
|
validated_keep_for: u64,
|
|
password: Option<String>,
|
|
config: &config::Config,
|
|
) -> Result<(), error::Error> {
|
|
if let Some(no_auth_limits) = &config.no_auth_limits {
|
|
let requires_auth = validated_keep_for > no_auth_limits.max_time
|
|
|| validated_keep_for > no_auth_limits.large_file_max_time
|
|
&& size > no_auth_limits.large_file_size;
|
|
if requires_auth && password.as_ref() != Some(&no_auth_limits.auth_password) {
|
|
return Err(error::ErrorBadRequest(
|
|
"upload requires authentication, but authentication was incorrect",
|
|
));
|
|
}
|
|
}
|
|
Ok(())
|
|
}
|
|
|
|
fn get_field_name(field: &Field) -> Result<String, error::Error> {
|
|
Ok(field
|
|
.content_disposition()
|
|
.ok_or(error::ParseError::Incomplete)?
|
|
.get_name()
|
|
.map(|s| s.to_owned())
|
|
.ok_or(error::ParseError::Incomplete)?)
|
|
}
|
|
|
|
async fn parse_string(name: &str, field: actix_multipart::Field) -> Result<String, error::Error> {
|
|
let data = read_content(field).await?;
|
|
String::from_utf8(data)
|
|
.map_err(|_| error::ErrorBadRequest(format!("could not parse field {} as utf-8", name)))
|
|
}
|
|
|
|
async fn read_content(mut field: actix_multipart::Field) -> Result<Vec<u8>, error::Error> {
|
|
let mut data = Vec::new();
|
|
while let Some(chunk) = field.next().await {
|
|
data.extend(chunk.map_err(error::ErrorBadRequest)?);
|
|
}
|
|
Ok(data)
|
|
}
|
|
|
|
async fn write_to_file(
|
|
file: &mut File,
|
|
mut field: actix_multipart::Field,
|
|
max_size: Option<u64>,
|
|
) -> Result<u64, error::Error> {
|
|
let mut written_bytes: u64 = 0;
|
|
while let Some(chunk) = field.next().await {
|
|
let chunk = chunk.map_err(error::ErrorBadRequest)?;
|
|
written_bytes += chunk.len() as u64;
|
|
if let Some(max_size) = max_size {
|
|
if written_bytes > max_size {
|
|
return Err(error::ErrorBadRequest(format!(
|
|
"exceeded maximum file size of {} bytes",
|
|
max_size
|
|
)));
|
|
}
|
|
}
|
|
file.write_all(chunk.as_ref()).await.map_err(|write_err| {
|
|
log::error!("could not write file {:?}", write_err);
|
|
error::ErrorInternalServerError("could not write file")
|
|
})?;
|
|
}
|
|
Ok(written_bytes)
|
|
}
|
|
|
|
fn get_original_filename(field: &actix_multipart::Field) -> Option<String> {
|
|
field.content_disposition().and_then(|content_disposition| {
|
|
content_disposition
|
|
.parameters
|
|
.into_iter()
|
|
.find_map(|param| match param {
|
|
DispositionParam::Filename(filename) => Some(filename),
|
|
_ => None,
|
|
})
|
|
})
|
|
}
|