Robot
/
updog
mirror of https://github.com/sc0tfree/updog.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add control flags for disabling upload/download/listing.

This commit is contained in:
Alan Deutscher 2020-02-25 00:12:11 -08:00
parent 28a1ac1612
commit 9ffc5a21a9
2 changed files with 43 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

45
updog/__main__.py
View File

@ -13,7 +13,7 @@ from updog.utils.output import error, info, warn, success
from updog import version as VERSION
def read_write_directory(directory):
def check_read_write_directory(directory):
if os.path.exists(directory):
if os.access(directory, os.W_OK and os.R_OK):
return directory
@ -22,11 +22,10 @@ def read_write_directory(directory):
else:
error('The specified directory does not exist')
def parse_arguments():
parser = argparse.ArgumentParser(prog='updog')
cwd = os.getcwd()
parser.add_argument('-d', '--directory', metavar='DIRECTORY', type=read_write_directory, default=cwd,
parser.add_argument('-d', '--directory', metavar='DIRECTORY', type=check_read_write_directory, default=cwd,
help='Root directory\n'
'[Default=.]')
parser.add_argument('-p', '--port', type=int, default=9090,
@ -35,6 +34,11 @@ def parse_arguments():
parser.add_argument('--ssl', action='store_true', help='Use an encrypted connection')
parser.add_argument('--version', action='version', version='%(prog)s v'+VERSION)
# Content control flags
parser.add_argument('--no-download', action='store_true', help='Disable file download.')
parser.add_argument('--no-listing', action='store_true', help='Disable file listing.')
parser.add_argument('--no-upload', action='store_true', help='Disable file upload.')
args = parser.parse_args()
# Normalize the path
@ -79,6 +83,9 @@ def main():
# If file
elif os.path.isfile(requested_path):
if args.no_download:
abort(403, 'Read Permission Denied: ' + requested_path)
# Check if the view flag is set
if request.args.get('view') is None:
send_as_attachment = True
@ -103,15 +110,32 @@ def main():
requested_path = base_directory
back = ''
if args.no_listing and requested_path != base_directory:
return redirect('/')
if os.path.exists(requested_path):
# Read the files
try:
directory_files = process_files(os.scandir(requested_path), base_directory)
except PermissionError:
abort(403, 'Read Permission Denied: ' + requested_path)
return render_template('home.html', files=directory_files, back=back,
directory=requested_path, is_subdirectory=is_subdirectory, version=VERSION)
if args.no_listing:
directory_files = []
else:
try:
directory_files = process_files(os.scandir(requested_path), base_directory)
except PermissionError:
abort(403, 'Read Permission Denied: ' + requested_path)
return render_template(
'home.html',
files=directory_files,
allow_download = not args.no_download,
allow_listing = not args.no_listing,
allow_upload = not args.no_upload,
back=back,
directory=requested_path,
is_subdirectory=is_subdirectory,
version=VERSION
)
else:
return redirect('/')
@ -123,6 +147,9 @@ def main():
def upload():
if request.method == 'POST':
if args.no_upload:
abort(405, 'Uploads are not allowed.')
# No file part - needs to check before accessing the files['file']
if 'file' not in request.files:
return redirect(request.referrer)

8
updog/templates/home.html
View File

@ -59,6 +59,7 @@
</section>
{% endif %}
{% if allow_listing %}
<!-- Table -->
<section class="table_p table-responsive">
<table id="tableData" class="table table-hover compact">
@ -82,7 +83,11 @@
{% endif %}
</td>
<td> <!-- Name -->
{% if file.is_dir or allow_download %}
<a href="/{{ file.rel_path }}">{{ file.name }}{% if file.is_dir %}/{% endif %}</a>
{% else %}
{{ file.name }}
{% endif %}
</td>
<td data-order="{{ file.size_sort }}"> <!-- File size -->
{{ file.size }}
@ -100,6 +105,7 @@
</tbody>
</table>
</section>
{% endif %}
<footer>
<p>
@ -115,4 +121,4 @@
<script src="{{ url_for('static', filename='js/main.js') }}"></script>
</body>
</html>
</html>